$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer File: 589DA145B1A822538BB2E68D892E6742B34F0701.cer (raw, json) Hash identifier: y8jAn4LkHLbr+iO9Z3hZA4V0BJ0mKHz/UZozbqS4zeA= Subject key identifier: 58:9D:A1:45:B1:A8:22:53:8B:B2:E6:8D:89:2E:67:42:B3:4F:07:01 Authority key identifier: C3:F2:7A:BB:A4:0D:0C:14:6E:65:99:E3:19:B2:F8:B7:96:56:A6:F3 Certificate issuer: /CN=A91BDB290000/serialNumber=C3F27ABBA40D0C146E6599E319B2F8B79656A6F3 Certificate serial: 2BD7316A707C77206E61A1E5A66F8C6A6CD4A474 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer Manifest: rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft caRepository: rsync://rpkica.twnic.tw/rpki/KKH/1/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:47:33 +0000 Certificate not after: Mon 10 May 2027 15:52:33 +0000 Subordinate resources: IP: 161.248.128.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 20:10:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:d7:31:6a:70:7c:77:20:6e:61:a1:e5:a6:6f:8c:6a:6c:d4:a4:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=C3F27ABBA40D0C146E6599E319B2F8B79656A6F3 Validity Not Before: May 11 15:47:33 2026 GMT Not After : May 10 15:52:33 2027 GMT Subject: CN=589DA145B1A822538BB2E68D892E6742B34F0701 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:27:0b:32:21:2f:66:66:73:43:ad:90:d5:d9: 03:f4:c2:5d:cb:17:09:1c:cf:bc:80:ec:c1:90:3a: 0e:b1:d0:30:4f:3d:ad:6f:06:2b:97:be:0c:49:11: 5f:bd:e9:56:4c:b2:76:b8:7a:9b:ab:16:cc:f8:bc: c1:08:a7:95:76:e6:2a:38:aa:69:a6:52:e2:48:3d: f4:ff:a6:33:d2:44:41:83:43:68:f6:7d:9a:df:37: 6a:02:5d:0e:47:cc:57:9a:64:2a:df:d4:62:50:ad: 2f:a4:82:26:8e:8b:86:1a:8f:66:0e:9e:e8:45:04: 1e:25:61:bb:b8:a0:66:37:2d:6b:8a:2e:2a:d9:2e: 35:2e:bf:7b:69:22:3a:a2:97:29:97:f2:ed:35:da: ea:05:73:d3:84:4d:d3:31:38:2d:0c:81:2a:f0:a4: 0c:22:06:62:50:2b:75:cd:48:c0:b2:02:1d:1b:39: 6f:83:82:d6:de:14:12:7b:5d:3d:89:fd:27:a6:99: b5:15:c5:a4:38:9b:ff:49:f1:8b:79:03:e9:05:00: 7d:31:2e:e0:e3:39:b3:11:3f:e8:91:57:ff:bf:0b: a5:c9:8b:31:3e:02:3c:b8:22:2f:02:b0:96:39:ee: 34:d2:9b:b1:3d:01:53:fd:02:a3:74:3d:67:a5:df: ec:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 58:9D:A1:45:B1:A8:22:53:8B:B2:E6:8D:89:2E:67:42:B3:4F:07:01 X509v3 Authority Key Identifier: keyid:C3:F2:7A:BB:A4:0D:0C:14:6E:65:99:E3:19:B2:F8:B7:96:56:A6:F3 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/KKH/1/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.128.0/23 Signature Algorithm: sha256WithRSAEncryption 0d:e0:71:e0:cd:e9:da:4c:a9:dc:29:72:9c:e2:c5:fb:13:65: 0e:5c:5c:eb:07:52:12:c8:d8:8b:70:89:68:b3:29:06:39:c2: 19:1c:b7:17:ae:18:1e:62:bc:e5:62:db:c9:de:a9:07:46:a9: 48:09:37:89:72:4a:7e:34:09:e4:cc:4d:3d:d3:e3:12:63:08: dd:43:3f:3c:6a:33:eb:67:4b:cb:d3:ee:8f:a8:f3:1b:4e:e1: a4:51:3e:5f:49:55:65:3e:ac:6e:c9:54:fc:4e:3b:76:45:fa: e8:85:d5:2f:38:94:dd:4f:ea:b6:ef:69:d7:ea:8c:b6:02:8a: f3:66:ab:91:b5:21:88:ba:b5:23:66:b2:6f:83:c0:84:9e:5f: ec:ae:16:92:75:40:b4:6c:06:f7:6c:3f:c9:b9:52:4d:d2:5f: da:ec:99:f8:9d:b7:38:65:c8:00:17:5e:68:74:45:ed:39:44: 32:cf:33:90:7f:85:74:5e:b4:a3:06:5f:0c:0a:b6:ef:07:e3: 80:90:3c:92:a8:52:e4:87:8d:c4:35:79:b3:a6:0f:a9:22:a1: 40:a7:04:7b:c7:2a:5c:b5:e1:7b:47:86:7e:53:dd:80:24:0e: f5:a7:36:e3:23:35:24:0f:96:a5:32:b0:6f:9a:e2:95:e7:42: 1c:1b:2d:33 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIUK9cxanB8dyBuYaHlpm+MamzUpHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhDM0YyN0FCQkE0 MEQwQzE0NkU2NTk5RTMxOUIyRjhCNzk2NTZBNkYzMB4XDTI2MDUxMTE1NDczM1oX DTI3MDUxMDE1NTIzM1owMzExMC8GA1UEAxMoNTg5REExNDVCMUE4MjI1MzhCQjJF NjhEODkyRTY3NDJCMzRGMDcwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK8nCzIhL2Zmc0OtkNXZA/TCXcsXCRzPvIDswZA6DrHQME89rW8GK5e+DEkR X73pVkyydrh6m6sWzPi8wQinlXbmKjiqaaZS4kg99P+mM9JEQYNDaPZ9mt83agJd DkfMV5pkKt/UYlCtL6SCJo6LhhqPZg6e6EUEHiVhu7igZjcta4ouKtkuNS6/e2ki OqKXKZfy7TXa6gVz04RN0zE4LQyBKvCkDCIGYlArdc1IwLICHRs5b4OC1t4UEntd PYn9J6aZtRXFpDib/0nxi3kD6QUAfTEu4OM5sxE/6JFX/78LpcmLMT4CPLgiLwKw ljnuNNKbsT0BU/0Co3Q9Z6Xf7LUCAwEAAaOCAmAwggJcMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFidoUWxqCJTi7LmjYkuZ0KzTwcBMB8GA1UdIwQYMBaAFMPy erukDQwUbmWZ4xmy+LeWVqbzMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMC9DM0Yy N0FCQkE0MEQwQzE0NkU2NTk5RTMxOUIyRjhCNzk2NTZBNkYzLmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi93X0o2dTZR TkRCUnVaWm5qR2JMNHQ1Wldwdk0uY2VyMIHXBggrBgEFBQcBCwSByjCBxzAvBggr BgEFBQcwBYYjcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9LS0gvMS8wWwYI KwYBBQUHMAqGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0tILzEvNTg5 REExNDVCMUE4MjI1MzhCQjJFNjhEODkyRTY3NDJCMzRGMDcwMS5tZnQwNwYIKwYB BQUHMA2GK2h0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmaWNhdGlvbi54 bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaH4gDANBgkqhkiG9w0BAQsFAAOCAQEADeBx4M3p2kyp3ClynOLF +xNlDlxc6wdSEsjYi3CJaLMpBjnCGRy3F64YHmK85WLbyd6pB0apSAk3iXJKfjQJ 5MxNPdPjEmMI3UM/PGoz62dLy9Puj6jzG07hpFE+X0lVZT6sbslU/E47dkX66IXV LziU3U/qtu9p1+qMtgKK82arkbUhiLq1I2ayb4PAhJ5f7K4WknVAtGwG92w/yblS TdJf2uyZ+J23OGXIABdeaHRF7TlEMs8zkH+FdF60owZfDAq27wfjgJA8kqhS5IeN xDV5s6YPqSKhQKcEe8cqXLXhe0eGflPdgCQO9ac24yM1JA+WpTKwb5riledCHBst Mw== -----END CERTIFICATE-----Generated at Wed May 13 08:24:16 2026 by rpki-client