$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/aGGW3gPV2jAP80-5M56yqPE90pc.cer File: aGGW3gPV2jAP80-5M56yqPE90pc.cer (raw, json) Hash identifier: a/Rr7AbYUzFKf4aMI3JUnziBJiKNwQ5K9aLI7U/hMOE= Subject key identifier: 68:61:96:DE:03:D5:DA:30:0F:F3:4F:B9:33:9E:B2:A8:F1:3D:D2:97 Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 3C48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/DRCLOUD/aGGW3gPV2jAP80-5M56yqPE90pc.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/DRCLOUD/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:14:58 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: AS: 131605 IP: 103.222.248.0/22 IP: 2401:85c0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Sep 2025 23:49:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15432 (0x3c48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Aug 22 08:14:58 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=686196DE03D5DA300FF34FB9339EB2A8F13DD297 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:dc:33:32:65:7f:cb:d2:6c:37:91:80:46:e4: 3f:7e:1f:89:d6:c0:26:a4:ad:c7:86:84:45:e6:b2: eb:6d:96:49:66:f9:f2:85:89:2f:0e:14:80:ef:25: 04:1f:23:c0:52:31:bc:f4:22:ff:20:e5:17:9c:eb: 31:e8:f6:37:80:c6:67:db:1b:f5:1f:2c:54:c1:9b: 77:b2:59:c8:1d:1d:42:f4:f0:6e:af:d3:92:24:bf: b9:b3:71:19:2f:95:a8:4c:df:7f:f7:df:0a:2d:2f: 43:70:0c:31:ac:27:61:d0:4c:89:f4:9b:67:cc:ca: 41:02:62:43:63:d4:5b:9a:61:29:2c:73:29:51:de: 30:d6:85:8f:b6:8e:e2:35:ea:63:03:72:6d:73:3e: 75:e0:bf:a9:b9:79:de:7b:c0:d2:8d:3b:b0:53:c7: 83:c1:d9:2c:5a:39:be:97:3f:ca:ca:45:b4:65:07: 06:45:e1:9f:fe:a4:2e:c4:71:c5:33:d1:5e:f9:8d: bc:0e:72:35:67:42:17:ea:78:e8:e4:6b:92:33:3e: ab:20:c2:82:1d:b9:c1:fa:2e:bf:ce:0d:d2:40:98: a6:b6:61:0d:ae:21:20:0b:8b:90:54:02:8c:d6:d2: 30:83:a7:db:30:d9:b7:86:80:e4:2e:38:f7:91:a7: 2b:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:61:96:DE:03:D5:DA:30:0F:F3:4F:B9:33:9E:B2:A8:F1:3D:D2:97 X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DRCLOUD/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DRCLOUD/aGGW3gPV2jAP80-5M56yqPE90pc.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 131605 sbgp-ipAddrBlock: critical IPv4: 103.222.248.0/22 IPv6: 2401:85c0::/32 Signature Algorithm: sha256WithRSAEncryption 24:83:aa:8f:a6:d3:ed:7b:33:80:1c:a7:0f:d1:79:c7:66:17: 1d:69:4a:f4:ab:33:60:b9:77:12:a5:c1:50:d7:f2:2c:0b:21: 6b:bc:bc:ff:34:3d:40:68:31:a6:b9:47:78:e6:4c:dc:e7:52: eb:dc:2a:e7:3d:98:9f:c9:ae:de:65:12:11:95:53:ee:b5:2f: 5e:24:19:2f:c5:60:d5:62:a0:66:d0:2e:50:d5:7e:7b:0b:a4: cb:31:a6:71:7f:f0:a8:39:0c:fd:98:df:ee:b2:7d:c0:e5:25: 25:ba:5f:a0:f4:d5:35:6a:7a:76:d2:9d:e5:b6:92:4b:73:4c: c2:ed:51:c8:23:55:a5:bb:04:20:91:11:fb:b8:11:b3:4a:4d: 8e:e3:98:9f:fe:7b:e9:27:f1:90:75:43:0f:b1:94:ca:84:b1: 35:ae:76:b0:6d:43:98:cb:8a:76:4d:3d:29:2c:8e:ed:57:75: 95:94:55:bf:ea:7f:ca:9c:a9:bf:45:5d:1b:8d:f0:dc:5a:9a: 34:3d:f1:e7:62:76:d4:db:4c:79:10:bd:7f:95:db:dd:86:91: 60:6d:fe:db:f0:04:7b:e4:90:d8:3b:07:0f:30:31:1e:6b:64: 06:18:03:f5:79:f8:75:4e:83:84:e2:20:da:7f:bb:f0:d4:9a: 77:6d:39:1f -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgICPEgwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI1MDgyMjA4MTQ1OFoXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoNjg2MTk2REUwM0Q1REEzMDBGRjM0RkI5MzM5RUIyQThGMTNERDI5 NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTcMzJlf8vSbDeRgEbk P34fidbAJqStx4aEReay622WSWb58oWJLw4UgO8lBB8jwFIxvPQi/yDlF5zrMej2 N4DGZ9sb9R8sVMGbd7JZyB0dQvTwbq/TkiS/ubNxGS+VqEzff/ffCi0vQ3AMMawn YdBMifSbZ8zKQQJiQ2PUW5phKSxzKVHeMNaFj7aO4jXqYwNybXM+deC/qbl53nvA 0o07sFPHg8HZLFo5vpc/yspFtGUHBkXhn/6kLsRxxTPRXvmNvA5yNWdCF+p46ORr kjM+qyDCgh25wfouv84N0kCYprZhDa4hIAuLkFQCjNbSMIOn2zDZt4aA5C4495Gn K2cCAwEAAaOCAn0wggJ5MB0GA1UdDgQWBBRoYZbeA9XaMA/zT7kznrKo8T3SlzAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUFBzAF hi1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFJDTE9VRC8w WAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9EUkNMT1VEL2FHR1czZ1BWMmpBUDgwLTVNNTZ5cVBFOTBwYy5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwGgYI KwYBBQUHAQgBAf8ECzAJoAcwBQIDAgIVMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIA ATAGAwQCZ974MA0EAgACMAcDBQAkAYXAMA0GCSqGSIb3DQEBCwUAA4IBAQAkg6qP ptPtezOAHKcP0XnHZhcdaUr0qzNguXcSpcFQ1/IsCyFrvLz/ND1AaDGmuUd45kzc 51Lr3CrnPZifya7eZRIRlVPutS9eJBkvxWDVYqBm0C5Q1X57C6TLMaZxf/CoOQz9 mN/usn3A5SUlul+g9NU1anp20p3ltpJLc0zC7VHII1WluwQgkRH7uBGzSk2O45if /nvpJ/GQdUMPsZTKhLE1rnawbUOYy4p2TT0pLI7tV3WVlFW/6n/KnKm/RV0bjfDc Wpo0PfHnYnbU20x5EL1/ldvdhpFgbf7b8AR75JDYOwcPMDEea2QGGAP1efh1ToOE 4iDaf7vw1Jp3bTkf -----END CERTIFICATE-----Generated at Wed Sep 17 21:55:14 2025 by rpki-client