$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/31887F0E8D17EEB4DFC7344CE4885F6BDA5AEB68.cer File: 31887F0E8D17EEB4DFC7344CE4885F6BDA5AEB68.cer (raw, json) Hash identifier: DS4E2ctok7/DH4HL3ut5/scnjqyH+/JLuf498/8A3ns= Subject key identifier: 31:88:7F:0E:8D:17:EE:B4:DF:C7:34:4C:E4:88:5F:6B:DA:5A:EB:68 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 14C094F420339D7FC8A04201842287B93BB6E060 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/NIMBUSCOM/0/31887F0E8D17EEB4DFC7344CE4885F6BDA5AEB68.mft caRepository: rsync://rpkica.twnic.tw/rpki/NIMBUSCOM/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:49:09 +0000 Certificate not after: Mon 10 May 2027 15:54:09 +0000 Subordinate resources: IP: 103.159.88.0/23 IP: 202.148.212.0/23 IP: 211.79.108.0/23 IP: 2406:ce40::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:c0:94:f4:20:33:9d:7f:c8:a0:42:01:84:22:87:b9:3b:b6:e0:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:49:09 2026 GMT Not After : May 10 15:54:09 2027 GMT Subject: CN=31887F0E8D17EEB4DFC7344CE4885F6BDA5AEB68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:0e:65:30:f9:0b:23:fc:b1:6d:f3:5f:0f:2a: f5:3f:0d:b5:de:2c:58:27:65:de:a9:80:0f:e1:3a: 4d:d2:78:98:c8:91:46:37:f6:34:33:30:70:60:02: 9d:a7:19:68:d3:6b:9b:fe:da:b6:59:aa:36:67:7c: 27:e2:ea:f0:8b:d1:7d:70:85:16:99:81:27:10:7c: bc:1c:92:bd:04:14:d0:a9:e2:50:83:d4:ca:ad:bf: ef:02:7f:c9:34:d9:87:e1:5d:73:5b:b3:8a:22:cf: ba:86:a0:b3:56:a6:cc:0c:13:e9:e7:89:11:95:99: b9:9a:f0:b3:9b:9e:74:67:c0:c6:28:4e:bc:c6:a4: 0e:41:53:c4:18:7b:d3:42:46:cd:4c:c5:cc:30:62: c7:df:1a:e1:e4:13:b7:29:80:db:ab:f3:5f:19:8f: dd:8b:92:c7:7c:ce:c9:cb:e6:7c:38:c6:f4:d7:13: 9d:28:2c:90:30:b1:be:2b:8a:8b:8f:db:47:6c:88: 63:c7:3b:c7:13:7d:ed:03:66:c9:ab:f0:59:10:b7: f7:d8:71:1f:c8:78:d6:dc:72:11:08:73:c9:fb:b6: 23:e7:0e:fc:3c:64:83:97:2c:b5:3a:01:99:d8:3f: dd:6b:20:37:10:a1:e5:fb:eb:43:4f:f4:f6:be:a0: 31:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 31:88:7F:0E:8D:17:EE:B4:DF:C7:34:4C:E4:88:5F:6B:DA:5A:EB:68 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/NIMBUSCOM/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/NIMBUSCOM/0/31887F0E8D17EEB4DFC7344CE4885F6BDA5AEB68.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.159.88.0/23 202.148.212.0/23 211.79.108.0/23 IPv6: 2406:ce40::/32 Signature Algorithm: sha256WithRSAEncryption 49:4c:a9:30:54:d4:84:d0:f5:a1:51:4f:3b:f4:7a:ec:37:ce: d4:66:65:a7:39:f8:10:ff:d5:9a:e0:36:99:16:b6:b9:e9:e5: af:b4:8a:7f:62:c2:fe:76:71:7e:28:ca:bd:8d:c8:00:45:84: cd:cd:0d:12:dc:52:95:8c:26:8f:46:b4:4c:1d:de:0b:77:5a: fb:10:56:f9:36:2d:3c:8a:9a:8e:d6:38:44:cb:5b:5c:96:c6: af:d2:4b:7b:76:ce:78:6b:7f:81:c0:07:be:74:dd:5c:e8:c9: 66:fe:f8:5f:70:d2:18:7f:18:47:bc:bb:8e:21:35:da:da:b5: d5:a0:07:ac:f9:17:80:8c:dd:95:89:24:25:0a:ac:c7:ae:fe: b3:e3:df:b0:7c:64:da:88:c4:84:8f:d5:e9:a8:ab:18:2c:e4: d8:c9:21:3e:e4:2f:d6:0b:c2:42:26:55:af:85:ad:b9:f1:15: 02:c6:fb:66:b3:54:98:25:53:49:fc:17:46:c8:fb:4f:d7:12: 31:eb:58:1b:b2:33:fd:15:cc:74:93:1c:9b:0c:10:28:e4:75: ee:c3:61:6c:0a:83:77:30:c9:76:95:8c:78:3c:15:4c:57:ca: 1c:fd:88:90:b6:62:04:f4:7c:c9:7f:39:7b:9e:83:78:e8:a1: 7d:9f:5b:63 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgIUFMCU9CAznX/IoEIBhCKHuTu24GAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDkwOVoX DTI3MDUxMDE1NTQwOVowMzExMC8GA1UEAxMoMzE4ODdGMEU4RDE3RUVCNERGQzcz NDRDRTQ4ODVGNkJEQTVBRUI2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALMOZTD5CyP8sW3zXw8q9T8Ntd4sWCdl3qmAD+E6TdJ4mMiRRjf2NDMwcGAC nacZaNNrm/7atlmqNmd8J+Lq8IvRfXCFFpmBJxB8vBySvQQU0KniUIPUyq2/7wJ/ yTTZh+Fdc1uziiLPuoags1amzAwT6eeJEZWZuZrws5uedGfAxihOvMakDkFTxBh7 00JGzUzFzDBix98a4eQTtymA26vzXxmP3YuSx3zOycvmfDjG9NcTnSgskDCxviuK i4/bR2yIY8c7xxN97QNmyavwWRC399hxH8h41txyEQhzyfu2I+cO/Dxkg5cstToB mdg/3WsgNxCh5fvrQ0/09r6gMfECAwEAAaOCAocwggKDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDGIfw6NF+6038c0TOSIX2vaWutoMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHjBggrBgEFBQcBCwSB1jCB0zA1Bggr BgEFBQcwBYYpcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9OSU1CVVNDT00v MC8wYQYIKwYBBQUHMAqGVXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTklN QlVTQ09NLzAvMzE4ODdGMEU4RDE3RUVCNERGQzczNDRDRTQ4ODVGNkJEQTVBRUI2 OC5tZnQwNwYIKwYBBQUHMA2GK2h0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25v dGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEF BQcBBwEB/wQrMCkwGAQCAAEwEgMEAWefWAMEAcqU1AMEAdNPbDANBAIAAjAHAwUA JAbOQDANBgkqhkiG9w0BAQsFAAOCAQEASUypMFTUhND1oVFPO/R67DfO1GZlpzn4 EP/VmuA2mRa2uenlr7SKf2LC/nZxfijKvY3IAEWEzc0NEtxSlYwmj0a0TB3eC3da +xBW+TYtPIqajtY4RMtbXJbGr9JLe3bOeGt/gcAHvnTdXOjJZv74X3DSGH8YR7y7 jiE12tq11aAHrPkXgIzdlYkkJQqsx67+s+PfsHxk2ojEhI/V6airGCzk2MkhPuQv 1gvCQiZVr4WtufEVAsb7ZrNUmCVTSfwXRsj7T9cSMetYG7Iz/RXMdJMcmwwQKOR1 7sNhbAqDdzDJdpWMeDwVTFfKHP2IkLZiBPR8yX85e56DeOihfZ9bYw== -----END CERTIFICATE-----Generated at Tue May 12 22:02:32 2026 by rpki-client