$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft File: mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft (raw, json) Hash identifier: RCQxKbT/2hSxk+T7G/azNvlNbaNvdFRj8/kJVdJycBo= Subject key identifier: B1:4F:CA:ED:DE:09:C7:ED:F4:B2:AD:6D:75:B2:10:5C:13:E5:10:DA Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Certificate serial: 0CAF Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft Manifest number: 0C77 Signing time: Sun 16 Feb 2025 18:55:46 +0000 Manifest this update: Sun 16 Feb 2025 18:55:46 +0000 Manifest next update: Mon 17 Feb 2025 00:55:46 +0000 Files and hashes: 1: DP6aLhFsN-ahu5EgQ6FTL_VmZyU.roa (hash: A56yPDSZ3yTuuQmYOjHfnhVxrzXTf6CagobgBGVYMko=) 2: Dpq82dymxhIz2BXrmQWYbtvdxrY.roa (hash: jQq02l5TN4M/SsV/WzuLEibnWc1VE1gjcLfLjvrNFXQ=) 3: H0iWW83mvUyMFxRbXvhVie6LLp4.roa (hash: 7H/nFYxZabi26WLjXD8QfLacFkggDT3d9IIS6fvYkak=) 4: RUu4Q3aKc1KdQks8SdzV7uki5Bs.roa (hash: 9o3LUV68+QLWith3ZrVUmLLQnsnLOahbc2/iJHsNFB4=) 5: SRQ0NHoZb1EOtZfCWIs4uMA5Z58.roa (hash: BJvXIAa32YJvRJ2/G4DeTB1zMRvwlxLl+x1HuTzYVjA=) 6: gBzDl18qgCUPWy1aNoxtbpGDTcc.roa (hash: b30QgV/oPmiMrVzGWMtZsPTczmKYX6hEmNx4VIUouTU=) 7: h67ARHP6uzsJi1JvJdhyhnPiFL4.roa (hash: prUYqd5V5xWLfWcTmAYOaf8dubDcUdz8rYvgMgueejs=) 8: j63G7POC5f8TZ7DfIg28fOwYJQw.roa (hash: 5fmHXghiroyUZIB9LnDnNt8HH0yi/q/MQR94js1Tme0=) 9: ltagCafAA_U1XnMkaC-yca9On4c.roa (hash: YllRyZ8wGA4FOUl/d/bpDm9qJM9x15pii0++0d0JfXc=) 10: mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl (hash: 6yggGEjXoOsY8mpJ/RTYxIuEyznIt7eyadD4TWwcX2w=) 11: mugGYqjjccFJOjLwPKnItjCbZIU.roa (hash: P2s5umbKQJpOKqsJyvd+QIRGKmtsp05/GrVCog5nHbg=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 22:27:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3247 (0xcaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Validity Not Before: Feb 16 18:55:46 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B14FCAEDDE09C7EDF4B2AD6D75B2105C13E510DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1f:7d:d7:f2:fb:38:76:98:a8:cf:87:5e:96: a4:87:e0:8f:41:48:98:04:bc:be:35:bc:f7:92:9d: e4:0a:e6:f8:a4:64:5a:d6:b3:ca:59:71:9e:cc:36: 00:6d:63:4e:48:f9:b4:ea:93:18:84:d1:6b:9d:74: 15:c8:71:5a:a6:72:c0:17:fc:21:4d:41:d3:59:25: ce:3a:38:05:ec:ce:1f:16:f6:31:3a:a9:9c:df:d9: 95:ae:e7:05:48:77:df:cf:54:7b:d8:14:6e:d6:9a: e7:8e:dc:ce:8b:2e:36:aa:ee:c3:1a:76:25:b1:0b: 59:a3:e9:64:77:65:f4:2e:97:22:54:1b:1e:51:99: 72:f2:92:59:e0:49:03:48:9f:8b:93:ec:32:f1:1b: b3:c4:92:25:4c:00:e8:8e:87:4f:71:27:15:28:e4: 60:cd:f8:cd:ef:a2:30:8e:6b:f5:09:0d:e8:f1:10: 55:cf:ca:f3:16:c9:2d:d6:07:cb:d3:b3:e3:f4:38: b3:70:c7:3c:c3:d3:c3:01:9f:72:14:5c:00:7c:a7: 27:20:f5:1e:ab:7d:3e:83:78:4b:75:f3:bd:86:90: 24:15:90:31:7d:b6:69:2a:ee:c0:ad:cf:5d:17:4d: 0b:74:36:1b:c2:4a:c8:1d:c5:91:d7:66:7c:fd:6f: 45:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:4F:CA:ED:DE:09:C7:ED:F4:B2:AD:6D:75:B2:10:5C:13:E5:10:DA X509v3 Authority Key Identifier: keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:35:c8:fa:86:1d:78:d4:ba:a6:34:5e:08:50:07:50:ad:94: f4:4b:e7:0c:c8:89:95:59:8a:a8:83:d7:00:a6:82:3c:15:4c: e3:8f:db:b4:6b:ae:93:81:44:c1:03:0e:03:1c:63:68:04:35: f7:f6:1b:8e:a5:33:d1:7b:bf:d9:79:29:bc:de:a6:99:7a:11: 40:b4:db:05:0d:59:2e:b4:1b:30:cd:3f:fe:2d:02:74:f7:fc: f6:91:d4:00:7f:db:37:0a:8b:9c:56:5c:f8:35:8a:0e:41:dd: 1b:51:28:fb:52:d4:e5:a3:af:73:21:49:e8:b7:db:8d:f2:5b: b1:52:b8:01:4b:47:46:02:d0:72:49:80:99:2e:6f:85:e6:68: 19:0f:6a:03:98:ac:e3:d3:f5:37:40:26:8f:11:98:3a:c3:d9: e4:bc:58:30:b3:1f:31:46:24:f0:f8:b1:30:c6:3e:d7:9d:b0: f1:82:c7:64:0c:ab:a6:0f:ba:a8:e5:c8:f2:7c:be:b1:95:81: fb:6b:08:dd:2a:80:8d:bd:16:53:40:6f:06:ab:24:e7:9d:93: 14:bc:c2:0d:7b:a6:12:bb:a4:3c:6d:cb:ec:07:7f:6d:08:99: 62:ed:d6:fa:91:a1:71:7f:e0:6e:20:f6:03:ab:54:ed:b3:a4: 43:10:1c:61 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgICDK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yNTAyMTYx ODU1NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIxNEZDQUVEREUwOUM3 RURGNEIyQUQ2RDc1QjIxMDVDMTNFNTEwREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9H33X8vs4dpioz4delqSH4I9BSJgEvL41vPeSneQK5vikZFrW s8pZcZ7MNgBtY05I+bTqkxiE0WuddBXIcVqmcsAX/CFNQdNZJc46OAXszh8W9jE6 qZzf2ZWu5wVId9/PVHvYFG7WmueO3M6LLjaq7sMadiWxC1mj6WR3ZfQulyJUGx5R mXLyklngSQNIn4uT7DLxG7PEkiVMAOiOh09xJxUo5GDN+M3vojCOa/UJDejxEFXP yvMWyS3WB8vTs+P0OLNwxzzD08MBn3IUXAB8pycg9R6rfT6DeEt1872GkCQVkDF9 tmkq7sCtz10XTQt0NhvCSsgdxZHXZnz9b0X9AgMBAAGjggIPMIICCzAdBgNVHQ4E FgQUsU/K7d4Jx+30sq1tdbIQXBPlENowHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt +2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1QvbVQ5eWdQSDV0 bFE1M1dXdC0yaktEV3ladnNVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB01yPqGHXjUuqY0XghQB1CtlPRL5wzIiZVZiqiD1wCmgjwVTOOP27Rr rpOBRMEDDgMcY2gENff2G46lM9F7v9l5Kbzeppl6EUC02wUNWS60GzDNP/4tAnT3 /PaR1AB/2zcKi5xWXPg1ig5B3RtRKPtS1OWjr3MhSei3243yW7FSuAFLR0YC0HJJ gJkub4XmaBkPagOYrOPT9TdAJo8RmDrD2eS8WDCzHzFGJPD4sTDGPtedsPGCx2QM q6YPuqjlyPJ8vrGVgftrCN0qgI29FlNAbwarJOedkxS8wg17phK7pDxty+wHf20I mWLt1vqRoXF/4G4g9gOrVO2zpEMQHGE= -----END CERTIFICATE-----Generated at Sun Feb 16 20:22:19 2025 by rpki-client