$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/YDE2zKT7QFWfL3V3jDicnQLCP0A.cer File: YDE2zKT7QFWfL3V3jDicnQLCP0A.cer (raw, json) Hash identifier: 6vmr9kQ/+34a+dbqlUgN5nRz4PwRuTxm1L//BdXUj24= Subject key identifier: 60:31:36:CC:A4:FB:40:55:9F:2F:75:77:8C:38:9C:9D:02:C2:3F:40 Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 1DC3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/DBSBANKSG/YDE2zKT7QFWfL3V3jDicnQLCP0A.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/DBSBANKSG/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:49:35 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: IP: 165.99.170.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 06:56:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7619 (0x1dc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Aug 22 08:49:35 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=603136CCA4FB40559F2F75778C389C9D02C23F40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9c:a3:85:fd:07:1e:55:b5:40:be:ef:a0:33: 42:ef:a3:7b:cb:b7:48:32:de:ee:ff:36:9d:9c:13: 72:a1:27:c4:17:66:e7:cf:b8:00:6a:4e:fe:10:78: 13:68:b3:57:f2:23:27:d7:83:39:02:c4:71:8f:16: 1c:46:1e:ac:dc:11:f0:58:19:7b:12:07:9d:ab:4e: dc:43:7f:4a:06:98:6d:d8:81:73:d6:03:9a:22:f8: 68:f9:79:d5:65:aa:da:26:4c:f1:9d:9a:66:c2:c9: 05:36:9f:78:ed:df:fa:ea:37:74:26:6d:34:07:ec: b1:a6:ff:6c:bb:26:62:28:88:2e:65:aa:fc:15:35: 48:45:ba:d0:22:90:ee:1b:23:3c:66:43:0f:19:e4: f1:2a:28:df:fc:22:4a:ed:01:6a:21:67:5d:9d:d8: 0c:93:1d:c7:24:42:55:07:77:e7:7a:b7:64:df:14: bc:57:19:e5:fc:98:17:0f:70:9d:0e:6e:af:63:40: 81:08:0e:26:10:33:45:c1:e9:56:ac:ba:27:8d:78: 2f:f4:e8:94:36:b9:76:bf:73:2b:81:63:3e:e7:b3: 8b:7c:be:ae:c1:93:ac:73:fc:8d:72:f0:45:2a:1b: 8b:04:7c:c1:f5:2b:bd:82:5e:9c:3c:4e:f9:d7:1d: 0a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:31:36:CC:A4:FB:40:55:9F:2F:75:77:8C:38:9C:9D:02:C2:3F:40 X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DBSBANKSG/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DBSBANKSG/YDE2zKT7QFWfL3V3jDicnQLCP0A.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 165.99.170.0/23 Signature Algorithm: sha256WithRSAEncryption 56:ca:52:64:10:cc:24:8c:a0:a9:d3:4a:6e:20:dc:0e:6b:da: b9:0a:16:a1:7e:c1:bd:d2:e3:da:66:47:16:73:28:1d:4e:ee: 14:43:dd:85:ee:ed:99:df:35:a5:21:36:56:fb:1d:8d:66:76: 35:5f:31:16:80:3b:e3:1e:2c:b6:63:49:43:0f:9e:92:58:de: 2c:47:bd:44:d9:e2:91:aa:8d:7c:97:f5:13:bb:e9:1e:5f:18: 97:40:57:13:d5:8d:83:91:a1:51:58:c8:4a:0b:69:5e:ff:78: ce:ac:b8:7e:c4:bd:06:71:fe:af:49:ad:9a:09:f0:a3:f4:7b: 97:57:c8:54:66:1a:ab:47:ea:a2:a2:ef:74:11:42:d2:2f:bc: bb:27:2b:9f:8d:78:f8:e9:0c:c8:24:cc:82:78:89:9a:00:74: 29:10:b7:06:ab:f9:88:f6:75:17:4c:9a:97:8c:1d:71:db:a8: 68:60:34:1a:c0:1d:1a:4f:e4:f1:56:9b:52:91:8e:f7:ef:fd: 07:75:01:0f:d8:0c:10:ef:ef:f2:aa:54:09:1d:54:db:af:97: 3a:8e:38:1e:bc:c5:13:d3:fb:0f:a7:b7:bb:3b:7f:11:4b:c8: 8b:84:bc:35:5a:81:70:2d:7c:43:05:21:71:aa:7c:51:9e:08: 4b:2e:36:2a -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICHcMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDgyMjA4NDkzNVoXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoNjAzMTM2Q0NBNEZCNDA1NTlGMkY3NTc3OEMzODlDOUQwMkMyM0Y0 MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmco4X9Bx5VtUC+76Az Qu+je8u3SDLe7v82nZwTcqEnxBdm58+4AGpO/hB4E2izV/IjJ9eDOQLEcY8WHEYe rNwR8FgZexIHnatO3EN/SgaYbdiBc9YDmiL4aPl51WWq2iZM8Z2aZsLJBTafeO3f +uo3dCZtNAfssab/bLsmYiiILmWq/BU1SEW60CKQ7hsjPGZDDxnk8Soo3/wiSu0B aiFnXZ3YDJMdxyRCVQd353q3ZN8UvFcZ5fyYFw9wnQ5ur2NAgQgOJhAzRcHpVqy6 J414L/TolDa5dr9zK4FjPuezi3y+rsGTrHP8jXLwRSobiwR8wfUrvYJenDxO+dcd Cg0CAwEAAaOCAlYwggJSMB0GA1UdDgQWBBRgMTbMpPtAVZ8vdXeMOJydAsI/QDAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdwGCCsGAQUFBwELBIHPMIHMMDsGCCsGAQUFBzAF hi9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREJTQkFOS1NH LzBaBggrBgEFBQcwCoZOcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0RCU0JBTktTRy9ZREUyektUN1FGV2ZMM1YzakRpY25RTENQMEEubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBpWOqMA0GCSqGSIb3DQEBCwUA A4IBAQBWylJkEMwkjKCp00puINwOa9q5ChahfsG90uPaZkcWcygdTu4UQ92F7u2Z 3zWlITZW+x2NZnY1XzEWgDvjHiy2Y0lDD56SWN4sR71E2eKRqo18l/UTu+keXxiX QFcT1Y2DkaFRWMhKC2le/3jOrLh+xL0Gcf6vSa2aCfCj9HuXV8hUZhqrR+qiou90 EULSL7y7JyufjXj46QzIJMyCeImaAHQpELcGq/mI9nUXTJqXjB1x26hoYDQawB0a T+TxVptSkY737/0HdQEP2AwQ7+/yqlQJHVTbr5c6jjgevMUT0/sPp7e7O38RS8iL hLw1WoFwLXxDBSFxqnxRnghLLjYq -----END CERTIFICATE-----Generated at Wed Oct 22 05:53:20 2025 by rpki-client