$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft File: mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft (raw, json) Hash identifier: UKJRLxziPz62uCQ7eSUPjFIhW9OdpnPfB+r+8+iqGMc= Subject key identifier: B1:4F:CA:ED:DE:09:C7:ED:F4:B2:AD:6D:75:B2:10:5C:13:E5:10:DA Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Certificate serial: 0BC1 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft Manifest number: 0BA7 Signing time: Mon 27 May 2024 01:35:22 +0000 Manifest this update: Mon 27 May 2024 01:35:22 +0000 Manifest next update: Wed 29 May 2024 01:35:22 +0000 Files and hashes: 1: -ihR7Hy36e14X7x-NVnPz4LBM3I.roa (hash: jMhB2t2i4Hr/bt3ZZXta/99yrwM3YJpkxa7dTJX9tKk=) 2: 3fbKXNzCOaJvXfvMNI0Krujy0qo.roa (hash: DOf8LdW9a1RrWGxAibhsQSa3ZrVxIWR8N8fJwZx+w3s=) 3: BrQE6rFFrt2iuUBCQwKu47dfUGQ.roa (hash: 8VHJ8rgxWQA/TE86a9eMcQi5LdtoaGYEx0CpZiq3Auk=) 4: FUBJasDz-KKxu6_Fni2Gci_VT_E.roa (hash: zQ8swExc3cfIQP5L/vjzZsCq57Fnc0BrRyO2IK3jl8M=) 5: GVc9bOEGCFH_jMWW-3Mwh-K16jo.roa (hash: 2YDy4CTa/vJ848DarEdFcdZt/JdZTTeyUvecyS6iTCE=) 6: fKE1qUSe27l2mOJu1qsHYvacyLg.roa (hash: MJ18je4KMOCV3580Qbbs5Fl6pGv2h5LYLzfXOmVKR7s=) 7: kDHKC3sLBQiP0If8fs_flwZgSac.roa (hash: zrL/R33wFB356o10wyOiGThHr5qNPXlIRKpbavYoCbA=) 8: mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl (hash: dskks5m3slVrpcM/ydEsdg9Bsc2/DqgV2/aHD6oR+RI=) 9: oOKhZMpygPoyPnNGE7ON1-neRG0.roa (hash: uJu6ojv4KeUd8syrDu68nLaztbyq9aFQVfMullKOwnA=) 10: vYEVpqg5XuyYbyOrODiWdMqkG-E.roa (hash: w7oCQcpJleZCkBl1yO3T2DdA1UMoTjuaoh+sqwfjQxc=) 11: zKppHaxVIHEhnG7tklmqV2xlKik.roa (hash: Scf7m/rf04Upz0EuRLpA1ZThfYvnKv0jXiVbfVC8lQk=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 13:29:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3009 (0xbc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Validity Not Before: May 27 01:35:22 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=B14FCAEDDE09C7EDF4B2AD6D75B2105C13E510DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1f:7d:d7:f2:fb:38:76:98:a8:cf:87:5e:96: a4:87:e0:8f:41:48:98:04:bc:be:35:bc:f7:92:9d: e4:0a:e6:f8:a4:64:5a:d6:b3:ca:59:71:9e:cc:36: 00:6d:63:4e:48:f9:b4:ea:93:18:84:d1:6b:9d:74: 15:c8:71:5a:a6:72:c0:17:fc:21:4d:41:d3:59:25: ce:3a:38:05:ec:ce:1f:16:f6:31:3a:a9:9c:df:d9: 95:ae:e7:05:48:77:df:cf:54:7b:d8:14:6e:d6:9a: e7:8e:dc:ce:8b:2e:36:aa:ee:c3:1a:76:25:b1:0b: 59:a3:e9:64:77:65:f4:2e:97:22:54:1b:1e:51:99: 72:f2:92:59:e0:49:03:48:9f:8b:93:ec:32:f1:1b: b3:c4:92:25:4c:00:e8:8e:87:4f:71:27:15:28:e4: 60:cd:f8:cd:ef:a2:30:8e:6b:f5:09:0d:e8:f1:10: 55:cf:ca:f3:16:c9:2d:d6:07:cb:d3:b3:e3:f4:38: b3:70:c7:3c:c3:d3:c3:01:9f:72:14:5c:00:7c:a7: 27:20:f5:1e:ab:7d:3e:83:78:4b:75:f3:bd:86:90: 24:15:90:31:7d:b6:69:2a:ee:c0:ad:cf:5d:17:4d: 0b:74:36:1b:c2:4a:c8:1d:c5:91:d7:66:7c:fd:6f: 45:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:4F:CA:ED:DE:09:C7:ED:F4:B2:AD:6D:75:B2:10:5C:13:E5:10:DA X509v3 Authority Key Identifier: keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:53:9b:81:44:77:2e:16:23:d5:73:91:7d:4f:88:91:72:41: ea:9d:2c:cf:c2:5d:c7:8f:91:c2:c5:70:16:e2:af:32:90:c8: c0:ec:fc:ed:57:4b:68:ab:0b:51:ba:ca:44:fc:82:5e:48:95: 9a:fd:7c:1f:9d:7e:6b:79:e4:76:65:7c:2a:a2:94:7b:3d:a6: 9c:c7:b0:8e:94:8c:61:51:4f:72:37:ed:3f:94:e2:79:04:5f: fb:d6:b1:0b:16:d5:c9:64:e0:60:96:6e:9f:54:43:27:f7:58: 1f:84:bc:44:dc:5b:71:db:4c:a2:1b:98:36:69:00:1e:7c:5a: a3:ae:93:3b:8e:2d:ef:1a:91:f1:d4:ce:03:e0:6d:08:49:09: 62:fa:d3:cb:6f:89:a8:98:6d:2c:7d:8d:c6:a0:d0:e6:d7:1c: 48:7e:20:67:ea:7f:6b:b6:57:e5:57:af:70:0b:47:74:95:9d: 60:d7:a1:52:22:46:83:95:df:a6:c2:83:f1:2a:89:ac:b1:87: 68:38:ec:33:ed:d9:d9:ab:0b:b9:86:55:4a:6f:d4:f2:55:39: b4:de:da:80:ec:92:5b:84:03:59:b2:d7:26:0a:20:fe:52:b4: d7:4a:e0:8e:6a:7b:38:24:7f:d3:16:3e:7c:e2:16:a8:a6:fe: c7:cd:e1:5e -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yNDA1Mjcw MTM1MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEIxNEZDQUVEREUwOUM3 RURGNEIyQUQ2RDc1QjIxMDVDMTNFNTEwREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9H33X8vs4dpioz4delqSH4I9BSJgEvL41vPeSneQK5vikZFrW s8pZcZ7MNgBtY05I+bTqkxiE0WuddBXIcVqmcsAX/CFNQdNZJc46OAXszh8W9jE6 qZzf2ZWu5wVId9/PVHvYFG7WmueO3M6LLjaq7sMadiWxC1mj6WR3ZfQulyJUGx5R mXLyklngSQNIn4uT7DLxG7PEkiVMAOiOh09xJxUo5GDN+M3vojCOa/UJDejxEFXP yvMWyS3WB8vTs+P0OLNwxzzD08MBn3IUXAB8pycg9R6rfT6DeEt1872GkCQVkDF9 tmkq7sCtz10XTQt0NhvCSsgdxZHXZnz9b0X9AgMBAAGjggIPMIICCzAdBgNVHQ4E FgQUsU/K7d4Jx+30sq1tdbIQXBPlENowHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt +2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1QvbVQ5eWdQSDV0 bFE1M1dXdC0yaktEV3ladnNVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALxTm4FEdy4WI9VzkX1PiJFyQeqdLM/CXcePkcLFcBbirzKQyMDs/O1X S2irC1G6ykT8gl5IlZr9fB+dfmt55HZlfCqilHs9ppzHsI6UjGFRT3I37T+U4nkE X/vWsQsW1clk4GCWbp9UQyf3WB+EvETcW3HbTKIbmDZpAB58WqOukzuOLe8akfHU zgPgbQhJCWL608tviaiYbSx9jcag0ObXHEh+IGfqf2u2V+VXr3ALR3SVnWDXoVIi RoOV36bCg/Eqiayxh2g47DPt2dmrC7mGVUpv1PJVObTe2oDskluEA1my1yYKIP5S tNdK4I5qezgkf9MWPnziFqim/sfN4V4= -----END CERTIFICATE-----Generated at Mon May 27 10:17:32 2024 by rpki-client on console-ams.rpki-client.org