Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.mft
File:                     e4JX_9x80ctBlhKc1ASTNSvIO7k.mft (raw, json)
Hash identifier:          QjeX4l+t616ACGMY8dWnh6DXNPPaWDLatGQzoOirhCY=
Subject key identifier:   BF:F9:66:CC:34:DB:9F:8E:2C:AE:59:69:35:E3:1A:9A:DD:5D:70:87
Authority key identifier: 7B:82:57:FF:DC:7C:D1:CB:41:96:12:9C:D4:04:93:35:2B:C8:3B:B9
Certificate issuer:       /CN=7B8257FFDC7CD1CB4196129CD40493352BC83BB9
Certificate serial:       034F
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/e4JX_9x80ctBlhKc1ASTNSvIO7k.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.mft
Manifest number:          0343
Signing time:             Thu 21 Nov 2024 06:53:35 +0000
Manifest this update:     Thu 21 Nov 2024 06:53:35 +0000
Manifest next update:     Sat 23 Nov 2024 06:53:35 +0000
Files and hashes:         1: D-hrPXKsNfFePpz5pD1eS9bZDMs.roa (hash: YbHwtx0aWoTj8bXGAvwknmeyBqq4fq1p3bqCBGe3Aks=)
                          2: e4JX_9x80ctBlhKc1ASTNSvIO7k.crl (hash: iFHHU1WusMtJzpobK+DKKeLAjPtW4KQKqs4rUGIckQ8=)
                          3: eIk0eIpUwPz5A0uNFvdei7hDIko.roa (hash: LHGrvkXnAbuD6ZJFqUW4KqUi8dtsETg6fBglFrJ68sk=)

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/e4JX_9x80ctBlhKc1ASTNSvIO7k.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 847 (0x34f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7B8257FFDC7CD1CB4196129CD40493352BC83BB9
        Validity
            Not Before: Nov 21 06:53:35 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=BFF966CC34DB9F8E2CAE596935E31A9ADD5D7087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:17:80:b7:5b:78:9c:3e:48:9e:3c:ca:f7:cf:
                    66:5b:63:f0:47:3d:88:8b:c4:77:32:5d:70:85:b9:
                    9e:83:35:83:60:17:cb:96:8e:d5:ec:bb:dc:67:50:
                    42:9d:86:bf:b5:e1:10:0d:fe:1d:0e:12:ed:77:3d:
                    d3:34:01:68:d0:fc:2a:0e:73:b6:d6:a1:80:72:2d:
                    89:a7:46:58:93:21:a8:dc:8d:8e:23:db:e2:cb:6c:
                    29:fe:f2:e5:22:a2:f6:f3:24:41:71:0b:51:34:28:
                    7f:08:8f:7b:02:7a:21:01:0d:ad:fa:01:3a:1d:5c:
                    74:1a:4f:9a:7b:63:07:20:a9:32:d7:4f:28:f5:fd:
                    10:80:80:62:d0:3a:85:66:2a:32:0d:22:f2:a2:64:
                    12:3b:10:52:d8:32:f8:18:8d:54:9f:1c:db:b3:39:
                    0d:0d:ae:7c:1f:06:06:4a:9c:d4:de:c5:12:74:0d:
                    ed:01:2a:0f:49:a1:8d:10:5e:77:4f:8c:42:c8:83:
                    db:5b:bb:86:09:ec:9a:72:6e:e0:49:c6:cd:30:1a:
                    9c:42:f0:3a:a3:d1:d1:cb:c9:53:3b:a4:39:3d:ba:
                    22:eb:b2:7f:ea:54:6b:08:51:d3:11:a3:3f:1e:1c:
                    28:f5:24:84:60:0a:55:7e:db:67:d3:01:6e:c1:37:
                    1f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:F9:66:CC:34:DB:9F:8E:2C:AE:59:69:35:E3:1A:9A:DD:5D:70:87
            X509v3 Authority Key Identifier:
                keyid:7B:82:57:FF:DC:7C:D1:CB:41:96:12:9C:D4:04:93:35:2B:C8:3B:B9

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/e4JX_9x80ctBlhKc1ASTNSvIO7k.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:c3:ad:f9:69:40:da:42:61:a1:45:2a:1a:8e:31:9d:1b:80:
         4f:04:fb:07:a6:84:60:91:ce:c1:d0:e8:a1:74:31:be:8f:79:
         bf:7c:6b:50:e8:26:66:51:88:b4:79:e2:10:16:1a:70:ca:f5:
         15:f9:8b:fa:38:15:84:2b:79:4d:2a:eb:3c:e0:b1:5c:6c:12:
         03:c8:7a:7d:4a:2e:b5:62:35:ce:35:da:00:ec:28:87:85:a8:
         2a:3d:b8:3c:7b:53:d1:eb:7f:5b:7d:c9:91:f0:4e:c1:23:03:
         58:a0:41:60:78:8e:2e:8e:60:b8:2b:01:f9:2d:43:1b:f7:7a:
         b9:b3:2c:5e:7f:77:94:a2:7b:27:23:d4:ce:13:3b:67:34:55:
         1f:cf:cf:20:20:f8:b0:5a:a7:c4:db:74:50:1f:fc:5d:88:48:
         b7:f6:f4:6d:55:86:04:06:46:7b:70:4d:1f:40:43:c5:4d:43:
         5b:6c:eb:08:03:03:41:9c:f2:02:e0:a3:ac:ae:b7:f4:0c:e9:
         82:a2:73:c5:e5:3f:e7:24:1b:66:74:d5:2d:57:4a:82:25:c3:
         ac:ce:c3:82:a2:ee:28:de:d4:a7:ce:48:a3:00:6b:00:f1:2f:
         eb:ac:7b:05:a9:bd:c1:14:d2:79:f0:d1:97:2e:3a:5c:ae:6d:
         9b:1b:d0:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgICA08wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I4
MjU3RkZEQzdDRDFDQjQxOTYxMjlDRDQwNDkzMzUyQkM4M0JCOTAeFw0yNDExMjEw
NjUzMzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJGRjk2NkNDMzREQjlG
OEUyQ0FFNTk2OTM1RTMxQTlBREQ1RDcwODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyF4C3W3icPkiePMr3z2ZbY/BHPYiLxHcyXXCFuZ6DNYNgF8uW
jtXsu9xnUEKdhr+14RAN/h0OEu13PdM0AWjQ/CoOc7bWoYByLYmnRliTIajcjY4j
2+LLbCn+8uUiovbzJEFxC1E0KH8Ij3sCeiEBDa36ATodXHQaT5p7YwcgqTLXTyj1
/RCAgGLQOoVmKjINIvKiZBI7EFLYMvgYjVSfHNuzOQ0NrnwfBgZKnNTexRJ0De0B
Kg9JoY0QXndPjELIg9tbu4YJ7JpybuBJxs0wGpxC8Dqj0dHLyVM7pDk9uiLrsn/q
VGsIUdMRoz8eHCj1JIRgClV+22fTAW7BNx+PAgMBAAGjggILMIICBzAdBgNVHQ4E
FgQUv/lmzDTbn44srllpNeMamt1dcIcwHwYDVR0jBBgwFoAUe4JX/9x80ctBlhKc
1ASTNSvIO7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEFSQU1J
VEEvZTRKWF85eDgwY3RCbGhLYzFBU1ROU3ZJTzdrLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9lNEpYXzl4ODBjdEJsaEtjMUFTVE5TdklPN2suY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9QQVJBTUlUQS9lNEpYXzl4ODBjdEJs
aEtjMUFTVE5TdklPN2subWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAP8Ot+WlA2kJhoUUqGo4xnRuATwT7B6aEYJHOwdDooXQxvo95v3xrUOgmZlGI
tHniEBYacMr1FfmL+jgVhCt5TSrrPOCxXGwSA8h6fUoutWI1zjXaAOwoh4WoKj24
PHtT0et/W33JkfBOwSMDWKBBYHiOLo5guCsB+S1DG/d6ubMsXn93lKJ7JyPUzhM7
ZzRVH8/PICD4sFqnxNt0UB/8XYhIt/b0bVWGBAZGe3BNH0BDxU1DW2zrCAMDQZzy
AuCjrK639AzpgqJzxeU/5yQbZnTVLVdKgiXDrM7DgqLuKN7Up85IowBrAPEv66x7
Bam9wRTSefDRly46XK5tmxvQCw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:06:53 2024 by rpki-client on console-fra.rpki-client.org