$ rpki-client -vvf rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft File: 589DA145B1A822538BB2E68D892E6742B34F0701.mft (raw, json) Hash identifier: GLHxp/zBZNQhU75COlMxmtYF7NFw8Dr1ga+1WRNhDYU= Subject key identifier: A7:46:D6:53:AA:E6:5E:38:57:14:B9:54:BB:52:87:95:02:8D:01:03 Authority key identifier: 58:9D:A1:45:B1:A8:22:53:8B:B2:E6:8D:89:2E:67:42:B3:4F:07:01 Certificate issuer: /CN=589DA145B1A822538BB2E68D892E6742B34F0701 Certificate serial: 67288CCFB95887D3BA7963CC53B4D80264C23F21 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft Manifest number: 04 Signing time: Tue 12 May 2026 11:50:43 +0000 Manifest this update: Tue 12 May 2026 11:45:43 +0000 Manifest next update: Wed 13 May 2026 14:32:43 +0000 Files and hashes: 1: 3136312e3234382e3132382e302f32332d3234203d3e20313331363435.roa (hash: A2tEu7HgD7mnKwNZUDnZPRv7DPPNtScV1zkEjUfoaE8=) 2: 589DA145B1A822538BB2E68D892E6742B34F0701.crl (hash: HdntNU9gXLRhm1YRONpaPjR1T8Rzk+ntTUqYrhafNXQ=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.crl rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 14:32:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:28:8c:cf:b9:58:87:d3:ba:79:63:cc:53:b4:d8:02:64:c2:3f:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=589DA145B1A822538BB2E68D892E6742B34F0701 Validity Not Before: May 12 11:45:43 2026 GMT Not After : May 13 14:32:43 2026 GMT Subject: CN=A746D653AAE65E385714B954BB528795028D0103 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:3c:ca:77:e2:6e:b1:25:ac:37:3e:7a:45:38: e3:68:b0:16:64:e6:57:65:9f:36:e2:26:d3:bd:54: 91:44:e6:62:63:82:05:61:8c:16:f3:e5:8e:a0:81: 09:5b:77:09:fa:c6:8f:9a:b8:8b:94:c8:90:b6:82: a1:f8:30:6d:1f:9f:ad:23:7d:d9:4d:3f:d8:e6:9c: c6:6b:f2:22:b4:46:b1:2a:3b:b2:0a:b1:be:00:c1: ac:8a:54:87:be:9b:92:d1:f7:6f:d0:8a:48:25:1d: 51:55:49:5f:3c:a1:4c:52:ea:53:ba:dc:f3:c8:f7: 3f:3b:92:17:9e:cc:95:8d:b6:33:bf:cd:3d:9e:a7: 24:d6:35:16:bb:83:a4:5c:c2:cd:b5:35:a2:5b:b7: 6a:0f:4b:f4:cb:45:57:19:f0:36:ff:39:10:ad:85: 32:cd:26:cb:f3:0c:a4:ef:9f:87:7c:80:ff:83:e4: 93:49:48:4d:27:a9:57:eb:8d:33:58:27:df:61:73: 82:b4:dc:ab:6e:94:4a:63:35:dc:a2:83:3e:67:8f: d5:a1:df:ed:96:f3:47:71:63:58:91:65:03:fe:2d: 7f:1c:6f:7d:fe:ae:e1:5e:f7:6f:be:63:42:92:97: 12:19:18:69:2c:4f:bb:f2:8d:f2:d9:6d:22:53:d2: 6d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:46:D6:53:AA:E6:5E:38:57:14:B9:54:BB:52:87:95:02:8D:01:03 X509v3 Authority Key Identifier: keyid:58:9D:A1:45:B1:A8:22:53:8B:B2:E6:8D:89:2E:67:42:B3:4F:07:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:c6:8d:98:86:29:ae:a2:3b:7b:02:7a:41:a9:48:51:11:80: f4:bf:da:8d:15:7e:ce:a5:f5:b4:46:bd:8c:4a:a4:3e:ed:a3: 73:44:58:00:3a:bb:74:fb:a4:7d:99:4c:8b:7d:d5:f9:44:88: 1b:86:45:26:2e:73:26:0f:54:5e:95:a1:d3:ae:64:30:c7:1f: f6:d7:03:6c:2a:6d:77:e7:e7:9f:50:3d:45:17:f1:e7:d5:1d: 80:15:58:c1:0d:a9:8d:2f:68:1e:3c:de:60:1d:c3:62:c2:4a: 87:3c:c7:57:b5:14:bd:32:8c:8d:71:f6:e8:9a:63:aa:f8:9a: 94:99:0e:ac:3d:27:cf:0f:10:58:43:af:4f:c8:34:06:2b:96: d5:27:d7:83:f8:88:5d:ec:6d:d8:3c:ae:83:8b:16:ea:ab:c5: ae:53:18:de:dc:94:76:8c:84:63:6c:cd:8b:fb:f2:65:99:eb: 45:b2:69:0f:00:32:87:21:bd:75:07:18:b1:ff:44:9e:ce:f6: cb:5a:d6:d7:55:6d:e4:1e:5d:70:44:cf:b3:bc:f1:c3:33:99: 18:b3:50:99:5c:27:8e:75:22:bd:b5:50:1d:8a:75:8e:54:5b: d4:cd:2b:1a:12:79:8a:ca:74:98:84:5d:0a:21:96:e9:ef:5d: 9f:ce:f2:f4 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUZyiMz7lYh9O6eWPMU7TYAmTCPyEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg5REExNDVCMUE4MjI1MzhCQjJFNjhEODkyRTY3NDJC MzRGMDcwMTAeFw0yNjA1MTIxMTQ1NDNaFw0yNjA1MTMxNDMyNDNaMDMxMTAvBgNV BAMTKEE3NDZENjUzQUFFNjVFMzg1NzE0Qjk1NEJCNTI4Nzk1MDI4RDAxMDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPMp34m6xJaw3PnpFOONosBZk 5ldlnzbiJtO9VJFE5mJjggVhjBbz5Y6ggQlbdwn6xo+auIuUyJC2gqH4MG0fn60j fdlNP9jmnMZr8iK0RrEqO7IKsb4AwayKVIe+m5LR92/QikglHVFVSV88oUxS6lO6 3PPI9z87kheezJWNtjO/zT2epyTWNRa7g6Rcws21NaJbt2oPS/TLRVcZ8Db/ORCt hTLNJsvzDKTvn4d8gP+D5JNJSE0nqVfrjTNYJ99hc4K03KtulEpjNdyigz5nj9Wh 3+2W80dxY1iRZQP+LX8cb33+ruFe92++Y0KSlxIZGGksT7vyjfLZbSJT0m1PAgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQUp0bWU6rmXjhXFLlUu1KHlQKNAQMwHwYDVR0j BBgwFoAUWJ2hRbGoIlOLsuaNiS5nQrNPBwEwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0tILzEv NTg5REExNDVCMUE4MjI1MzhCQjJFNjhEODkyRTY3NDJCMzRGMDcwMS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMC81ODlEQTE0NUIxQTgyMjUzOEJCMkU2OEQ4OTJFNjc0 MkIzNEYwNzAxLmNlcjBrBggrBgEFBQcBCwRfMF0wWwYIKwYBBQUHMAuGT3JzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0tILzEvNTg5REExNDVCMUE4MjI1MzhC QjJFNjhEODkyRTY3NDJCMzRGMDcwMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAAjGjZiGKa6iO3sCekGp SFERgPS/2o0Vfs6l9bRGvYxKpD7to3NEWAA6u3T7pH2ZTIt91flEiBuGRSYucyYP VF6VodOuZDDHH/bXA2wqbXfn559QPUUX8efVHYAVWMENqY0vaB483mAdw2LCSoc8 x1e1FL0yjI1x9uiaY6r4mpSZDqw9J88PEFhDr0/INAYrltUn14P4iF3sbdg8roOL Fuqrxa5TGN7clHaMhGNszYv78mWZ60WyaQ8AMochvXUHGLH/RJ7O9sta1tdVbeQe XXBEz7O88cMzmRizUJlcJ451Ir21UB2KdY5UW9TNKxoSeYrKdJiEXQohlunvXZ/O 8vQ= -----END CERTIFICATE-----Generated at Wed May 13 09:15:05 2026 by rpki-client