$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/8099DFC0CFC83C5DDFD90CA5EA314CC9A8677F2D.cer File: 8099DFC0CFC83C5DDFD90CA5EA314CC9A8677F2D.cer (raw, json) Hash identifier: MwJgv+KVvj7cNZwnDk+bVOIPt8tPvMmaKSvufiBYSMc= Subject key identifier: 80:99:DF:C0:CF:C8:3C:5D:DF:D9:0C:A5:EA:31:4C:C9:A8:67:7F:2D Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 549C06B2888619F2A308C83256890DE4E36AA1ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/CHINATRUST/0/8099DFC0CFC83C5DDFD90CA5EA314CC9A8677F2D.mft caRepository: rsync://rpkica.twnic.tw/rpki/CHINATRUST/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:44:02 +0000 Certificate not after: Mon 10 May 2027 15:49:02 +0000 Subordinate resources: AS: 131143 IP: 103.126.164.0/22 IP: 175.184.240.0/21 IP: 2405:3300::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:9c:06:b2:88:86:19:f2:a3:08:c8:32:56:89:0d:e4:e3:6a:a1:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:44:02 2026 GMT Not After : May 10 15:49:02 2027 GMT Subject: CN=8099DFC0CFC83C5DDFD90CA5EA314CC9A8677F2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e8:ca:96:25:42:63:b0:86:54:ce:29:85:d0: d5:e6:7a:17:8e:12:ec:87:00:6b:0d:fb:1b:21:5d: d2:12:eb:f2:4b:bf:af:8e:b3:db:14:dd:42:ed:54: ac:44:a1:33:cb:1b:d9:e2:1d:06:a8:fd:93:5c:b8: 1b:d8:28:f9:f9:83:af:03:12:e9:dd:3e:a5:b6:23: 27:a8:98:71:76:66:0f:8d:f6:0c:2a:21:97:84:31: a9:29:67:1f:82:3e:a1:17:58:69:09:38:dd:8c:32: da:aa:fe:36:b7:da:a9:63:8a:c1:b8:de:92:cf:4a: 41:55:91:61:eb:fd:56:a4:f4:9f:0d:ea:99:9b:ad: da:d8:56:72:fe:b0:27:e1:3a:60:af:95:42:8a:8a: e7:f9:ec:73:2e:56:3e:94:c9:96:ff:15:91:9a:1f: b6:4d:b5:3c:fc:6c:5c:76:02:b5:0b:3c:54:f4:e7: d8:63:60:e6:ca:31:d5:7a:ac:37:8f:bd:e3:7f:2b: 90:fa:ae:d3:d2:57:70:da:33:72:49:40:ba:1c:41: 14:03:fa:86:ec:08:ac:25:1c:f3:5e:3e:d5:db:1b: c4:30:30:c4:b4:ed:e1:d1:88:cb:e4:c7:66:05:35: 54:a9:0b:89:39:a8:be:42:aa:8a:86:8c:7c:e4:c2: 5f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 80:99:DF:C0:CF:C8:3C:5D:DF:D9:0C:A5:EA:31:4C:C9:A8:67:7F:2D X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/CHINATRUST/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/CHINATRUST/0/8099DFC0CFC83C5DDFD90CA5EA314CC9A8677F2D.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.126.164.0/22 175.184.240.0/21 IPv6: 2405:3300::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 131143 Signature Algorithm: sha256WithRSAEncryption 61:71:96:ee:56:18:fa:5b:66:6f:b1:3e:14:3d:f7:8b:80:78: 8e:bc:78:b3:e4:6c:f4:84:54:68:e7:27:a0:88:69:7f:73:1c: 26:73:e0:58:47:ab:c3:27:39:b0:9b:25:f6:41:45:9e:2b:d0: 68:75:15:c7:81:63:24:f2:07:de:57:8f:18:80:71:f5:a0:f9: 52:7b:e1:42:d9:4a:4d:8e:ee:26:d1:52:82:a5:70:90:23:75: eb:63:3c:60:78:0a:ea:59:1f:92:5e:00:42:75:64:af:0c:84: cc:41:7d:31:bc:8f:17:9f:c6:95:ae:14:44:2f:72:e7:b1:c3: da:11:62:53:0e:93:38:ac:bc:96:52:ca:38:a4:cc:bc:80:4b: 84:45:eb:6c:54:e7:e3:cd:65:eb:3b:4c:ee:8b:21:13:e4:0c: 30:2a:64:40:e4:d1:06:17:8a:f2:04:10:70:f3:ad:d3:ed:21: 11:c0:00:d6:b4:41:13:bb:eb:b4:87:4b:cb:16:d2:1e:95:c8: 2b:22:3b:28:ec:03:09:bb:5e:fe:1c:19:fc:68:dd:20:c3:75: eb:da:d4:9c:80:7c:b8:cd:3d:43:51:a1:31:50:1b:52:e5:83: bd:f2:21:cc:6e:0f:e3:89:be:65:15:75:c7:59:b3:3f:d2:10: 9b:5f:7b:8f -----BEGIN CERTIFICATE----- MIIFrDCCBJSgAwIBAgIUVJwGsoiGGfKjCMgyVokN5ONqoe0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDQwMloX DTI3MDUxMDE1NDkwMlowMzExMC8GA1UEAxMoODA5OURGQzBDRkM4M0M1RERGRDkw Q0E1RUEzMTRDQzlBODY3N0YyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALnoypYlQmOwhlTOKYXQ1eZ6F44S7IcAaw37GyFd0hLr8ku/r46z2xTdQu1U rEShM8sb2eIdBqj9k1y4G9go+fmDrwMS6d0+pbYjJ6iYcXZmD432DCohl4QxqSln H4I+oRdYaQk43Ywy2qr+NrfaqWOKwbjeks9KQVWRYev9VqT0nw3qmZut2thWcv6w J+E6YK+VQoqK5/nscy5WPpTJlv8VkZoftk21PPxsXHYCtQs8VPTn2GNg5sox1Xqs N4+9438rkPqu09JXcNozcklAuhxBFAP6huwIrCUc814+1dsbxDAwxLTt4dGIy+TH ZgU1VKkLiTmovkKqioaMfOTCX1MCAwEAAaOCAp8wggKbMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFICZ38DPyDxd39kMpeoxTMmoZ38tMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHlBggrBgEFBQcBCwSB2DCB1TA2Bggr BgEFBQcwBYYqcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElOQVRSVVNU LzAvMGIGCCsGAQUFBzAKhlZyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL0NI SU5BVFJVU1QvMC84MDk5REZDMENGQzgzQzVEREZEOTBDQTVFQTMxNENDOUE4Njc3 RjJELm1mdDA3BggrBgEFBQcwDYYraHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv bm90aWZpY2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsG AQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ36kAwQDr7jwMA0EAgACMAcDBQAkBTMA MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIARzANBgkqhkiG9w0BAQsFAAOCAQEA YXGW7lYY+ltmb7E+FD33i4B4jrx4s+Rs9IRUaOcnoIhpf3McJnPgWEerwyc5sJsl 9kFFnivQaHUVx4FjJPIH3lePGIBx9aD5UnvhQtlKTY7uJtFSgqVwkCN162M8YHgK 6lkfkl4AQnVkrwyEzEF9MbyPF5/Gla4URC9y57HD2hFiUw6TOKy8llLKOKTMvIBL hEXrbFTn481l6ztM7oshE+QMMCpkQOTRBheK8gQQcPOt0+0hEcAA1rRBE7vrtIdL yxbSHpXIKyI7KOwDCbte/hwZ/GjdIMN169rUnIB8uM09Q1GhMVAbUuWDvfIhzG4P 44m+ZRV1x1mzP9IQm197jw== -----END CERTIFICATE-----Generated at Tue May 12 22:04:13 2026 by rpki-client