$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft File: LXIEYXNU1wUjtvZaJwcStrGdgV4.mft (raw, json) Hash identifier: uK735u8hewhkNwuwMzykY306MCNo92DVt+p5epcTxRo= Subject key identifier: 8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37 Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0DD7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft Manifest number: 0D89 Signing time: Sun 07 Sep 2025 21:16:04 +0000 Manifest this update: Sun 07 Sep 2025 21:16:04 +0000 Manifest next update: Tue 09 Sep 2025 21:16:04 +0000 Files and hashes: 1: 0Yo-A-NRvhxwfZMnNHKdkurBspY.roa (hash: RpbWtGY506zgMpKYDlfJZLVWfHe7LhJIfoSW1QYFHHM=) 2: 0rtrKc7d2DygJQGg2P035nk87YA.roa (hash: sS4dBmOMhTiLWLhPPAF0E3KJkpjq+UG2+r1wPdJiXHA=) 3: DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa (hash: M7DNC5f/ZNgNXYOcgP3RHvZDM8IuBzJhvvvGLFmDf0M=) 4: KvfHidfL35UNVHaj2OJ_aKbDFiA.roa (hash: u/tjCfTVMjj8elrABLjqRRjZGm8/5TsNdNsC8yCc/+8=) 5: LXIEYXNU1wUjtvZaJwcStrGdgV4.crl (hash: 3xX/miiqtf8gbbZaTZLxWaTJvIl2ECLofmyAK6OkUbw=) 6: T68GOVLZPb3lZ-YNJ4VAZw4M1x4.roa (hash: mBTNLV9JvVgmuTksJH9h3fKt3M6AhXmmRl6pTEal/XI=) 7: lbTXhpc-PphvuF5T7_lIYOkb-58.roa (hash: JFJKz6OKwZtTyvKP6x64uAfNpsCJQdTvv9+MYDjLpsQ=) 8: oJfo7QV0M68if1-aOZ-TRNCtchI.roa (hash: PcOEtJmNd1qSbGFDEAY0sjoa1J9rcTfDRcdawkHbXnk=) 9: r2choGTJGYsSXHS-Xn5Qj76Y4IE.roa (hash: kP87ivg8MG8uJed5an9d3lP+8UPSLgD4yKsotvXusBc=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 10:48:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3543 (0xdd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Sep 7 21:16:04 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8FB24E0D840F960EB9E53763485237102DDB4637 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:26:2f:a2:8e:26:81:03:aa:24:8f:e4:9f:7f: 81:98:f3:97:3c:da:8e:dc:ed:8f:03:07:1d:77:b1: 5a:49:c3:3d:f6:ef:84:88:f6:28:be:4c:43:e9:74: 29:fe:59:b0:99:b7:cc:21:76:35:21:ef:53:e0:4a: 30:6c:f6:e4:d4:44:e6:51:a9:22:17:c8:98:9d:d2: 87:9b:6f:fc:cf:be:23:a7:d1:97:b0:d7:fe:89:b7: 9b:54:a3:f5:56:00:58:23:71:00:41:67:8a:b5:1c: d3:bc:97:ea:30:2f:20:a3:dc:ea:94:57:05:cd:87: f1:49:35:69:a0:64:11:9c:b5:d4:09:25:22:a6:cf: 82:72:2a:b6:21:f1:75:01:80:0b:b2:12:0d:d6:55: ca:f1:91:ac:80:bf:8d:bd:91:fa:d1:3c:8f:42:60: e4:2c:05:f5:95:67:86:d7:85:a4:24:6d:9d:9a:f5: fd:f5:90:c1:03:80:9a:33:8a:f6:ec:ba:d2:f5:62: f9:24:e5:05:3e:f2:a9:ec:e7:5e:b9:30:d8:69:f1: 98:b3:30:4c:50:98:22:9c:78:ce:2f:0c:01:02:69: 68:f3:3a:47:47:ae:85:ed:d9:68:6f:ff:6f:ce:04: ea:48:68:fd:a4:53:2c:fc:ba:fd:17:05:49:55:16: 32:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:12:82:8e:9d:89:4e:e1:10:9d:37:c1:49:a6:31:fb:33:f4: 3f:66:a8:88:cf:f3:ea:6e:9e:49:07:7e:c7:6a:d8:84:c3:0d: f8:03:de:5f:e7:2b:e8:1a:ae:8f:5a:cd:a5:25:40:76:51:3b: 3e:43:ca:17:a9:86:e0:42:f4:b7:ed:e2:fd:4b:82:2b:c6:5d: ef:de:e3:27:f5:f2:86:c7:e4:db:07:45:b4:12:e1:fb:42:c4: 25:5b:2a:ff:eb:75:0e:5f:a9:34:05:24:d3:2f:2b:1b:28:52: 88:9c:75:75:b0:fe:ca:82:b3:21:e9:00:e6:f0:7c:6e:7c:af: 1b:47:d4:a5:cd:5e:7e:a0:9c:6f:eb:a2:70:27:0a:bc:ca:5d: 18:48:68:82:24:32:68:9a:0b:43:1f:38:ef:92:05:19:0e:2d: 0d:cc:46:96:50:b0:93:90:26:80:37:c2:f7:3f:cc:b9:54:12: c0:ef:93:e2:74:5a:90:39:92:f8:59:bb:a7:c7:4d:2d:07:6d: ac:5b:03:07:3f:e4:f6:af:d7:56:87:c6:4d:eb:c5:c3:2e:16: 08:93:97:f5:e6:ac:b8:36:a3:5b:0d:7d:58:8e:c1:1d:5c:d6: b8:1d:13:3c:d5:17:73:b4:31:37:a2:43:58:f0:b8:56:0d:2a: 00:31:d0:b9 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgICDdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA5MDcy MTE2MDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhGQjI0RTBEODQwRjk2 MEVCOUU1Mzc2MzQ4NTIzNzEwMkREQjQ2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzJi+ijiaBA6okj+Sff4GY85c82o7c7Y8DBx13sVpJwz3274SI 9ii+TEPpdCn+WbCZt8whdjUh71PgSjBs9uTUROZRqSIXyJid0oebb/zPviOn0Zew 1/6Jt5tUo/VWAFgjcQBBZ4q1HNO8l+owLyCj3OqUVwXNh/FJNWmgZBGctdQJJSKm z4JyKrYh8XUBgAuyEg3WVcrxkayAv429kfrRPI9CYOQsBfWVZ4bXhaQkbZ2a9f31 kMEDgJozivbsutL1Yvkk5QU+8qns5165MNhp8ZizMExQmCKceM4vDAECaWjzOkdH roXt2Whv/2/OBOpIaP2kUyz8uv0XBUlVFjLLAgMBAAGjggIBMIIB/TAdBgNVHQ4E FgQUj7JODYQPlg655TdjSFI3EC3bRjcwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xYSUVZWE5VMXdVanR2WmFKd2NTdHJH ZGdWNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB /wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAFEoKOnYlO 4RCdN8FJpjH7M/Q/ZqiIz/Pqbp5JB37HatiEww34A95f5yvoGq6PWs2lJUB2UTs+ Q8oXqYbgQvS37eL9S4Irxl3v3uMn9fKGx+TbB0W0EuH7QsQlWyr/63UOX6k0BSTT LysbKFKInHV1sP7KgrMh6QDm8HxufK8bR9SlzV5+oJxv66JwJwq8yl0YSGiCJDJo mgtDHzjvkgUZDi0NzEaWULCTkCaAN8L3P8y5VBLA75PidFqQOZL4Wbunx00tB22s WwMHP+T2r9dWh8ZN68XDLhYIk5f15qy4NqNbDX1YjsEdXNa4HRM81RdztDE3okNY 8LhWDSoAMdC5 -----END CERTIFICATE-----Generated at Mon Sep 8 08:38:40 2025 by rpki-client