Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
File:                     LXIEYXNU1wUjtvZaJwcStrGdgV4.mft (raw, json)
Hash identifier:          +kOXdOzd/bWwiOAOzrBBxtVgHGPfRD9/XtO9SgGopE8=
Subject key identifier:   8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Certificate issuer:       /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial:       0D62
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
Manifest number:          0D1C
Signing time:             Sat 29 Mar 2025 09:04:16 +0000
Manifest this update:     Sat 29 Mar 2025 09:04:16 +0000
Manifest next update:     Mon 31 Mar 2025 09:04:16 +0000
Files and hashes:         1: -Je16G7yxSwab30W7lP6iLrBJa4.roa (hash: SXNdZAUmfT/M3W6/tVxFSMApyGnXmOWfT4O+gKYhOJ8=)
                          2: 0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa (hash: 24D4mx/uH5LvCFZuHi9VL8FD4fAuH87qD+r4s8KSvsc=)
                          3: LXIEYXNU1wUjtvZaJwcStrGdgV4.crl (hash: CmHMFZckWlf5RyeDp6CadfXOn5fa47ApxMphD5IAC1U=)
                          4: TMU-lCmYZI0dbMAhc0nOMQEDdcg.roa (hash: qrLJU2oetDE2jQ/j2VprRGRnHPHFEl6nYYORnuPKgIM=)
                          5: WxyfR1SJ02c3wtzPDhGT_dZ1Z9s.roa (hash: ClOc57CczSLjgSlZVe57kySjRciErM9hI9jxtuTiXqY=)
                          6: Y6Au06HGgYpXuNHgjf36sLWv-kg.roa (hash: MflbpmMzl7dCiLZ1z4sTf/8mnqhF3ZlnhF0SvzJuXzQ=)
                          7: bc3ob_czo0OcTEgKxfOdgXVriWY.roa (hash: il/vLZJHatOc7CYk49NDT6+ClW1N3OkQas8ZVKrT/Hc=)
                          8: dtggyWl0G_D8QQFxRJiGCa5swpg.roa (hash: MSYhMq1IPuXNaOC2QhN9A0vMPZLw0WkC7jiduw+m5kI=)
                          9: oYfnUrP87m0ry0Su_FSA2VApCWw.roa (hash: htw+ncRg+Usl7uVVEDTaDQl02Hb75FgObG87/n51m1U=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3426 (0xd62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
        Validity
            Not Before: Mar 29 09:04:16 2025 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=8FB24E0D840F960EB9E53763485237102DDB4637
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:26:2f:a2:8e:26:81:03:aa:24:8f:e4:9f:7f:
                    81:98:f3:97:3c:da:8e:dc:ed:8f:03:07:1d:77:b1:
                    5a:49:c3:3d:f6:ef:84:88:f6:28:be:4c:43:e9:74:
                    29:fe:59:b0:99:b7:cc:21:76:35:21:ef:53:e0:4a:
                    30:6c:f6:e4:d4:44:e6:51:a9:22:17:c8:98:9d:d2:
                    87:9b:6f:fc:cf:be:23:a7:d1:97:b0:d7:fe:89:b7:
                    9b:54:a3:f5:56:00:58:23:71:00:41:67:8a:b5:1c:
                    d3:bc:97:ea:30:2f:20:a3:dc:ea:94:57:05:cd:87:
                    f1:49:35:69:a0:64:11:9c:b5:d4:09:25:22:a6:cf:
                    82:72:2a:b6:21:f1:75:01:80:0b:b2:12:0d:d6:55:
                    ca:f1:91:ac:80:bf:8d:bd:91:fa:d1:3c:8f:42:60:
                    e4:2c:05:f5:95:67:86:d7:85:a4:24:6d:9d:9a:f5:
                    fd:f5:90:c1:03:80:9a:33:8a:f6:ec:ba:d2:f5:62:
                    f9:24:e5:05:3e:f2:a9:ec:e7:5e:b9:30:d8:69:f1:
                    98:b3:30:4c:50:98:22:9c:78:ce:2f:0c:01:02:69:
                    68:f3:3a:47:47:ae:85:ed:d9:68:6f:ff:6f:ce:04:
                    ea:48:68:fd:a4:53:2c:fc:ba:fd:17:05:49:55:16:
                    32:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37
            X509v3 Authority Key Identifier:
                keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:90:e6:28:6c:2c:95:5f:1c:46:33:9d:2f:f5:89:0e:5a:f5:
         b1:b9:83:71:d7:36:2e:e5:8e:00:26:73:0b:ed:db:8b:0d:f8:
         7e:56:20:07:e4:31:cd:6b:6c:d8:a8:ca:c9:f0:6f:03:bc:81:
         c2:d7:2d:5f:d5:90:90:68:da:7d:03:89:58:03:65:e7:0d:e1:
         73:cf:31:8e:a4:36:b0:10:53:87:dc:cc:ff:f0:09:b7:31:04:
         33:36:3d:55:da:2b:82:7a:36:af:67:10:1c:9f:c2:c2:4c:92:
         6a:92:84:3e:a0:80:91:df:ee:d8:ac:26:47:6f:e3:fc:00:3e:
         e1:de:d0:7c:36:ec:0d:f1:c7:1c:00:51:5d:ee:a8:d6:fa:dc:
         3e:b3:e6:5a:dd:a6:d0:08:e7:b6:a0:da:86:aa:d2:1c:ed:e3:
         61:cc:3f:b4:0e:a6:9f:99:6f:6a:e8:26:f5:ee:25:86:5c:e0:
         f9:04:b7:8d:4f:53:ec:c4:17:7d:b1:04:9e:7c:b6:91:9e:ae:
         b2:f6:e6:44:c0:04:c8:1b:f6:04:9b:fa:b2:cd:76:8c:cb:db:
         5a:ad:f2:d9:6f:de:b8:94:f2:84:8f:90:bc:95:ee:c6:99:bf:
         da:a2:f8:39:87:e6:83:89:c7:75:98:13:60:de:c6:c1:c9:5c:
         18:c8:02:69
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgICDWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTAzMjkw
OTA0MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhGQjI0RTBEODQwRjk2
MEVCOUU1Mzc2MzQ4NTIzNzEwMkREQjQ2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzJi+ijiaBA6okj+Sff4GY85c82o7c7Y8DBx13sVpJwz3274SI
9ii+TEPpdCn+WbCZt8whdjUh71PgSjBs9uTUROZRqSIXyJid0oebb/zPviOn0Zew
1/6Jt5tUo/VWAFgjcQBBZ4q1HNO8l+owLyCj3OqUVwXNh/FJNWmgZBGctdQJJSKm
z4JyKrYh8XUBgAuyEg3WVcrxkayAv429kfrRPI9CYOQsBfWVZ4bXhaQkbZ2a9f31
kMEDgJozivbsutL1Yvkk5QU+8qns5165MNhp8ZizMExQmCKceM4vDAECaWjzOkdH
roXt2Whv/2/OBOpIaP2kUyz8uv0XBUlVFjLLAgMBAAGjggIBMIIB/TAdBgNVHQ4E
FgQUj7JODYQPlg655TdjSFI3EC3bRjcwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xYSUVZWE5VMXdVanR2WmFKd2NTdHJH
ZGdWNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB
/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQADkOYobCyV
XxxGM50v9YkOWvWxuYNx1zYu5Y4AJnML7duLDfh+ViAH5DHNa2zYqMrJ8G8DvIHC
1y1f1ZCQaNp9A4lYA2XnDeFzzzGOpDawEFOH3Mz/8Am3MQQzNj1V2iuCejavZxAc
n8LCTJJqkoQ+oICR3+7YrCZHb+P8AD7h3tB8NuwN8cccAFFd7qjW+tw+s+Za3abQ
COe2oNqGqtIc7eNhzD+0DqafmW9q6Cb17iWGXOD5BLeNT1PsxBd9sQSefLaRnq6y
9uZEwATIG/YEm/qyzXaMy9tarfLZb964lPKEj5C8le7Gmb/aovg5h+aDicd1mBNg
3sbByVwYyAJp
-----END CERTIFICATE-----