$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RAID/PalqMYeFDKwQFQruNLuY3YHdups.mft File: PalqMYeFDKwQFQruNLuY3YHdups.mft (raw, json) Hash identifier: dABasXGXTiIbBkr3CvMJTWcmgNJNzjCoH7N7zlmjFKk= Subject key identifier: 64:81:D0:D7:57:88:DC:AC:68:A8:E9:81:D6:31:90:D2:E2:BE:B0:08 Authority key identifier: 3D:A9:6A:31:87:85:0C:AC:10:15:0A:EE:34:BB:98:DD:81:DD:BA:9B Certificate issuer: /CN=3DA96A3187850CAC10150AEE34BB98DD81DDBA9B Certificate serial: 0126 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PalqMYeFDKwQFQruNLuY3YHdups.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RAID/PalqMYeFDKwQFQruNLuY3YHdups.mft Manifest number: 0126 Signing time: Wed 30 Jul 2025 11:07:53 +0000 Manifest this update: Wed 30 Jul 2025 11:07:53 +0000 Manifest next update: Fri 01 Aug 2025 11:07:53 +0000 Files and hashes: 1: PalqMYeFDKwQFQruNLuY3YHdups.crl (hash: GXrCPxMpIz2mRVfsuKQaKz6Q97ym1juKM4YI6JOTk40=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/RAID/PalqMYeFDKwQFQruNLuY3YHdups.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/RAID/PalqMYeFDKwQFQruNLuY3YHdups.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PalqMYeFDKwQFQruNLuY3YHdups.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 31 Jul 2025 22:08:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 294 (0x126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3DA96A3187850CAC10150AEE34BB98DD81DDBA9B Validity Not Before: Jul 30 11:07:53 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6481D0D75788DCAC68A8E981D63190D2E2BEB008 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:7a:2d:40:90:4c:94:ce:b5:6b:8b:d4:d4:b1: 40:37:bc:04:5e:9a:2c:fe:30:94:d9:08:3a:94:b1: 7e:70:e5:a0:b3:67:da:ee:a2:f6:b5:30:9d:b1:d0: 92:62:71:79:be:22:b7:eb:a4:d0:0c:f8:d8:73:9b: 57:2b:97:01:c1:de:f1:27:22:d5:79:22:61:87:99: 18:ef:64:7f:02:fe:5d:4c:c5:f6:39:00:03:1c:0d: 14:f4:92:7b:75:b7:9b:5e:5e:da:e8:43:9a:cb:ea: d0:8c:e9:cb:4b:34:75:8d:fb:32:74:ce:5d:de:6b: 91:39:89:ef:32:6d:03:7b:aa:23:16:a4:ef:f6:08: 9d:a0:cf:c6:73:91:fd:bb:44:52:5c:41:4b:71:56: fb:7c:ff:56:2b:8e:80:bc:15:f2:8a:cf:a9:36:3f: ae:2c:dc:e0:d2:ff:89:64:a3:cd:c0:ca:c2:f4:98: 4a:59:37:c7:b1:5a:9f:41:0b:f7:07:09:f3:03:82: db:70:19:60:29:91:25:33:c7:40:c4:77:7c:b6:41: 42:d7:d0:cf:3b:69:df:01:de:f9:86:da:50:7e:8d: a5:34:ad:a0:22:7a:43:8e:9c:53:2e:3b:77:30:32: 68:7c:c0:66:05:f1:ce:b7:fd:d8:ea:51:2b:54:ff: 73:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:81:D0:D7:57:88:DC:AC:68:A8:E9:81:D6:31:90:D2:E2:BE:B0:08 X509v3 Authority Key Identifier: keyid:3D:A9:6A:31:87:85:0C:AC:10:15:0A:EE:34:BB:98:DD:81:DD:BA:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RAID/PalqMYeFDKwQFQruNLuY3YHdups.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PalqMYeFDKwQFQruNLuY3YHdups.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RAID/PalqMYeFDKwQFQruNLuY3YHdups.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:3d:81:1d:9d:df:7d:3f:fd:10:f0:47:3e:1f:14:e9:de:c5: 49:9b:33:83:3e:8c:fb:a5:eb:a1:90:c2:47:e8:ca:83:86:66: f5:d4:07:24:c1:64:d9:ea:ad:96:3a:ac:61:72:e3:ff:35:5a: 2b:8b:1c:c2:2f:2d:72:c7:07:aa:48:49:af:9f:74:96:49:0e: 40:39:02:38:d0:a2:38:ad:37:c7:5a:6d:9a:73:3b:03:57:43: 7d:d3:3c:2c:0a:2a:71:ab:8b:a9:9c:79:d8:8c:30:4d:6c:c9: 68:a8:9f:25:c6:24:b2:fc:08:2f:ae:fe:ef:6e:e9:6a:a4:fc: 24:75:db:d3:a7:10:21:4f:88:12:4f:6f:91:7c:2b:35:e7:1d: 0a:bb:15:37:cb:72:3c:5a:61:02:8b:6d:5b:e9:e2:f8:4d:f5: 69:94:3e:7a:8d:3d:e1:8d:3e:ea:73:9c:37:f0:79:9b:1c:c2: 27:ea:63:a2:f5:8a:2c:ae:34:a5:07:68:f8:dd:9f:f8:24:33: bf:0b:29:c9:3e:a5:36:7d:ca:1f:a3:8b:0d:46:c6:c6:fe:94: 56:d2:bc:c1:2c:d4:ae:c1:90:a6:4f:a7:e0:ba:00:bc:2b:1f: d0:97:24:61:81:c4:44:ca:74:14:2a:97:d3:ce:fa:ae:8b:75: 47:51:68:89 -----BEGIN CERTIFICATE----- MIIE5zCCA8+gAwIBAgICASYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0RB OTZBMzE4Nzg1MENBQzEwMTUwQUVFMzRCQjk4REQ4MUREQkE5QjAeFw0yNTA3MzAx MTA3NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY0ODFEMEQ3NTc4OERD QUM2OEE4RTk4MUQ2MzE5MEQyRTJCRUIwMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSei1AkEyUzrVri9TUsUA3vARemiz+MJTZCDqUsX5w5aCzZ9ru ova1MJ2x0JJicXm+IrfrpNAM+Nhzm1crlwHB3vEnItV5ImGHmRjvZH8C/l1MxfY5 AAMcDRT0knt1t5teXtroQ5rL6tCM6ctLNHWN+zJ0zl3ea5E5ie8ybQN7qiMWpO/2 CJ2gz8Zzkf27RFJcQUtxVvt8/1YrjoC8FfKKz6k2P64s3ODS/4lko83AysL0mEpZ N8exWp9BC/cHCfMDgttwGWApkSUzx0DEd3y2QULX0M87ad8B3vmG2lB+jaU0raAi ekOOnFMuO3cwMmh8wGYF8c63/djqUStU/3PTAgMBAAGjggIDMIIB/zAdBgNVHQ4E FgQUZIHQ11eI3KxoqOmB1jGQ0uK+sAgwHwYDVR0jBBgwFoAUPalqMYeFDKwQFQru NLuY3YHdupswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkFJRC9Q YWxxTVllRkRLd1FGUXJ1Tkx1WTNZSGR1cHMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L1BhbHFNWWVGREt3UUZRcnVOTHVZM1lIZHVwcy5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1JBSUQvUGFscU1ZZUZES3dRRlFydU5MdVkz WUhkdXBzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUFBwEH AQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAJo9gR2d 330//RDwRz4fFOnexUmbM4M+jPul66GQwkfoyoOGZvXUByTBZNnqrZY6rGFy4/81 WiuLHMIvLXLHB6pISa+fdJZJDkA5AjjQojitN8dabZpzOwNXQ33TPCwKKnGri6mc ediMME1syWionyXGJLL8CC+u/u9u6Wqk/CR129OnECFPiBJPb5F8KzXnHQq7FTfL cjxaYQKLbVvp4vhN9WmUPnqNPeGNPupznDfweZscwifqY6L1iiyuNKUHaPjdn/gk M78LKck+pTZ9yh+jiw1Gxsb+lFbSvMEs1K7BkKZPp+C6ALwrH9CXJGGBxETKdBQq l9PO+q6LdUdRaIk= -----END CERTIFICATE-----Generated at Thu Jul 31 18:15:36 2025 by rpki-client