$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer File: u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer (raw, json) Hash identifier: OjsAr4mtoqHS8UUht2UPJvkw9p90qSC+cmvuhXRhZs4= Subject key identifier: BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7 Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 1DE1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:58:24 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: IP: 161.248.128.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 11:19:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7649 (0x1de1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Aug 22 08:58:24 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=BBF8E5352240971787806A3E53A8904859A9F0E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f7:1e:c9:e3:7e:f5:bb:16:30:b1:de:74:d8: 3b:af:5a:f3:03:ef:db:32:1b:bd:75:8b:fd:61:9b: d3:60:80:9d:11:25:e9:c4:94:cb:9b:80:76:c2:90: 15:4a:3d:bd:c6:c0:1f:47:6a:43:19:88:fc:98:39: 1d:df:2a:ff:74:73:76:1f:4e:06:a6:7e:51:7d:2b: e7:9b:d2:9c:11:95:d3:53:ab:65:28:60:b6:1a:5c: 1b:26:0c:be:3e:4e:97:c4:f4:9f:8b:57:aa:0a:ff: 9d:b4:70:64:77:54:76:b9:0d:86:a4:d8:0b:86:f8: 21:b7:a4:da:4a:52:85:44:df:6c:e6:09:ca:f1:74: ba:8a:e5:9d:14:26:4c:a7:89:55:c8:31:25:a4:46: 10:f9:99:e9:30:4f:38:15:fe:4c:8b:6e:33:7f:9a: d6:4a:72:25:9d:4e:60:3b:6b:c6:93:d6:3b:75:ae: 58:e2:3c:7a:89:75:12:f1:10:3f:a0:2c:0b:1e:a4: ec:51:70:ba:d1:61:2a:47:98:c6:bb:9f:c0:aa:f4: 3b:cd:2f:46:84:54:f2:63:90:ae:d0:e2:d4:5d:98: 6f:82:de:d9:98:87:32:70:d1:a9:e0:1d:d8:67:1d: 13:55:e2:96:2e:7c:fa:22:13:f0:b7:bc:5e:47:8e: 34:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7 X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 161.248.128.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:e3:f6:b5:6c:90:d1:48:82:1b:15:7d:53:67:a3:1a:93:19: 33:3d:32:35:b0:bc:22:78:60:70:b4:74:df:85:e8:dd:95:e0: e0:f8:e3:d9:46:d6:81:74:1a:04:b4:5b:80:be:77:91:78:30: f9:82:8c:8f:22:7b:7b:04:fd:77:b3:35:89:18:f4:3c:19:a4: 53:15:a1:14:a7:a9:6f:84:b6:48:b9:67:11:11:4c:fe:0b:cb: d6:8f:8a:aa:ab:80:c4:17:8a:0c:87:59:2c:05:df:d9:9b:ef: 01:49:98:fd:56:13:be:5e:fe:10:32:cf:a8:ec:5f:3b:18:08: 8d:82:92:3c:07:48:de:f1:40:b7:ae:8f:1f:f6:ec:93:ae:17: 4a:a9:e4:e7:84:a9:32:4c:59:9a:d9:fb:08:93:93:2a:61:30: 78:f9:6d:db:6d:d7:0f:aa:b6:40:f6:f1:56:4b:1f:86:32:28: 36:4b:44:b1:7a:3c:76:d4:c5:71:db:22:38:17:13:61:31:b9: a5:fe:40:dd:55:40:10:54:27:b2:e9:44:47:0a:0e:90:19:88: 04:e3:68:b5:db:69:5f:a2:6f:08:09:bc:1f:a4:7f:d6:de:77: 78:f2:7c:c4:ea:ff:9f:88:1c:f9:30:7d:c5:57:b1:f5:58:13: 42:44:13:56 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgICHeEwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDgyMjA4NTgyNFoXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoQkJGOEU1MzUyMjQwOTcxNzg3ODA2QTNFNTNBODkwNDg1OUE5RjBF NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN73HsnjfvW7FjCx3nTY O69a8wPv2zIbvXWL/WGb02CAnREl6cSUy5uAdsKQFUo9vcbAH0dqQxmI/Jg5Hd8q /3Rzdh9OBqZ+UX0r55vSnBGV01OrZShgthpcGyYMvj5Ol8T0n4tXqgr/nbRwZHdU drkNhqTYC4b4Ibek2kpShUTfbOYJyvF0uorlnRQmTKeJVcgxJaRGEPmZ6TBPOBX+ TItuM3+a1kpyJZ1OYDtrxpPWO3WuWOI8eol1EvEQP6AsCx6k7FFwutFhKkeYxruf wKr0O80vRoRU8mOQrtDi1F2Yb4Le2ZiHMnDRqeAd2GcdE1Xili58+iIT8Le8XkeO NAUCAwEAAaOCAkowggJGMB0GA1UdDgQWBBS7+OU1IkCXF4eAaj5TqJBIWanw5zAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdAGCCsGAQUFBwELBIHDMIHAMDUGCCsGAQUFBzAF hilyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tILzBUBggr BgEFBQcwCoZIcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0tL SC91X2psTlNKQWx4ZUhnR28tVTZpUVNGbXA4T2MubWZ0MDEGCCsGAQUFBzANhiVo dHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEH AQH/BBAwDjAMBAIAATAGAwQBofiAMA0GCSqGSIb3DQEBCwUAA4IBAQB/4/a1bJDR SIIbFX1TZ6MakxkzPTI1sLwieGBwtHTfhejdleDg+OPZRtaBdBoEtFuAvneReDD5 goyPInt7BP13szWJGPQ8GaRTFaEUp6lvhLZIuWcREUz+C8vWj4qqq4DEF4oMh1ks Bd/Zm+8BSZj9VhO+Xv4QMs+o7F87GAiNgpI8B0je8UC3ro8f9uyTrhdKqeTnhKky TFma2fsIk5MqYTB4+W3bbdcPqrZA9vFWSx+GMig2S0Sxejx21MVx2yI4FxNhMbml /kDdVUAQVCey6URHCg6QGYgE42i122lfom8ICbwfpH/W3nd48nzE6v+fiBz5MH3F V7H1WBNCRBNW -----END CERTIFICATE-----Generated at Thu Sep 18 08:05:01 2025 by rpki-client