$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/0/65E94C7789ADA7E5F540FDBE9582D8EA7AA46A94.cer File: 65E94C7789ADA7E5F540FDBE9582D8EA7AA46A94.cer (raw, json) Hash identifier: khzrR7nD+7X75JyJMe/ncDbgaJPNP+iBoQelWkNZJOM= Subject key identifier: 65:E9:4C:77:89:AD:A7:E5:F5:40:FD:BE:95:82:D8:EA:7A:A4:6A:94 Authority key identifier: C3:F2:7A:BB:A4:0D:0C:14:6E:65:99:E3:19:B2:F8:B7:96:56:A6:F3 Certificate issuer: /CN=A91BDB290000/serialNumber=C3F27ABBA40D0C146E6599E319B2F8B79656A6F3 Certificate serial: 5B5BE3D6627F4AA3633AE9C3F340265D472E7D14 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer Manifest: rsync://rpkica.twnic.tw/rpki/DONGFONG/1/65E94C7789ADA7E5F540FDBE9582D8EA7AA46A94.mft caRepository: rsync://rpkica.twnic.tw/rpki/DONGFONG/1/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:45:14 +0000 Certificate not after: Mon 10 May 2027 15:50:14 +0000 Subordinate resources: IP: 159.117.64.0/19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 01:16:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:5b:e3:d6:62:7f:4a:a3:63:3a:e9:c3:f3:40:26:5d:47:2e:7d:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=C3F27ABBA40D0C146E6599E319B2F8B79656A6F3 Validity Not Before: May 11 15:45:14 2026 GMT Not After : May 10 15:50:14 2027 GMT Subject: CN=65E94C7789ADA7E5F540FDBE9582D8EA7AA46A94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4e:38:8a:45:e7:3d:22:34:2b:34:c3:7b:31: 95:5d:77:95:b3:88:1d:0d:9e:4c:af:1c:5c:9f:75: 11:b4:67:be:4d:98:f3:d0:20:7a:6c:90:11:a0:c1: bd:44:02:8f:ca:9d:8a:d0:89:c6:72:d4:76:d2:b3: a7:71:29:b6:0d:2c:fe:d1:1a:cb:2f:3f:92:0d:04: 91:bd:e0:e6:f8:d0:aa:d0:78:b4:d1:96:83:23:64: a7:a5:19:56:44:e0:d5:71:be:f5:3d:45:af:b6:8e: ac:cc:cd:2e:fa:10:6a:ae:0b:32:61:7d:ad:77:06: fc:0f:13:29:ac:1e:27:62:36:f1:f0:50:9d:1f:45: 27:c3:5f:b5:36:73:15:91:5b:8e:63:41:ba:56:3d: bf:0b:a8:4b:b6:2a:7e:cb:7a:0f:52:d1:bf:69:4a: e3:9c:17:c0:f0:e2:34:33:46:b2:ed:bd:8c:25:01: ec:69:26:3c:dd:43:fe:43:9f:60:2b:ef:9e:8b:e0: 03:a3:f8:0e:06:aa:31:0e:e7:1e:fa:69:32:d6:93: b5:93:48:45:7c:c7:3e:2a:69:55:dd:61:42:37:42: 22:7c:a9:dd:a0:6b:8c:27:54:39:73:3e:a2:1c:1e: 59:1d:93:ce:5b:72:c9:32:93:3c:a1:67:23:a6:9a: 62:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 65:E9:4C:77:89:AD:A7:E5:F5:40:FD:BE:95:82:D8:EA:7A:A4:6A:94 X509v3 Authority Key Identifier: keyid:C3:F2:7A:BB:A4:0D:0C:14:6E:65:99:E3:19:B2:F8:B7:96:56:A6:F3 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/DONGFONG/1/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/DONGFONG/1/65E94C7789ADA7E5F540FDBE9582D8EA7AA46A94.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.117.64.0/19 Signature Algorithm: sha256WithRSAEncryption 3f:e2:3a:a7:ed:46:da:53:b2:8d:49:eb:39:71:10:22:c9:8d: c7:ea:64:1c:aa:30:82:2a:ed:cb:0d:ac:6c:eb:ae:f7:f3:30: ce:2b:49:02:e4:4e:b4:c1:ab:37:11:b6:8a:87:49:66:1f:5a: 79:33:61:20:f8:87:5f:f0:c7:87:79:61:42:bb:88:02:bd:b0: 47:fb:fb:7f:fd:93:8b:0f:6d:df:27:40:55:af:21:24:e4:a0: 6a:cc:14:c4:28:d0:3a:be:f9:9e:81:08:08:37:34:7c:bd:6f: d4:42:34:86:2f:21:60:2d:80:34:cb:a5:22:ee:7b:91:21:43: a3:b3:4e:3c:64:20:32:12:59:00:c4:c4:e9:10:44:be:f4:db: 9c:54:56:48:50:16:24:6f:7c:c4:2b:da:b7:aa:84:86:c9:77: 7c:7b:60:99:7d:e8:d0:3c:c5:d2:fe:0f:1f:d1:eb:a7:0b:b2: 3d:74:53:8e:69:e2:d6:cc:a0:9a:25:73:e7:b9:46:8a:0d:94: 2d:73:cf:61:0b:16:0d:04:e8:10:ff:24:dc:db:2d:aa:b9:5c: 0c:63:61:c5:fc:a8:46:ad:65:35:b4:7f:f2:11:d2:42:32:1a: 24:d9:26:30:21:4d:1d:1a:47:e6:5b:ee:f8:19:6c:89:91:87: 3d:e5:1c:bb -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgIUW1vj1mJ/SqNjOunD80AmXUcufRQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhDM0YyN0FCQkE0 MEQwQzE0NkU2NTk5RTMxOUIyRjhCNzk2NTZBNkYzMB4XDTI2MDUxMTE1NDUxNFoX DTI3MDUxMDE1NTAxNFowMzExMC8GA1UEAxMoNjVFOTRDNzc4OUFEQTdFNUY1NDBG REJFOTU4MkQ4RUE3QUE0NkE5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZOOIpF5z0iNCs0w3sxlV13lbOIHQ2eTK8cXJ91EbRnvk2Y89AgemyQEaDB vUQCj8qditCJxnLUdtKzp3Eptg0s/tEayy8/kg0Ekb3g5vjQqtB4tNGWgyNkp6UZ VkTg1XG+9T1Fr7aOrMzNLvoQaq4LMmF9rXcG/A8TKaweJ2I28fBQnR9FJ8NftTZz FZFbjmNBulY9vwuoS7Yqfst6D1LRv2lK45wXwPDiNDNGsu29jCUB7GkmPN1D/kOf YCvvnovgA6P4DgaqMQ7nHvppMtaTtZNIRXzHPippVd1hQjdCInyp3aBrjCdUOXM+ ohweWR2TzltyyTKTPKFnI6aaYmcCAwEAAaOCAmowggJmMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGXpTHeJrafl9UD9vpWC2Op6pGqUMB8GA1UdIwQYMBaAFMPy erukDQwUbmWZ4xmy+LeWVqbzMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMC9DM0Yy N0FCQkE0MEQwQzE0NkU2NTk5RTMxOUIyRjhCNzk2NTZBNkYzLmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi93X0o2dTZR TkRCUnVaWm5qR2JMNHQ1Wldwdk0uY2VyMIHhBggrBgEFBQcBCwSB1DCB0TA0Bggr BgEFBQcwBYYocnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ET05HRk9ORy8x LzBgBggrBgEFBQcwCoZUcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ET05H Rk9ORy8xLzY1RTk0Qzc3ODlBREE3RTVGNTQwRkRCRTk1ODJEOEVBN0FBNDZBOTQu bWZ0MDcGCCsGAQUFBzANhitodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH AQcBAf8EEDAOMAwEAgABMAYDBAWfdUAwDQYJKoZIhvcNAQELBQADggEBAD/iOqft RtpTso1J6zlxECLJjcfqZByqMIIq7csNrGzrrvfzMM4rSQLkTrTBqzcRtoqHSWYf WnkzYSD4h1/wx4d5YUK7iAK9sEf7+3/9k4sPbd8nQFWvISTkoGrMFMQo0Dq++Z6B CAg3NHy9b9RCNIYvIWAtgDTLpSLue5EhQ6OzTjxkIDISWQDExOkQRL7025xUVkhQ FiRvfMQr2reqhIbJd3x7YJl96NA8xdL+Dx/R66cLsj10U45p4tbMoJolc+e5RooN lC1zz2ELFg0E6BD/JNzbLaq5XAxjYcX8qEatZTW0f/IR0kIyGiTZJjAhTR0aR+Zb 7vgZbImRhz3lHLs= -----END CERTIFICATE-----Generated at Tue May 12 22:49:49 2026 by rpki-client