Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/PIINET/0/857A2684D7DBC89CE784E4DF16F1A1C03D945585.mft
File:                     857A2684D7DBC89CE784E4DF16F1A1C03D945585.mft (raw, json)
Hash identifier:          bXKos7bHHl+JZJieSVy3j74nlbI44pcxy4Sqq1PiV/g=
Subject key identifier:   B1:4A:C4:A5:E2:8D:C3:2C:E4:0B:52:CC:FF:D8:D3:B6:7C:C7:C4:30
Authority key identifier: 85:7A:26:84:D7:DB:C8:9C:E7:84:E4:DF:16:F1:A1:C0:3D:94:55:85
Certificate issuer:       /CN=857A2684D7DBC89CE784E4DF16F1A1C03D945585
Certificate serial:       55F7CBAEC099A099C7DA0B2A09CDE2713BAFE3D0
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/1/857A2684D7DBC89CE784E4DF16F1A1C03D945585.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/PIINET/0/857A2684D7DBC89CE784E4DF16F1A1C03D945585.mft
Manifest number:          05
Signing time:             Mon 11 May 2026 17:20:15 +0000
Manifest this update:     Mon 11 May 2026 17:15:15 +0000
Manifest next update:     Tue 12 May 2026 19:44:15 +0000
Files and hashes:         1: 3130332e3233342e38302e302f32322d3234203d3e203137373130.roa (hash: uqLuHrrFZUmLWpdnoJCaLRe1oXTuRusUvNya24FB8bg=)
                          2: 857A2684D7DBC89CE784E4DF16F1A1C03D945585.crl (hash: brA8Cee871r0OcchVCz9LbFHqODT924kafxc8RJ5+qU=)
                          3: 36312e35372e3232342e302f32302d3234203d3e203137373130.roa (hash: X08v+g23C1Fx8BQtKNgspF5UjPkGFKh01lY2BRa8ypo=)
                          4: 3130332e3233342e38312e302f32342d3234203d3e203137373130.roa (hash: Zvu3k5iDBaX9iOQpea8Ybb+zcrWBht3qRGl2nLlRl/o=)
                          5: 3135302e3130372e36342e302f32322d3234203d3e203137373130.roa (hash: n+v5o9SBdWVqA5qvRZf6BeSCSFLkZj6roCOPAhBcFqM=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:f7:cb:ae:c0:99:a0:99:c7:da:0b:2a:09:cd:e2:71:3b:af:e3:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=857A2684D7DBC89CE784E4DF16F1A1C03D945585
        Validity
            Not Before: May 11 17:15:15 2026 GMT
            Not After : May 12 19:44:15 2026 GMT
        Subject: CN=B14AC4A5E28DC32CE40B52CCFFD8D3B67CC7C430
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:27:ff:b1:43:0e:87:bd:18:80:4f:e0:08:78:
                    05:f0:8a:ba:7d:b2:bf:7c:99:9e:95:3c:eb:bf:70:
                    be:78:66:b8:7c:e6:81:ae:d3:4b:eb:be:4b:94:92:
                    16:a6:15:a7:17:d2:93:ba:c5:84:29:7c:bd:64:4c:
                    3f:30:db:21:91:c6:74:b2:17:72:2c:f7:4b:a4:8f:
                    65:cb:a2:38:46:e8:22:78:4b:bd:9b:0a:eb:f2:8b:
                    4a:1f:68:ac:89:27:37:68:35:8a:a3:c8:69:21:c5:
                    1f:0b:b3:ca:8b:b4:7c:f7:f2:bf:52:ec:fa:65:7e:
                    15:91:b9:3e:e6:2f:ed:4c:51:e4:8d:a9:6a:ad:8c:
                    2a:2e:ba:c6:f8:a8:03:04:a2:f2:45:35:b1:87:e1:
                    d8:e7:c8:a2:b4:84:68:f7:a7:8a:5f:c6:f0:6d:20:
                    9e:29:10:21:fe:69:97:94:2b:1d:54:a1:b0:6d:f4:
                    4b:8b:84:f9:5e:71:12:e5:e8:0d:a8:46:4e:7c:88:
                    3a:c3:5f:24:a3:c8:a1:18:20:97:5e:7f:ad:be:aa:
                    eb:07:28:9f:df:a3:47:de:bc:e6:aa:e9:a5:e8:ea:
                    a1:fa:7f:97:15:06:ca:b8:db:22:00:aa:0e:c8:93:
                    4d:f4:c5:56:5c:42:52:dd:34:11:ca:56:dd:77:e5:
                    88:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4A:C4:A5:E2:8D:C3:2C:E4:0B:52:CC:FF:D8:D3:B6:7C:C7:C4:30
            X509v3 Authority Key Identifier:
                keyid:85:7A:26:84:D7:DB:C8:9C:E7:84:E4:DF:16:F1:A1:C0:3D:94:55:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/PIINET/0/857A2684D7DBC89CE784E4DF16F1A1C03D945585.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/857A2684D7DBC89CE784E4DF16F1A1C03D945585.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PIINET/0/857A2684D7DBC89CE784E4DF16F1A1C03D945585.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:9a:05:e8:cd:f5:e6:07:6b:42:15:78:88:24:24:9f:bf:41:
         f9:34:dc:37:76:93:61:fb:fe:c0:d2:ef:2b:95:fe:54:6d:d4:
         3a:9d:7d:56:6c:f3:6d:98:7e:e6:93:e8:5d:6b:32:85:d1:f5:
         f4:cf:f9:db:98:20:bc:60:86:c3:6b:f6:5d:28:bd:cb:5f:d4:
         69:07:17:56:39:63:d6:18:11:03:ed:17:a9:b1:fb:6e:97:46:
         70:78:68:51:c0:92:68:b4:a4:75:ec:24:07:c7:44:50:bb:3a:
         7f:2f:84:f7:1d:19:f1:ca:8a:84:5b:79:f9:7b:56:83:e0:ef:
         e0:9f:b9:99:7f:4b:da:4e:b3:9f:88:57:97:55:41:3a:17:25:
         47:d2:df:fb:b9:23:f1:f9:d3:c5:5c:25:1d:24:2f:8d:c1:1a:
         ae:fb:a1:ce:b3:c2:56:f0:d0:c0:6c:79:86:7b:b7:d8:61:f8:
         df:11:05:55:f9:1b:32:dd:4d:5d:ea:50:e5:c9:da:ad:72:ac:
         80:eb:55:bf:30:09:d6:4e:3b:77:b9:22:a1:1c:79:e6:6e:1c:
         b7:09:ab:d4:c9:64:b6:cc:19:85:3c:be:d0:0e:67:be:93:3d:
         65:69:94:f2:c5:da:c0:55:c2:7e:70:a5:9c:6a:76:99:f9:b0:
         ee:77:fe:62
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUVffLrsCZoJnH2gsqCc3icTuv49AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU3QTI2ODREN0RCQzg5Q0U3ODRFNERGMTZGMUExQzAz
RDk0NTU4NTAeFw0yNjA1MTExNzE1MTVaFw0yNjA1MTIxOTQ0MTVaMDMxMTAvBgNV
BAMTKEIxNEFDNEE1RTI4REMzMkNFNDBCNTJDQ0ZGRDhEM0I2N0NDN0M0MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3J/+xQw6HvRiAT+AIeAXwirp9
sr98mZ6VPOu/cL54Zrh85oGu00vrvkuUkhamFacX0pO6xYQpfL1kTD8w2yGRxnSy
F3Is90ukj2XLojhG6CJ4S72bCuvyi0ofaKyJJzdoNYqjyGkhxR8Ls8qLtHz38r9S
7PplfhWRuT7mL+1MUeSNqWqtjCouusb4qAMEovJFNbGH4djnyKK0hGj3p4pfxvBt
IJ4pECH+aZeUKx1UobBt9EuLhPlecRLl6A2oRk58iDrDXySjyKEYIJdef62+qusH
KJ/fo0fevOaq6aXo6qH6f5cVBsq42yIAqg7Ik030xVZcQlLdNBHKVt135YhJAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUsUrEpeKNwyzkC1LM/9jTtnzHxDAwHwYDVR0j
BBgwFoAUhXomhNfbyJznhOTfFvGhwD2UVYUwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud
HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUElJTkVU
LzAvODU3QTI2ODREN0RCQzg5Q0U3ODRFNERGMTZGMUExQzAzRDk0NTU4NS5jcmww
bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p
Yy50dy9ycGtpL1RXTklDQ0EvMS84NTdBMjY4NEQ3REJDODlDRTc4NEU0REYxNkYx
QTFDMDNEOTQ1NTg1LmNlcjBuBggrBgEFBQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJz
eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUElJTkVULzAvODU3QTI2ODREN0RC
Qzg5Q0U3ODRFNERGMTZGMUExQzAzRDk0NTU4NS5tZnQwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUG
CCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAKmaBejN9eYH
a0IVeIgkJJ+/Qfk03Dd2k2H7/sDS7yuV/lRt1DqdfVZs822YfuaT6F1rMoXR9fTP
+duYILxghsNr9l0ovctf1GkHF1Y5Y9YYEQPtF6mx+26XRnB4aFHAkmi0pHXsJAfH
RFC7On8vhPcdGfHKioRbefl7VoPg7+CfuZl/S9pOs5+IV5dVQToXJUfS3/u5I/H5
08VcJR0kL43BGq77oc6zwlbw0MBseYZ7t9hh+N8RBVX5GzLdTV3qUOXJ2q1yrIDr
Vb8wCdZOO3e5IqEceeZuHLcJq9TJZLbMGYU8vtAOZ76TPWVplPLF2sBVwn5wpZxq
dpn5sO53/mI=
-----END CERTIFICATE-----