Manifest
$ rpki-client -vvf rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft
File: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft (raw, json)
Hash identifier: Jyz0chCqOwN7M/3ywK7E2fM9xGiUL/EMV1H5uPYpWjk=
Subject key identifier: AE:B4:73:D1:B9:47:76:28:5A:70:48:36:94:B3:7A:E6:C2:4B:43:32
Authority key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2
Certificate issuer: /CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2
Certificate serial: 0D6B7CAB06478FF9BFD9BB3BD928E890C458F8F7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft
Manifest number: 04
Signing time: Mon 11 May 2026 17:31:27 +0000
Manifest this update: Mon 11 May 2026 17:26:27 +0000
Manifest next update: Tue 12 May 2026 19:16:27 +0000
Files and hashes: 1: 323430363a663334303a3a2f33322d3634203d3e203338383432.roa (hash: dPU2RCL9922koNIK4EbftiZXNxbxs5ADbxLPZLggc34=)
2: 3130332e3136302e3232362e302f32332d3234203d3e203338383432.roa (hash: fXBUwxrpMNifp4MO+znwtVxrCjA2c4pDgmAW0x6+dMc=)
3: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl (hash: SowTFzwuQxmrnXrvc7VZGOcisNCZi7eDgEYMjhN2ny8=)
4: 3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa (hash: E3rZgHSz1Z/QlxuFQ/uZkBfovj2HHfCX638SO+t2sg0=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:6b:7c:ab:06:47:8f:f9:bf:d9:bb:3b:d9:28:e8:90:c4:58:f8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2
Validity
Not Before: May 11 17:26:27 2026 GMT
Not After : May 12 19:16:27 2026 GMT
Subject: CN=AEB473D1B94776285A70483694B37AE6C24B4332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:47:e0:5e:53:14:ef:f8:86:8b:b8:7f:ba:64:
26:4f:2b:99:51:49:24:ac:75:f3:a0:ab:cc:d9:43:
ec:80:43:fa:d9:72:23:4e:91:78:cd:90:a3:15:0c:
7f:b4:21:d5:27:77:bf:69:ab:e9:54:cc:48:76:97:
8b:6f:77:82:00:dd:4f:c7:9d:f4:3d:87:19:e8:e4:
d6:0a:2b:33:55:2c:44:cd:3b:10:ac:96:6f:82:ee:
44:74:d1:b9:25:7d:2b:90:27:c6:92:42:56:f3:4a:
12:e0:2a:91:cf:01:71:a2:52:4a:f3:0d:66:20:27:
24:09:f5:70:63:00:0b:38:24:9d:63:96:6a:26:31:
fc:7c:ff:d1:3c:d3:2a:27:51:b5:5b:a1:6e:ee:ab:
a8:74:91:97:71:e7:7f:a3:80:80:0a:62:f9:4b:11:
0c:33:b2:30:46:d0:ea:87:08:7b:9b:33:15:1c:e9:
82:c6:8c:bb:b9:55:1d:74:74:aa:3a:8c:e4:0e:ed:
1f:5b:94:bd:5a:8a:b6:17:15:22:ce:c6:7f:53:e9:
c1:20:ea:ca:91:d1:f4:5b:f4:b6:c7:36:5c:1d:d2:
6e:ba:70:63:ed:c9:cb:5d:2c:e0:1c:0f:97:38:4f:
54:e9:24:0f:9c:b8:30:42:14:37:e4:5d:36:5d:5f:
21:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B4:73:D1:B9:47:76:28:5A:70:48:36:94:B3:7A:E6:C2:4B:43:32
X509v3 Authority Key Identifier:
keyid:9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:06:ae:75:31:0c:d5:39:f1:ac:4a:43:e6:88:bd:8e:19:43:
58:32:13:b4:ee:04:5e:8f:94:30:27:3a:41:bc:49:4b:86:65:
7f:54:11:30:7e:c7:9e:28:fb:b6:a2:5c:8d:ea:76:c5:b3:e8:
8f:02:f3:33:b9:ff:94:4f:a2:63:44:f4:24:0d:c8:67:ae:f1:
9f:57:a1:15:6e:06:33:fe:ca:e6:b6:16:c6:b5:52:04:7a:59:
3c:f6:5f:cc:7d:00:d0:f0:34:70:48:ca:eb:2c:d1:06:db:1b:
d1:87:d0:d6:9b:8b:ec:dc:d5:bb:3e:87:6d:2a:68:3d:48:7f:
52:6a:67:eb:df:a5:06:86:17:f7:aa:00:62:56:33:26:a3:0a:
e1:9b:b2:35:97:a1:7d:a6:24:21:cc:d9:30:cd:3b:8b:b9:5a:
a4:ca:2c:f0:d8:36:e0:3c:23:7e:76:03:42:81:75:bd:1e:ff:
06:68:62:ba:fa:41:d7:28:70:27:c4:2e:7d:91:19:76:38:51:
76:6b:02:79:52:7f:2c:88:3f:73:45:d2:fa:a1:e1:bd:98:06:
54:37:bf:a1:1d:83:fc:ec:0a:20:2d:26:d6:e9:0a:b2:4f:ac:
39:31:7c:23:46:35:15:ca:ff:0c:0c:10:50:eb:d1:56:03:24:
d1:4e:9e:67
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUDWt8qwZHj/m/2bs72SjokMRY+PcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdG
NzJCRDVDMjAeFw0yNjA1MTExNzI2MjdaFw0yNjA1MTIxOTE2MjdaMDMxMTAvBgNV
BAMTKEFFQjQ3M0QxQjk0Nzc2Mjg1QTcwNDgzNjk0QjM3QUU2QzI0QjQzMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQR+BeUxTv+IaLuH+6ZCZPK5lR
SSSsdfOgq8zZQ+yAQ/rZciNOkXjNkKMVDH+0IdUnd79pq+lUzEh2l4tvd4IA3U/H
nfQ9hxno5NYKKzNVLETNOxCslm+C7kR00bklfSuQJ8aSQlbzShLgKpHPAXGiUkrz
DWYgJyQJ9XBjAAs4JJ1jlmomMfx8/9E80yonUbVboW7uq6h0kZdx53+jgIAKYvlL
EQwzsjBG0OqHCHubMxUc6YLGjLu5VR10dKo6jOQO7R9blL1airYXFSLOxn9T6cEg
6sqR0fRb9LbHNlwd0m66cGPtyctdLOAcD5c4T1TpJA+cuDBCFDfkXTZdXyH5AgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUrrRz0blHdihacEg2lLN65sJLQzIwHwYDVR0j
BBgwFoAUnQB9Nz84HMpZbs4g/Cfo1/cr1cIwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud
HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU
LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5jcmww
bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p
Yy50dy9ycGtpL1RXTklDQ0EvMS85RDAwN0QzNzNGMzgxQ0NBNTk2RUNFMjBGQzI3
RThEN0Y3MkJENUMyLmNlcjBuBggrBgEFBQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJz
eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVULzAvOUQwMDdEMzczRjM4
MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5tZnQwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUG
CCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBADMGrnUxDNU5
8axKQ+aIvY4ZQ1gyE7TuBF6PlDAnOkG8SUuGZX9UETB+x54o+7aiXI3qdsWz6I8C
8zO5/5RPomNE9CQNyGeu8Z9XoRVuBjP+yua2Fsa1UgR6WTz2X8x9ANDwNHBIyuss
0QbbG9GH0Nabi+zc1bs+h20qaD1If1JqZ+vfpQaGF/eqAGJWMyajCuGbsjWXoX2m
JCHM2TDNO4u5WqTKLPDYNuA8I352A0KBdb0e/wZoYrr6QdcocCfELn2RGXY4UXZr
AnlSfyyIP3NF0vqh4b2YBlQ3v6Edg/zsCiAtJtbpCrJPrDkxfCNGNRXK/wwMEFDr
0VYDJNFOnmc=
-----END CERTIFICATE-----
Generated at Tue May 12 23:25:39 2026 by rpki-client