$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/iaQWkeV56utiReCvcK9sL-LsHRk.cer File: iaQWkeV56utiReCvcK9sL-LsHRk.cer (raw, json) Hash identifier: uINSEaAtXQidrM98ut7YHLyY+Xkuhg5++vqym2z26Ys= Subject key identifier: 89:A4:16:91:E5:79:EA:EB:62:45:E0:AF:70:AF:6C:2F:E2:EC:1D:19 Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 3B8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/iaQWkeV56utiReCvcK9sL-LsHRk.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:14:50 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: IP: 103.28.18.0/23 IP: 2400:bb20::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 04:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15246 (0x3b8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Aug 22 08:14:50 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=89A41691E579EAEB6245E0AF70AF6C2FE2EC1D19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e9:33:63:12:90:83:48:c8:8b:7f:e8:30:f5: 53:2b:a4:cb:9c:8d:b0:e7:29:02:f4:a5:db:9c:93: bb:39:91:22:86:06:c8:3a:2c:05:b2:e3:71:5a:29: ac:46:a3:5b:8d:04:c0:88:93:d4:28:0f:3c:16:99: bf:c8:c4:fb:d8:ec:d9:4d:4a:85:c5:cd:b4:b8:b5: 05:19:fd:1f:92:08:79:11:dc:2c:3a:6a:84:70:85: 8a:46:83:26:75:89:1d:fb:04:f3:17:9c:c0:94:d2: c0:db:76:bc:8d:e4:42:65:0e:22:6b:ee:fb:53:24: fb:7c:10:11:2e:a6:b7:96:bc:ba:cf:0b:39:cd:3e: 15:22:ae:64:61:45:02:46:05:18:4c:7b:8c:79:2c: 98:1a:7e:9f:34:6a:27:73:d1:fe:97:72:32:f4:a7: c6:ec:db:d9:ca:3a:65:ee:76:3f:53:6f:19:5e:84: bc:fd:d4:43:73:63:3a:04:79:61:24:42:dc:a4:07: 95:f4:e4:a5:c8:ef:0f:98:ff:ca:70:ba:bf:ea:93: 79:aa:4e:e4:63:35:ca:93:65:3e:69:2e:28:30:8d: b1:54:cd:15:5a:d9:d8:33:e1:a1:b5:f0:5e:02:2c: 25:95:83:ce:d8:67:87:5e:01:2f:54:25:5f:db:46: 69:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A4:16:91:E5:79:EA:EB:62:45:E0:AF:70:AF:6C:2F:E2:EC:1D:19 X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/iaQWkeV56utiReCvcK9sL-LsHRk.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.28.18.0/23 IPv6: 2400:bb20::/32 Signature Algorithm: sha256WithRSAEncryption 6f:20:e3:9b:d9:6f:1b:10:15:ec:d8:b2:de:cb:41:36:8b:ca: c3:33:1c:5a:fe:70:d8:a7:3d:03:97:ad:82:88:3a:8b:0d:2d: d7:a4:e5:7b:15:8b:5e:d5:a7:a6:6e:0d:b0:25:74:35:da:db: 63:11:76:24:24:32:20:42:83:ab:3c:91:2d:36:8c:ea:68:57: c0:bd:fe:99:20:4f:92:9a:26:32:a7:f2:9e:6d:a6:52:b4:ac: da:5a:cd:fd:b9:eb:8c:8c:56:b8:6b:24:9e:05:cf:09:7a:20: 6a:af:75:50:d8:f5:c1:31:1c:cb:52:a2:10:d5:b7:90:60:f9: ec:4f:91:f9:ae:86:16:bd:8c:18:b4:38:0e:5e:72:42:f6:ce: 97:80:06:2b:30:a1:ff:ff:b5:82:f3:af:9c:2d:5d:d6:c2:01: 7c:36:10:ab:91:92:46:fd:8e:be:b1:f3:1f:32:44:2c:53:e2: 30:ae:ad:3e:7e:1f:b5:f2:79:62:fd:d2:c5:1e:7b:79:c0:a5: 41:d2:9a:c7:60:2e:d2:0f:44:6d:95:00:15:01:56:65:0d:00: 48:ac:0a:dd:43:dc:68:2d:fb:cf:15:ef:b2:ad:5e:50:8c:ff: 4c:66:6d:11:8c:7e:0f:17:23:6a:4d:45:46:9b:f4:c6:4a:d4: bc:22:ce:22 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICO44wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI1MDgyMjA4MTQ1MFoXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoODlBNDE2OTFFNTc5RUFFQjYyNDVFMEFGNzBBRjZDMkZFMkVDMUQx OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPpM2MSkINIyIt/6DD1 Uyuky5yNsOcpAvSl25yTuzmRIoYGyDosBbLjcVoprEajW40EwIiT1CgPPBaZv8jE +9js2U1KhcXNtLi1BRn9H5IIeRHcLDpqhHCFikaDJnWJHfsE8xecwJTSwNt2vI3k QmUOImvu+1Mk+3wQES6mt5a8us8LOc0+FSKuZGFFAkYFGEx7jHksmBp+nzRqJ3PR /pdyMvSnxuzb2co6Ze52P1NvGV6EvP3UQ3NjOgR5YSRC3KQHlfTkpcjvD5j/ynC6 v+qTeapO5GM1ypNlPmkuKDCNsVTNFVrZ2DPhobXwXgIsJZWDzthnh14BL1QlX9tG aZsCAwEAAaOCAl8wggJbMB0GA1UdDgQWBBSJpBaR5Xnq62JF4K9wr2wv4uwdGTAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1lDT1JFLzBX BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0NZQ09SRS9pYVFXa2VWNTZ1dGlSZUN2Y0s5c0wtTHNIUmsubWZ0MDEGCCsGAQUF BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMC4GCCsG AQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZxwSMA0EAgACMAcDBQAkALsgMA0GCSqG SIb3DQEBCwUAA4IBAQBvIOOb2W8bEBXs2LLey0E2i8rDMxxa/nDYpz0Dl62CiDqL DS3XpOV7FYte1aembg2wJXQ12ttjEXYkJDIgQoOrPJEtNozqaFfAvf6ZIE+SmiYy p/KebaZStKzaWs39ueuMjFa4aySeBc8JeiBqr3VQ2PXBMRzLUqIQ1beQYPnsT5H5 roYWvYwYtDgOXnJC9s6XgAYrMKH//7WC86+cLV3WwgF8NhCrkZJG/Y6+sfMfMkQs U+Iwrq0+fh+18nli/dLFHnt5wKVB0prHYC7SD0RtlQAVAVZlDQBIrArdQ9xoLfvP Fe+yrV5QjP9MZm0RjH4PFyNqTUVGm/TGStS8Is4i -----END CERTIFICATE-----Generated at Wed Sep 17 23:29:09 2025 by rpki-client