$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/A79FFFD98D67B1DCF764D6C60D9D8F77B18C80F8.cer File: A79FFFD98D67B1DCF764D6C60D9D8F77B18C80F8.cer (raw, json) Hash identifier: yPMlfCqZEA7osBwCzXHK78D6C+PasylK8yLn+WNgRw0= Subject key identifier: A7:9F:FF:D9:8D:67:B1:DC:F7:64:D6:C6:0D:9D:8F:77:B1:8C:80:F8 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 0D4FEFDFBFE03237F07081C190B85F4310DB7C96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/NETGUARD/0/A79FFFD98D67B1DCF764D6C60D9D8F77B18C80F8.mft caRepository: rsync://rpkica.twnic.tw/rpki/NETGUARD/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:49:06 +0000 Certificate not after: Mon 10 May 2027 15:54:06 +0000 Subordinate resources: AS: 131652 IP: 103.160.224.0/23 IP: 2406:f2c0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:4f:ef:df:bf:e0:32:37:f0:70:81:c1:90:b8:5f:43:10:db:7c:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:49:06 2026 GMT Not After : May 10 15:54:06 2027 GMT Subject: CN=A79FFFD98D67B1DCF764D6C60D9D8F77B18C80F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:58:ae:97:17:aa:e5:c4:0d:00:2c:d0:2d:33: f6:05:40:24:9b:5b:b9:f2:eb:1d:83:7a:e3:4c:6a: 51:c6:77:63:3e:bd:4d:7e:e7:56:52:47:b1:72:44: 85:27:de:56:cd:68:77:9a:5b:a7:5b:4b:e8:a6:d8: 61:50:3c:9f:17:a6:67:33:e4:1b:85:95:7b:08:3c: 69:cc:01:79:e2:9c:92:da:5c:11:13:12:5c:43:fa: 6e:da:0b:ab:31:4e:d0:84:1c:a2:7d:bc:32:1d:57: 75:0e:63:b1:df:d7:14:74:86:7f:14:03:d6:a9:a6: 1a:53:e6:9a:33:2b:2f:fc:f7:7c:04:fd:92:18:c5: e8:d4:9d:74:13:63:7d:0b:8f:97:ca:75:6f:b2:db: 5f:43:71:d2:cb:53:d4:b4:bf:f2:c0:5d:63:8d:b2: 33:9b:45:8d:35:2c:f9:58:f1:fa:d9:a0:7c:f6:01: 80:b2:90:59:cf:fb:ff:eb:1c:79:c0:45:a3:d2:4d: 18:a9:13:38:e8:5f:07:bd:44:6e:2e:2d:f9:ed:cb: 02:b6:25:09:3d:e8:95:67:d7:91:d5:22:d4:28:85: fd:37:e6:25:ab:d8:56:7a:df:06:a5:37:e6:a7:62: ee:80:4f:88:cc:d6:2f:21:53:2e:00:ac:43:6c:0a: 8c:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A7:9F:FF:D9:8D:67:B1:DC:F7:64:D6:C6:0D:9D:8F:77:B1:8C:80:F8 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/NETGUARD/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/NETGUARD/0/A79FFFD98D67B1DCF764D6C60D9D8F77B18C80F8.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.160.224.0/23 IPv6: 2406:f2c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 131652 Signature Algorithm: sha256WithRSAEncryption 86:d1:3e:32:e4:b9:24:88:20:5a:bd:7c:6b:14:9b:30:8c:42: 8b:1a:47:bf:01:30:53:61:58:e1:1c:79:61:19:d4:ea:ae:98: bc:bf:6b:35:06:db:28:eb:91:01:35:5c:3f:99:c3:4d:f8:dd: 93:44:8a:d8:57:39:4d:ee:ac:90:2d:48:8d:32:7d:00:d4:0d: d1:99:f4:d0:d6:f2:8e:66:a5:43:9b:ef:eb:2c:ce:0b:1b:0e: 57:59:f7:76:8b:ea:15:a2:35:f5:79:74:43:87:a0:c4:c5:76: 67:35:67:bd:24:bd:dd:83:57:68:ac:cc:c8:2f:b3:91:6d:f9: a1:db:aa:83:69:4b:3e:5e:7d:34:70:cb:2e:fd:92:e1:ec:04: 26:0c:81:7c:58:5f:16:1c:45:a1:ca:7a:31:45:a8:c1:10:e5: 2b:23:1c:cd:06:6c:5d:f7:84:c9:fe:17:af:43:ee:71:17:df: 0e:4b:5e:81:90:22:5b:7a:68:b2:86:87:c6:f3:c0:d0:05:05: 4e:4e:17:fe:13:a5:01:35:b8:c1:f6:ba:a3:cb:48:e2:e3:63: 30:6c:d6:f8:d4:4c:ac:f6:18:e6:24:98:3f:6f:bb:62:72:c7: e3:58:62:10:3d:9a:19:bf:6b:44:33:00:78:a2:b5:ca:42:a1: a8:d7:5d:02 -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIUDU/v37/gMjfwcIHBkLhfQxDbfJYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDkwNloX DTI3MDUxMDE1NTQwNlowMzExMC8GA1UEAxMoQTc5RkZGRDk4RDY3QjFEQ0Y3NjRE NkM2MEQ5RDhGNzdCMThDODBGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK5YrpcXquXEDQAs0C0z9gVAJJtbufLrHYN640xqUcZ3Yz69TX7nVlJHsXJE hSfeVs1od5pbp1tL6KbYYVA8nxemZzPkG4WVewg8acwBeeKcktpcERMSXEP6btoL qzFO0IQcon28Mh1XdQ5jsd/XFHSGfxQD1qmmGlPmmjMrL/z3fAT9khjF6NSddBNj fQuPl8p1b7LbX0Nx0stT1LS/8sBdY42yM5tFjTUs+Vjx+tmgfPYBgLKQWc/7/+sc ecBFo9JNGKkTOOhfB71Ebi4t+e3LArYlCT3olWfXkdUi1CiF/TfmJavYVnrfBqU3 5qdi7oBPiMzWLyFTLgCsQ2wKjCECAwEAAaOCApUwggKRMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKef/9mNZ7Hc92TWxg2dj3exjID4MB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHhBggrBgEFBQcBCwSB1DCB0TA0Bggr BgEFBQcwBYYocnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ORVRHVUFSRC8w LzBgBggrBgEFBQcwCoZUcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ORVRH VUFSRC8wL0E3OUZGRkQ5OEQ2N0IxRENGNzY0RDZDNjBEOUQ4Rjc3QjE4QzgwRjgu bWZ0MDcGCCsGAQUFBzANhitodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUH AQcBAf8EHzAdMAwEAgABMAYDBAFnoOAwDQQCAAIwBwMFACQG8sAwGgYIKwYBBQUH AQgBAf8ECzAJoAcwBQIDAgJEMA0GCSqGSIb3DQEBCwUAA4IBAQCG0T4y5LkkiCBa vXxrFJswjEKLGke/ATBTYVjhHHlhGdTqrpi8v2s1Btso65EBNVw/mcNN+N2TRIrY VzlN7qyQLUiNMn0A1A3RmfTQ1vKOZqVDm+/rLM4LGw5XWfd2i+oVojX1eXRDh6DE xXZnNWe9JL3dg1dorMzIL7ORbfmh26qDaUs+Xn00cMsu/ZLh7AQmDIF8WF8WHEWh ynoxRajBEOUrIxzNBmxd94TJ/hevQ+5xF98OS16BkCJbemiyhofG88DQBQVOThf+ E6UBNbjB9rqjy0ji42MwbNb41Eys9hjmJJg/b7ticsfjWGIQPZoZv2tEMwB4orXK QqGo110C -----END CERTIFICATE-----Generated at Tue May 12 22:47:30 2026 by rpki-client