Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/432716EE054CEBDC62FC02DDE8C62AFC5333A2A8.cer
File: 432716EE054CEBDC62FC02DDE8C62AFC5333A2A8.cer (raw, json)
Hash identifier: RksSUD9xPYqpnu6nM6WlxrmV6EA8eckSztVfTixOrus=
Subject key identifier: 43:27:16:EE:05:4C:EB:DC:62:FC:02:DD:E8:C6:2A:FC:53:33:A2:A8
Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D
Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D
Certificate serial: 4A83DF2A92CBE98418920205E8F27DF317306B20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
Manifest: rsync://rpkica.twnic.tw/rpki/NORDATW/0/432716EE054CEBDC62FC02DDE8C62AFC5333A2A8.mft
caRepository: rsync://rpkica.twnic.tw/rpki/NORDATW/0/
Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml
Certificate not before: Mon 11 May 2026 15:49:13 +0000
Certificate not after: Mon 10 May 2027 15:54:13 +0000
Subordinate resources: AS: 7538
IP: 103.138.194.0/23
IP: 211.79.98.0/23
IP: 2404:d2c0::/32
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:83:df:2a:92:cb:e9:84:18:92:02:05:e8:f2:7d:f3:17:30:6b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D
Validity
Not Before: May 11 15:49:13 2026 GMT
Not After : May 10 15:54:13 2027 GMT
Subject: CN=432716EE054CEBDC62FC02DDE8C62AFC5333A2A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:43:14:41:be:74:c6:6e:89:0c:6e:26:91:
f2:52:4e:c3:d2:20:6f:42:22:47:36:04:8f:29:db:
8d:68:0c:d9:91:63:85:ce:93:96:68:da:b6:16:70:
61:99:cd:a6:62:a5:65:b7:af:13:4f:cb:37:b7:36:
6c:72:d6:47:5b:f1:a7:0b:86:d3:dc:8c:a8:c9:95:
2a:f1:11:28:8c:58:6a:55:d8:32:16:94:ae:93:34:
5d:bb:7f:c2:98:57:f8:58:5b:df:be:9c:ac:01:b7:
13:da:a8:27:60:f9:c3:9c:2c:dc:40:b1:c1:48:5a:
0c:c2:5c:0b:21:c8:36:f6:bb:be:c1:35:01:de:e8:
3a:01:3d:49:81:54:52:53:85:f2:04:7d:1f:ba:60:
18:86:b9:92:d1:aa:04:fd:00:d2:3c:8b:7e:94:9e:
e8:d3:09:87:95:5a:de:66:35:55:ae:2a:7a:74:86:
bc:fa:03:a2:2b:17:77:0d:ac:5d:e2:9a:9a:b7:70:
9b:b2:4d:ed:02:d1:7f:b9:59:64:51:78:35:1d:c5:
1e:d8:d6:4c:fa:9c:12:5f:61:aa:b0:47:28:e7:e7:
7f:6f:9d:82:9f:4f:c2:d2:1d:44:e0:fa:ce:d3:72:
78:f9:d7:cb:ae:42:0e:a0:36:21:ef:2f:90:0c:2f:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
43:27:16:EE:05:4C:EB:DC:62:FC:02:DD:E8:C6:2A:FC:53:33:A2:A8
X509v3 Authority Key Identifier:
keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/NORDATW/0/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/NORDATW/0/432716EE054CEBDC62FC02DDE8C62AFC5333A2A8.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.138.194.0/23
211.79.98.0/23
IPv6:
2404:d2c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7538
Signature Algorithm: sha256WithRSAEncryption
01:53:bd:af:2e:5d:61:25:27:db:85:46:9b:c1:9e:db:7d:b1:
e6:8c:7e:74:21:71:32:77:14:3a:fb:02:33:45:57:85:1c:cf:
6c:19:54:e1:cd:da:bb:26:27:35:c9:84:64:7a:92:fb:fe:cf:
2b:66:62:45:ae:3f:fe:81:82:30:b9:f9:5b:b4:a4:69:ae:a0:
f8:e6:02:b0:30:ca:4e:93:f3:13:18:40:fc:16:02:6c:cf:00:
ac:bc:3f:5d:d1:e7:45:52:65:5d:0f:a0:2f:10:44:ad:20:3d:
ec:1f:5b:39:2f:9a:07:58:10:5f:9d:1b:42:f1:12:4c:e2:3b:
fd:d0:0f:f5:d1:25:d1:ff:c8:11:10:28:85:30:d5:2c:69:1d:
c7:20:60:df:70:28:8d:ca:39:10:07:ca:bc:14:78:92:07:d1:
ec:65:ea:94:3a:4a:f0:3a:ef:c7:b8:ec:cc:90:14:a0:d5:da:
71:a8:bd:cd:28:21:cf:df:be:8d:b8:3f:75:3e:b0:40:66:b7:
42:99:25:f6:c6:4e:ec:48:9b:4f:06:7d:7b:40:7b:39:02:0f:
dd:41:e2:81:3d:aa:2f:6c:6d:45:ea:0b:2f:0e:a7:2d:c5:53:
3c:70:e0:a1:12:48:06:15:fe:22:8e:49:83:e4:c0:c4:a1:7e:
43:6c:12:95
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIUSoPfKpLL6YQYkgIF6PJ98xcwayAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2
NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDkxM1oX
DTI3MDUxMDE1NTQxM1owMzExMC8GA1UEAxMoNDMyNzE2RUUwNTRDRUJEQzYyRkMw
MkRERThDNjJBRkM1MzMzQTJBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV3QxRBvnTGbokMbiaR8lJOw9Igb0IiRzYEjynbjWgM2ZFjhc6TlmjathZw
YZnNpmKlZbevE0/LN7c2bHLWR1vxpwuG09yMqMmVKvERKIxYalXYMhaUrpM0Xbt/
wphX+Fhb376crAG3E9qoJ2D5w5ws3ECxwUhaDMJcCyHINva7vsE1Ad7oOgE9SYFU
UlOF8gR9H7pgGIa5ktGqBP0A0jyLfpSe6NMJh5Va3mY1Va4qenSGvPoDoisXdw2s
XeKamrdwm7JN7QLRf7lZZFF4NR3FHtjWTPqcEl9hqrBHKOfnf2+dgp9PwtIdROD6
ztNyePnXy65CDqA2Ie8vkAwvzjsCAwEAAaOCApgwggKUMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFEMnFu4FTOvcYvwC3ejGKvxTM6KoMB8GA1UdIwQYMBaAFNpj
JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg
V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz
MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha
MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHfBggrBgEFBQcBCwSB0jCBzzAzBggr
BgEFBQcwBYYncnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9OT1JEQVRXLzAv
MF8GCCsGAQUFBzAKhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05PUkRB
VFcvMC80MzI3MTZFRTA1NENFQkRDNjJGQzAyRERFOEM2MkFGQzUzMzNBMkE4Lm1m
dDA3BggrBgEFBQcwDYYraHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZp
Y2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEH
AQH/BCUwIzASBAIAATAMAwQBZ4rCAwQB009iMA0EAgACMAcDBQAkBNLAMBkGCCsG
AQUFBwEIAQH/BAowCKAGMAQCAh1yMA0GCSqGSIb3DQEBCwUAA4IBAQABU72vLl1h
JSfbhUabwZ7bfbHmjH50IXEydxQ6+wIzRVeFHM9sGVThzdq7Jic1yYRkepL7/s8r
ZmJFrj/+gYIwuflbtKRprqD45gKwMMpOk/MTGED8FgJszwCsvD9d0edFUmVdD6Av
EEStID3sH1s5L5oHWBBfnRtC8RJM4jv90A/10SXR/8gRECiFMNUsaR3HIGDfcCiN
yjkQB8q8FHiSB9HsZeqUOkrwOu/HuOzMkBSg1dpxqL3NKCHP376NuD91PrBAZrdC
mSX2xk7sSJtPBn17QHs5Ag/dQeKBPaovbG1F6gsvDqctxVM8cOChEkgGFf4ijkmD
5MDEoX5DbBKV
-----END CERTIFICATE-----
Generated at Wed May 13 00:44:46 2026 by rpki-client