$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft File: ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft (raw, json) Hash identifier: F8ki8iKDF8qw46s1WaYO1UR4QUcUNGcfh4UE4Q7+YIk= Subject key identifier: C4:93:19:11:3B:6E:1A:87:D5:87:DA:0E:05:0F:FB:ED:E7:F0:E1:0B Authority key identifier: CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC Certificate issuer: /CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC Certificate serial: 0A07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft Manifest number: 09E3 Signing time: Wed 22 Oct 2025 07:25:32 +0000 Manifest this update: Wed 22 Oct 2025 07:25:32 +0000 Manifest next update: Fri 24 Oct 2025 07:25:32 +0000 Files and hashes: 1: -fZckqdeOYD6d3FcTxAxReLsSBY.roa (hash: M+oFbGdGlTNXQ5RNWPYUfS7gvTQajRTCug887TlWrVc=) 2: 1dtSeAszkm1vqNQqWzJLi1YHDi8.roa (hash: 1Bk87MtaHknx2SJ7tAGm1Q+50lBwQNwArumStF8U50E=) 3: KH3CPNAEUFcaTX1jQaDAXFuqnz8.roa (hash: btvcxS0QIPF5uW2LVaNrhvmKQsXvkQco3sZFm07rvRo=) 4: hiXIKwkKHNtrQK_f4958YJjv4yo.roa (hash: Jcv3X3Nv30G+P3BCS01oO657zCmMw9s8c4nz8kBc0Vw=) 5: sf8inXxwjMQ2S-BAwJgH4wHxzIo.roa (hash: tiSwac7s7pEmzRcmOUJiwHisQWjGi7T8ExdWUHXItxE=) 6: ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl (hash: pQdDC3ALSFy0ctZ+qn1x3pFyhb31XRVOV0ol1uPwWpg=) 7: zYLt-MYlRQf6gKTqfVdhDxKdAqQ.roa (hash: MR5z8FbxlSB+grCpgZmLewNlf+l2LSjT4oMQKcQjN5Q=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 11:26:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2567 (0xa07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC Validity Not Before: Oct 22 07:25:32 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C49319113B6E1A87D587DA0E050FFBEDE7F0E10B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:12:26:23:7e:72:ac:59:ab:82:b7:b4:48:3c: db:45:de:b1:97:2b:5f:e8:58:b2:e2:90:6a:30:a3: ef:8a:13:46:5d:5e:4d:56:b3:ce:28:a1:1f:c5:1f: d6:5d:d7:4f:1d:db:f0:e5:f5:f3:f6:a9:3f:bb:30: a7:e0:32:0b:19:59:60:c8:c2:57:53:fc:04:4d:72: 0d:3f:22:a1:25:7d:e4:51:f9:f2:b2:36:93:c1:44: 5d:80:97:5d:48:e3:6f:4a:28:b5:d3:26:74:a0:2e: 92:92:15:9d:a6:90:41:21:1c:e3:b6:ce:15:8a:40: 40:a8:70:64:f0:d7:d5:f7:80:93:d3:73:05:af:2a: 84:22:d6:7c:60:65:1a:e5:2a:9c:95:ac:bc:55:9b: dc:5f:c6:9a:f2:bc:bf:04:d3:f3:35:38:3e:9f:ba: 02:bc:7c:dd:83:63:9a:c5:c0:28:26:b5:9e:76:56: 07:bf:8f:8e:fd:c5:8b:99:2a:99:d9:dc:ef:68:45: 35:e8:4a:87:1c:11:5d:27:27:f3:f5:9b:1c:e0:91: a8:80:42:51:17:c9:d6:85:d3:e1:13:d5:fe:8f:9b: d7:2b:ce:31:ff:02:b4:0b:be:8d:dc:39:5c:f8:c7: 3d:62:b2:4b:41:fc:76:62:a0:cf:03:18:90:29:54: b2:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:93:19:11:3B:6E:1A:87:D5:87:DA:0E:05:0F:FB:ED:E7:F0:E1:0B X509v3 Authority Key Identifier: keyid:CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:93:2c:ab:16:33:8e:68:de:f5:fd:f2:78:ab:a7:02:7d:19: 56:e8:9f:56:88:2d:93:eb:6d:bb:ac:2c:aa:63:30:73:ff:d9: a3:5d:79:25:5b:b0:c1:eb:b9:ef:35:96:51:ca:80:47:13:a6: a3:4d:63:13:1b:9c:46:a2:93:9d:2a:f5:22:7b:f9:95:98:88: fb:f0:36:03:f3:9c:97:09:05:77:ba:4d:1e:06:f0:ab:4d:fc: dd:8e:47:05:28:a3:2b:61:7c:fb:35:d3:28:4f:98:76:2f:2f: 70:f9:e8:9b:00:36:3e:84:a2:2b:5c:24:01:05:45:c7:42:c5: 40:c7:9d:30:90:93:09:bd:98:5b:40:44:83:15:b1:45:5a:d6: 85:69:29:70:a5:57:ec:e1:b4:87:a4:87:cf:f3:2f:13:f9:55: a3:50:3d:66:63:22:df:e5:04:aa:10:76:b6:cf:58:af:d1:fb: 16:e8:e2:ab:0f:ca:d9:4e:07:d6:87:02:95:17:65:86:3c:f3: 68:bb:b4:85:f3:8e:d1:fa:b3:05:cf:16:ff:08:b6:2a:d6:40: da:7a:1a:5a:ca:b5:0f:27:a3:a4:f3:b6:97:01:4c:3b:c0:2f: 82:31:da:90:b0:63:5c:97:2a:0d:f3:9f:30:9c:af:64:d6:f1: 85:b6:1b:e8 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgICCgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0FE NTI3MDIyQzhDRDA3NTY4RUM5RkM4MkExQ0UwRERFNUIyQzRBQzAeFw0yNTEwMjIw NzI1MzJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM0OTMxOTExM0I2RTFB ODdENTg3REEwRTA1MEZGQkVERTdGMEUxMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSEiYjfnKsWauCt7RIPNtF3rGXK1/oWLLikGowo++KE0ZdXk1W s84ooR/FH9Zd108d2/Dl9fP2qT+7MKfgMgsZWWDIwldT/ARNcg0/IqElfeRR+fKy NpPBRF2Al11I429KKLXTJnSgLpKSFZ2mkEEhHOO2zhWKQECocGTw19X3gJPTcwWv KoQi1nxgZRrlKpyVrLxVm9xfxpryvL8E0/M1OD6fugK8fN2DY5rFwCgmtZ52Vge/ j479xYuZKpnZ3O9oRTXoSoccEV0nJ/P1mxzgkaiAQlEXydaF0+ET1f6Pm9crzjH/ ArQLvo3cOVz4xz1isktB/HZioM8DGJApVLI9AgMBAAGjggIPMIICCzAdBgNVHQ4E FgQUxJMZETtuGofVh9oOBQ/77efw4QswHwYDVR0jBBgwFoAUytUnAiyM0HVo7J/I Khzg3eWyxKwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdCRVNU V0FSRS95dFVuQWl5TTBIVm83Sl9JS2h6ZzNlV3l4S3cuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3l0VW5BaXlNMEhWbzdKX0lLaHpnM2VXeXhLdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXQkVTVFdBUkUveXRVbkFpeU0w SFZvN0pfSUtoemczZVd5eEt3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAECTLKsWM45o3vX98nirpwJ9GVbon1aILZPrbbusLKpjMHP/2aNdeSVb sMHrue81llHKgEcTpqNNYxMbnEaik50q9SJ7+ZWYiPvwNgPznJcJBXe6TR4G8KtN /N2ORwUooythfPs10yhPmHYvL3D56JsANj6EoitcJAEFRcdCxUDHnTCQkwm9mFtA RIMVsUVa1oVpKXClV+zhtIekh8/zLxP5VaNQPWZjIt/lBKoQdrbPWK/R+xbo4qsP ytlOB9aHApUXZYY882i7tIXzjtH6swXPFv8ItirWQNp6GlrKtQ8no6TztpcBTDvA L4Ix2pCwY1yXKg3znzCcr2TW8YW2G+g= -----END CERTIFICATE-----Generated at Wed Oct 22 10:38:34 2025 by rpki-client