$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer File: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer (raw, json) Hash identifier: qtNpvcjv0qYg5sw4uEM/lG0f4CUb5H+3psVH+DbCmI0= Subject key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 7EBB070813FAE535BFECE03332B8A3C4BA9461DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft caRepository: rsync://rpkica.twnic.tw/rpki/DNSNET/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:45:06 +0000 Certificate not after: Mon 10 May 2027 15:50:06 +0000 Subordinate resources: AS: 38842 IP: 103.160.226.0/23 IP: 2406:f340::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:bb:07:08:13:fa:e5:35:bf:ec:e0:33:32:b8:a3:c4:ba:94:61:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:45:06 2026 GMT Not After : May 10 15:50:06 2027 GMT Subject: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c3:86:2c:df:17:bf:89:3a:64:fd:f6:d4:40: 3a:8d:10:46:ce:75:62:1b:33:34:07:c7:00:04:00: df:19:39:88:15:35:29:60:b7:a8:96:44:e2:63:d5: f8:41:60:7b:6f:22:76:46:b8:4e:0c:49:52:8b:9a: 6f:e1:83:91:57:a5:39:dd:48:66:51:99:9c:89:ac: 7b:0a:bf:e6:18:de:5f:95:f0:49:d9:68:bf:c4:63: c8:74:23:e3:ea:6e:06:60:f0:f9:e3:1e:60:59:11: 1f:79:85:94:65:3a:cd:0d:59:61:86:50:0a:84:7b: 81:78:1f:0d:28:54:aa:d5:0c:c7:65:c3:88:09:2e: e1:32:d4:33:60:66:cd:0f:b3:1a:f2:16:90:67:a7: 58:7b:78:77:4f:7d:6b:5a:3b:c1:3a:34:cb:f1:f9: 7e:b2:81:37:c8:36:4e:b0:39:07:46:da:95:1b:10: 8d:ac:5b:4f:ee:dd:ca:aa:c1:b5:7e:78:c7:4a:f5: 93:24:d9:e9:27:30:23:14:c2:11:8b:69:93:61:f4: 81:80:c5:10:35:e0:99:48:65:5b:5d:a9:eb:46:50: 41:69:7d:4f:23:b3:c6:ee:d2:67:52:79:da:0a:a1: c5:08:33:0e:7c:33:c5:a1:3c:db:6c:45:6e:38:ca: 9a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.160.226.0/23 IPv6: 2406:f340::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 38842 Signature Algorithm: sha256WithRSAEncryption 52:a7:63:2f:a6:3f:9a:7d:1b:fe:1c:6f:e2:28:f7:e6:b4:4c: 02:c5:1b:ed:22:c0:40:50:0f:db:56:2e:4a:a2:44:91:b3:58: aa:b2:0e:95:df:e2:b9:04:bb:7d:93:ef:f1:c4:ef:81:29:79: c2:31:c5:46:8d:ff:dc:f0:98:b2:b2:f8:7d:d8:aa:41:9c:c4: b8:b7:46:15:da:bb:3b:88:75:b7:88:4b:25:46:e5:21:7b:0d: b1:58:2f:85:28:9d:3d:3f:d1:9f:96:4e:16:08:9a:7f:ce:dc: 0e:24:b4:5e:97:d4:7a:dc:27:a2:d9:1e:f3:c9:1b:24:37:60: bb:0e:b9:d6:f1:5e:bd:4f:97:1b:87:7f:a4:5b:9e:61:f4:9b: b6:21:24:65:1e:1e:1d:41:95:67:1a:7a:a5:be:b2:90:c6:35: 1d:92:6e:99:29:d4:62:f2:b5:00:a5:3d:76:e7:86:99:6b:b2: 27:47:9f:b9:6f:b7:45:a8:63:d6:ab:aa:ef:ab:06:d3:ef:9e: b0:b8:01:fd:97:d2:1c:85:d7:50:61:8c:a6:ab:1e:f1:cd:02: 11:3d:74:ab:c8:e6:94:67:20:35:da:b4:18:ad:5b:1e:05:0d: 7d:f2:3e:19:c5:c3:ec:5e:02:a2:7d:38:2f:7a:2e:a0:4e:31: 48:27:8f:0f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfrsHCBP65TW/7OAzMrijxLqUYdwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDUwNloX DTI3MDUxMDE1NTAwNlowMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVD RTIwRkMyN0U4RDdGNzJCRDVDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfDhizfF7+JOmT99tRAOo0QRs51YhszNAfHAAQA3xk5iBU1KWC3qJZE4mPV +EFge28idka4TgxJUouab+GDkVelOd1IZlGZnImsewq/5hjeX5XwSdlov8RjyHQj 4+puBmDw+eMeYFkRH3mFlGU6zQ1ZYYZQCoR7gXgfDShUqtUMx2XDiAku4TLUM2Bm zQ+zGvIWkGenWHt4d099a1o7wTo0y/H5frKBN8g2TrA5B0balRsQjaxbT+7dyqrB tX54x0r1kyTZ6ScwIxTCEYtpk2H0gYDFEDXgmUhlW12p60ZQQWl9TyOzxu7SZ1J5 2gqhxQgzDnwzxaE822xFbjjKmmMCAwEAAaOCApEwggKNMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJ0AfTc/OBzKWW7OIPwn6Nf3K9XCMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHdBggrBgEFBQcBCwSB0DCBzTAyBggr BgEFBQcwBYYmcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ETlNORVQvMC8w XgYIKwYBBQUHMAqGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5tZnQw NwYIKwYBBQUHMA2GK2h0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmaWNh dGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB /wQfMB0wDAQCAAEwBgMEAWeg4jANBAIAAjAHAwUAJAbzQDAaBggrBgEFBQcBCAEB /wQLMAmgBzAFAgMAl7owDQYJKoZIhvcNAQELBQADggEBAFKnYy+mP5p9G/4cb+Io 9+a0TALFG+0iwEBQD9tWLkqiRJGzWKqyDpXf4rkEu32T7/HE74EpecIxxUaN/9zw mLKy+H3YqkGcxLi3RhXauzuIdbeISyVG5SF7DbFYL4UonT0/0Z+WThYImn/O3A4k tF6X1HrcJ6LZHvPJGyQ3YLsOudbxXr1PlxuHf6RbnmH0m7YhJGUeHh1BlWcaeqW+ spDGNR2Sbpkp1GLytQClPXbnhplrsidHn7lvt0WoY9arqu+rBtPvnrC4Af2X0hyF 11BhjKarHvHNAhE9dKvI5pRnIDXatBitWx4FDX3yPhnFw+xeAqJ9OC96LqBOMUgn jw8= -----END CERTIFICATE-----Generated at Tue May 12 22:02:41 2026 by rpki-client