$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.mft File: gFHy7O_CQumvnx5FSk-3llkbjas.mft (raw, json) Hash identifier: crvFythhOII36T06klaSlrdstKxvQbOF42KAG3ypCkM= Subject key identifier: B3:F4:1E:4B:D4:12:F0:37:18:44:B2:30:AC:07:B4:A4:B3:4E:4E:0F Authority key identifier: 80:51:F2:EC:EF:C2:42:E9:AF:9F:1E:45:4A:4F:B7:96:59:1B:8D:AB Certificate issuer: /CN=8051F2ECEFC242E9AF9F1E454A4FB796591B8DAB Certificate serial: 1489 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.mft Manifest number: 145F Signing time: Wed 22 Oct 2025 21:55:15 +0000 Manifest this update: Wed 22 Oct 2025 21:55:15 +0000 Manifest next update: Fri 24 Oct 2025 21:55:15 +0000 Files and hashes: 1: 31m7dx_bn0Ro8ePcnB2TYVLaCKo.roa (hash: q27K7syNnI6b+P8BSh5Is6tYNQbmHPJyp56ERdT/Jm8=) 2: C-2l4-5lLtB18jchVLlfhpvA0Ac.roa (hash: aQDdazI7yAsxvVxYbta5QXOcf4rSIc2slfFRuknYIt8=) 3: ZaEYdQEYlwV-99ewE3_Pl_5c-KM.roa (hash: 6c2SxvONR/8qBuF3lZJ54LOGkZExJj3WEROWJnwl/q0=) 4: gFHy7O_CQumvnx5FSk-3llkbjas.crl (hash: hI37juapTC7Q12IZHWuVGEjonwy37b3OZ5QIS4H+loo=) 5: tD6C8fAbkv4Tw-j0az_FdowFa6g.roa (hash: E1/GW3SC5d67/+/8Koshd/Wi/2b0bOuMZ4db7+CIyzI=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 12:27:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5257 (0x1489) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8051F2ECEFC242E9AF9F1E454A4FB796591B8DAB Validity Not Before: Oct 22 21:55:15 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=B3F41E4BD412F0371844B230AC07B4A4B34E4E0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:bb:c8:a4:92:b6:18:8b:21:23:0d:eb:65:b6: c0:c0:b2:90:1b:32:af:50:df:84:ca:45:a1:f7:48: 3d:96:c1:e1:de:d5:74:1b:67:9b:23:75:d1:bc:f0: e2:bb:aa:14:7e:15:63:3c:af:29:d2:2b:76:82:cf: 8c:a5:56:b6:29:d1:b9:68:30:68:90:d6:d3:70:f1: c7:9c:48:b5:37:e0:e4:2a:97:63:be:22:97:d7:47: 19:69:af:ee:c0:8b:75:ad:c6:db:68:7d:5f:e2:7e: 25:c6:bc:81:a5:29:9b:09:f0:94:d5:64:a8:9d:a9: 82:68:20:84:69:5b:56:c2:9b:dc:92:4e:b6:6e:50: 06:be:7c:10:4b:a1:05:9e:34:f7:40:86:e6:5c:d9: 49:a8:df:d8:39:3d:92:2b:0b:75:3f:b6:9c:1e:8a: 96:79:24:3c:d5:3c:2f:1c:0c:2d:c3:9e:dd:fe:c6: 79:27:f0:5f:7d:19:39:26:90:63:67:6b:92:c7:a7: 2c:dd:0a:c6:8c:f4:4b:11:0c:43:28:f3:91:b7:e2: f5:7e:f6:35:20:01:8c:78:67:a5:f5:ee:56:af:63: 0c:9b:69:c1:b5:a9:a1:f3:10:5d:e1:ab:58:33:31: e4:55:38:bb:d5:cc:95:6f:ec:62:e2:ef:d5:15:07: 89:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:F4:1E:4B:D4:12:F0:37:18:44:B2:30:AC:07:B4:A4:B3:4E:4E:0F X509v3 Authority Key Identifier: keyid:80:51:F2:EC:EF:C2:42:E9:AF:9F:1E:45:4A:4F:B7:96:59:1B:8D:AB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:6c:38:c3:a5:79:14:b1:06:b9:0c:a9:77:99:50:9d:3c:61: 92:93:4d:3d:16:08:ce:98:f8:40:68:f6:89:c7:b5:0a:71:65: 70:5f:18:ea:01:a3:46:5a:2c:e4:94:cd:5d:81:48:0f:55:37: 3a:f4:ed:d4:5b:a5:24:97:53:c5:d5:41:8e:da:b2:3d:c3:38: cd:1c:83:30:c9:41:c1:37:91:ab:27:7a:44:eb:e7:00:b1:bf: 5f:55:03:38:be:28:5e:88:0e:20:81:9e:b0:96:bf:e9:d4:c5: 43:9f:23:a3:97:7b:bf:1f:ea:45:be:eb:48:ae:f8:f2:03:9d: af:45:e2:01:a0:9f:ba:5e:6e:32:fb:7b:db:c1:28:72:c7:80: cd:78:d0:eb:b1:c6:4f:aa:6a:fb:42:5d:79:cf:15:92:e4:51: 35:8d:ae:58:63:97:dd:bc:0f:0b:20:63:02:87:80:55:97:25: 2f:83:29:36:02:b0:e6:c0:86:50:e3:99:40:67:cb:1e:1e:e9: f2:7d:e2:75:97:92:a1:6c:3d:22:d2:2f:d6:6a:c0:ca:b7:69: aa:de:30:8e:f8:29:53:65:63:82:38:4e:8e:dd:8e:20:a3:c2: 67:a3:9f:de:a7:38:20:a2:26:bb:24:82:f3:01:af:db:6a:fb: 28:49:0b:4b -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgICFIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODA1 MUYyRUNFRkMyNDJFOUFGOUYxRTQ1NEE0RkI3OTY1OTFCOERBQjAeFw0yNTEwMjIy MTU1MTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEIzRjQxRTRCRDQxMkYw MzcxODQ0QjIzMEFDMDdCNEE0QjM0RTRFMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVu8ikkrYYiyEjDetltsDAspAbMq9Q34TKRaH3SD2WweHe1XQb Z5sjddG88OK7qhR+FWM8rynSK3aCz4ylVrYp0bloMGiQ1tNw8cecSLU34OQql2O+ IpfXRxlpr+7Ai3WtxttofV/ifiXGvIGlKZsJ8JTVZKidqYJoIIRpW1bCm9ySTrZu UAa+fBBLoQWeNPdAhuZc2Umo39g5PZIrC3U/tpweipZ5JDzVPC8cDC3Dnt3+xnkn 8F99GTkmkGNna5LHpyzdCsaM9EsRDEMo85G34vV+9jUgAYx4Z6X17lavYwybacG1 qaHzEF3hq1gzMeRVOLvVzJVv7GLi79UVB4k9AgMBAAGjggIHMIICAzAdBgNVHQ4E FgQUs/QeS9QS8DcYRLIwrAe0pLNOTg8wHwYDVR0jBBgwFoAUgFHy7O/CQumvnx5F Sk+3llkbjaswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTktCTkVU L2dGSHk3T19DUXVtdm54NUZTay0zbGxrYmphcy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvZ0ZIeTdPX0NRdW12bng1RlNrLTNsbGtiamFzLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvTktCTkVUL2dGSHk3T19DUXVtdm54NUZT ay0zbGxrYmphcy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAD bDjDpXkUsQa5DKl3mVCdPGGSk009FgjOmPhAaPaJx7UKcWVwXxjqAaNGWizklM1d gUgPVTc69O3UW6Ukl1PF1UGO2rI9wzjNHIMwyUHBN5GrJ3pE6+cAsb9fVQM4vihe iA4ggZ6wlr/p1MVDnyOjl3u/H+pFvutIrvjyA52vReIBoJ+6Xm4y+3vbwShyx4DN eNDrscZPqmr7Ql15zxWS5FE1ja5YY5fdvA8LIGMCh4BVlyUvgyk2ArDmwIZQ45lA Z8seHunyfeJ1l5KhbD0i0i/WasDKt2mq3jCO+ClTZWOCOE6O3Y4go8Jno5/epzgg oia7JILzAa/bavsoSQtL -----END CERTIFICATE-----Generated at Thu Oct 23 09:28:43 2025 by rpki-client