Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/GAMBESON/1/43A480538BE8801E606CB416A45E3AA47153C1FC.mft
File:                     43A480538BE8801E606CB416A45E3AA47153C1FC.mft (raw, json)
Hash identifier:          AXimVxch6Do100SHhTjBdkeX0HKGJ8kNyN0Iiwv/VFo=
Subject key identifier:   5C:52:97:57:E8:65:8C:D7:54:91:67:E6:C0:47:BB:B3:BA:FA:79:D0
Authority key identifier: 43:A4:80:53:8B:E8:80:1E:60:6C:B4:16:A4:5E:3A:A4:71:53:C1:FC
Certificate issuer:       /CN=43A480538BE8801E606CB416A45E3AA47153C1FC
Certificate serial:       6E65097327DA15B16EEED9CDC930AF519090821A
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/0/43A480538BE8801E606CB416A45E3AA47153C1FC.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/GAMBESON/1/43A480538BE8801E606CB416A45E3AA47153C1FC.mft
Manifest number:          07
Signing time:             Mon 11 May 2026 17:56:59 +0000
Manifest this update:     Mon 11 May 2026 17:51:59 +0000
Manifest next update:     Tue 12 May 2026 20:07:59 +0000
Files and hashes:         1: 3136352e3130312e3135322e302f32342d3234203d3e203338383534.roa (hash: U6Zr4HOjD89KuZO9y/utkpWh1ptd3yWY7OAdCYNAdtg=)
                          2: 43A480538BE8801E606CB416A45E3AA47153C1FC.crl (hash: onPkzVWDyp5ta+OCuLLce/Ba54D1mXHVbtAwFD7e3Pw=)
                          3: 3136352e3130312e3135332e302f32342d3234203d3e203338383534.roa (hash: ZX435W6mSiU5YOUHhDiSylk5PHASkUUAzDgfNQHjX3k=)
                          4: 3136352e3130312e3135322e302f32342d3234203d3e20323133363037.roa (hash: sHCfIkF9qzIZq8AMwpW+WlyC30zePIr9BmIEP0fn7Y4=)
                          5: 3136352e3130312e3135322e302f32342d3234203d3e20313334383233.roa (hash: enUvdWAkv3wr02fiLz/3E6iu4tuKeGmnlUzXDsJesQk=)
                          6: 3136352e3130312e3135332e302f32342d3234203d3e20313438393936.roa (hash: MdC/snBV9hQ+u+QY6j955XOCyB5J4gj5q3588sOilYM=)
                          7: 3136352e3130312e3135322e302f32332d3234203d3e20313334383233.roa (hash: kxyxCW3V2gaGnnDYD9cbiTDaL6NE6NvCZZRwhoM7WZw=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:65:09:73:27:da:15:b1:6e:ee:d9:cd:c9:30:af:51:90:90:82:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43A480538BE8801E606CB416A45E3AA47153C1FC
        Validity
            Not Before: May 11 17:51:59 2026 GMT
            Not After : May 12 20:07:59 2026 GMT
        Subject: CN=5C529757E8658CD7549167E6C047BBB3BAFA79D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:d3:83:d5:76:a4:cd:86:df:57:20:99:4b:da:
                    8a:47:fa:76:0c:b7:a4:ce:3b:e1:42:8b:72:44:92:
                    84:75:03:00:c1:42:53:17:0e:ba:7d:5c:dc:25:95:
                    bd:31:8e:6f:d8:10:07:47:06:95:3c:0c:8a:7f:8a:
                    42:96:6f:df:3b:21:a8:f1:02:8b:3e:3d:31:32:e1:
                    16:1d:cb:a8:ae:b1:6d:dd:34:61:ae:82:09:41:51:
                    1c:06:16:b9:66:f6:ce:e6:88:4b:a9:cf:d9:bf:b3:
                    65:80:b1:7e:b8:0d:ec:b6:99:b2:6c:2c:a4:1a:e9:
                    c1:78:9f:9b:ce:e6:a3:40:20:1e:c5:81:d7:6c:b8:
                    63:08:38:d5:5e:64:9c:03:a1:2a:c9:29:3a:04:43:
                    db:4c:b5:a0:23:59:1e:a8:c1:5e:64:33:3d:31:9b:
                    54:18:8e:3d:fa:da:b3:ad:2b:c6:a2:c7:47:05:13:
                    57:33:3e:4a:1b:74:57:fb:e7:34:42:8d:4e:55:c9:
                    46:5a:ce:ac:a9:1e:d1:c1:63:ef:90:28:99:e1:a2:
                    2c:80:94:ef:d0:23:b9:ed:cb:f5:00:9e:6c:13:cd:
                    d6:8a:fa:38:85:6b:a1:6f:62:74:f9:f2:71:a1:19:
                    a9:f0:3f:09:f6:22:7c:e8:96:62:2c:19:5f:c0:db:
                    c7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:52:97:57:E8:65:8C:D7:54:91:67:E6:C0:47:BB:B3:BA:FA:79:D0
            X509v3 Authority Key Identifier:
                keyid:43:A4:80:53:8B:E8:80:1E:60:6C:B4:16:A4:5E:3A:A4:71:53:C1:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/GAMBESON/1/43A480538BE8801E606CB416A45E3AA47153C1FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/43A480538BE8801E606CB416A45E3AA47153C1FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/GAMBESON/1/43A480538BE8801E606CB416A45E3AA47153C1FC.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:75:3d:3a:cb:4f:a2:08:5f:6b:59:98:07:e7:7c:a3:76:6d:
         a2:fd:14:65:1a:3e:0b:3d:be:62:2a:ea:b7:09:da:e7:9e:07:
         f7:b3:e8:fc:da:0a:04:31:e8:7a:37:72:ce:0c:e8:82:01:99:
         5a:6d:0d:77:52:81:97:7a:5c:c7:9a:51:75:8f:b6:08:60:5b:
         3b:aa:08:95:30:bf:69:b2:eb:45:39:e3:45:b0:dd:4e:46:70:
         41:fa:90:85:96:b4:bd:f6:85:e3:99:fd:96:15:57:47:39:15:
         fa:35:d6:a8:e2:09:44:b1:2e:7c:40:16:7d:67:17:46:05:69:
         07:13:7f:3c:c0:81:a0:6f:fe:ea:c2:a6:35:e1:27:db:1d:d6:
         1e:70:3c:4f:b6:a7:de:e2:65:a2:4c:9b:b2:89:89:d6:23:04:
         80:04:9b:68:f2:d9:9f:20:46:fa:58:21:72:9d:25:70:12:ae:
         d6:c8:8d:0e:09:a3:1c:ff:e6:f8:65:1a:d8:42:83:1b:16:bd:
         a5:04:94:e4:8e:50:f9:6c:93:08:6d:d1:e4:09:fc:91:21:51:
         3f:78:a5:34:a3:12:0c:1f:73:fb:5e:84:43:a2:6b:f7:82:43:
         aa:2a:98:62:71:db:e7:50:c8:21:ca:4c:d2:63:7b:44:30:eb:
         4d:92:b0:14
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbmUJcyfaFbFu7tnNyTCvUZCQghowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNBNDgwNTM4QkU4ODAxRTYwNkNCNDE2QTQ1RTNBQTQ3
MTUzQzFGQzAeFw0yNjA1MTExNzUxNTlaFw0yNjA1MTIyMDA3NTlaMDMxMTAvBgNV
BAMTKDVDNTI5NzU3RTg2NThDRDc1NDkxNjdFNkMwNDdCQkIzQkFGQTc5RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC404PVdqTNht9XIJlL2opH+nYM
t6TOO+FCi3JEkoR1AwDBQlMXDrp9XNwllb0xjm/YEAdHBpU8DIp/ikKWb987Iajx
Aos+PTEy4RYdy6iusW3dNGGugglBURwGFrlm9s7miEupz9m/s2WAsX64Dey2mbJs
LKQa6cF4n5vO5qNAIB7FgddsuGMIONVeZJwDoSrJKToEQ9tMtaAjWR6owV5kMz0x
m1QYjj362rOtK8aix0cFE1czPkobdFf75zRCjU5VyUZazqypHtHBY++QKJnhoiyA
lO/QI7nty/UAnmwTzdaK+jiFa6FvYnT58nGhGanwPwn2InzolmIsGV/A28fjAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUXFKXV+hljNdUkWfmwEe7s7r6edAwHwYDVR0j
BBgwFoAUQ6SAU4vogB5gbLQWpF46pHFTwfwwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvR0FNQkVT
T04vMS80M0E0ODA1MzhCRTg4MDFFNjA2Q0I0MTZBNDVFM0FBNDcxNTNDMUZDLmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8wLzQzQTQ4MDUzOEJFODgwMUU2MDZDQjQxNkE0
NUUzQUE0NzE1M0MxRkMuY2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZU
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9HQU1CRVNPTi8xLzQzQTQ4MDUz
OEJFODgwMUU2MDZDQjQxNkE0NUUzQUE0NzE1M0MxRkMubWZ0MBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIF
ADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAZdT06
y0+iCF9rWZgH53yjdm2i/RRlGj4LPb5iKuq3Cdrnngf3s+j82goEMeh6N3LODOiC
AZlabQ13UoGXelzHmlF1j7YIYFs7qgiVML9psutFOeNFsN1ORnBB+pCFlrS99oXj
mf2WFVdHORX6Ndao4glEsS58QBZ9ZxdGBWkHE388wIGgb/7qwqY14SfbHdYecDxP
tqfe4mWiTJuyiYnWIwSABJto8tmfIEb6WCFynSVwEq7WyI0OCaMc/+b4ZRrYQoMb
Fr2lBJTkjlD5bJMIbdHkCfyRIVE/eKU0oxIMH3P7XoRDomv3gkOqKphicdvnUMgh
ykzSY3tEMOtNkrAU
-----END CERTIFICATE-----