$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/AFC11A824D9923BE9217B7DD2ED6CEC996DBFFF9.cer File: AFC11A824D9923BE9217B7DD2ED6CEC996DBFFF9.cer (raw, json) Hash identifier: zVgg40mq48TseqeRDPZThTVNu2NgDWqUf6PWCm9DuD8= Subject key identifier: AF:C1:1A:82:4D:99:23:BE:92:17:B7:DD:2E:D6:CE:C9:96:DB:FF:F9 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 6E91ADE6F60CD2C9AE529C4B3D5BB222DDED0CED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/BESTINTECH/0/AFC11A824D9923BE9217B7DD2ED6CEC996DBFFF9.mft caRepository: rsync://rpkica.twnic.tw/rpki/BESTINTECH/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:43:14 +0000 Certificate not after: Mon 10 May 2027 15:48:14 +0000 Subordinate resources: IP: 103.156.116.0/23 IP: 2406:86c0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:91:ad:e6:f6:0c:d2:c9:ae:52:9c:4b:3d:5b:b2:22:dd:ed:0c:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:43:14 2026 GMT Not After : May 10 15:48:14 2027 GMT Subject: CN=AFC11A824D9923BE9217B7DD2ED6CEC996DBFFF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a7:37:89:de:87:ac:8d:2f:a5:b9:ee:75:c4: 4e:50:b4:dd:29:09:27:27:37:84:26:81:53:41:2a: a4:54:5b:59:7f:52:e4:2a:ac:df:6f:09:f3:d4:1f: 1d:01:f9:8b:d0:54:73:37:48:0a:5f:86:fe:9f:93: 77:ff:0a:db:a6:91:8e:21:06:95:2d:08:9c:6b:30: 73:06:d3:fe:dc:49:4c:be:b3:c9:2f:b5:0b:7c:67: a3:e2:d2:e6:7a:fa:ee:30:7b:b6:b7:81:2c:da:ac: e7:ce:c8:79:ed:67:79:54:cb:8e:bf:d7:f9:49:c7: 5b:f4:0f:2c:ca:bc:9b:f6:85:82:ef:c7:63:2b:fe: c8:0a:a3:64:c0:28:ff:20:44:1d:0e:e7:34:df:69: 91:39:4a:04:67:91:9f:5c:f0:14:5d:c5:50:42:fa: c1:28:19:e6:e4:5d:63:f9:16:1b:e5:5a:06:0c:a9: 7e:9e:1b:c7:f4:a7:6c:67:f8:fc:6f:ec:f7:47:5c: 0e:46:18:5c:8f:c5:56:3c:7e:f0:e2:2f:51:c9:1d: 2f:36:b5:ef:af:b9:49:72:6d:e0:13:7e:99:09:c0: cb:13:0c:28:77:3f:a2:37:fe:c5:06:d5:f0:d6:2d: 8e:be:08:24:8f:78:3c:81:0b:df:91:63:e6:4a:a6: f9:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:C1:1A:82:4D:99:23:BE:92:17:B7:DD:2E:D6:CE:C9:96:DB:FF:F9 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/BESTINTECH/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/BESTINTECH/0/AFC11A824D9923BE9217B7DD2ED6CEC996DBFFF9.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.116.0/23 IPv6: 2406:86c0::/32 Signature Algorithm: sha256WithRSAEncryption 36:c5:67:b7:f1:6b:3f:35:fb:89:9c:ae:a1:f5:2d:f0:ed:4a: 37:d3:30:02:0d:97:49:64:94:bb:76:36:21:5e:07:5e:8b:ae: a0:22:03:2d:32:69:6d:b1:10:55:31:21:e1:0a:a5:42:ba:eb: 45:59:90:d4:54:e0:ac:b2:35:ce:08:d4:76:82:8b:a5:8c:9d: 03:bf:6f:51:49:4e:ff:8f:d9:d1:d1:cd:55:12:38:e3:ce:a6: 78:96:84:7d:9c:6c:68:66:e8:0b:5f:8d:fe:4f:f9:8a:90:60: 06:5d:d4:4c:78:49:2c:aa:af:22:7a:4b:32:be:8b:86:f4:2f: ea:80:2b:aa:17:8c:0f:65:6a:f4:c3:6d:a4:e0:22:3d:8f:4c: 6e:e3:ec:48:f9:05:79:b4:c0:59:23:77:4d:56:87:ea:b0:7c: a1:51:9d:42:fb:48:5a:f1:0d:78:85:ef:ff:19:10:9d:3f:e5: 97:ea:33:cb:64:72:d9:57:78:3a:4d:97:aa:55:03:11:69:b6: 65:30:8b:7b:98:89:cb:b0:9e:82:2b:f2:a5:13:92:5d:f1:e9: 28:bb:20:5e:f7:cd:38:09:0b:48:84:5c:84:0a:4d:82:39:3e: 95:c5:35:df:b3:40:31:c3:dc:45:89:79:fa:69:a2:07:8d:39: 23:0f:51:91 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIUbpGt5vYM0smuUpxLPVuyIt3tDO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDMxNFoX DTI3MDUxMDE1NDgxNFowMzExMC8GA1UEAxMoQUZDMTFBODI0RDk5MjNCRTkyMTdC N0REMkVENkNFQzk5NkRCRkZGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANSnN4neh6yNL6W57nXETlC03SkJJyc3hCaBU0EqpFRbWX9S5Cqs328J89Qf HQH5i9BUczdICl+G/p+Td/8K26aRjiEGlS0InGswcwbT/txJTL6zyS+1C3xno+LS 5nr67jB7treBLNqs587Iee1neVTLjr/X+UnHW/QPLMq8m/aFgu/HYyv+yAqjZMAo /yBEHQ7nNN9pkTlKBGeRn1zwFF3FUEL6wSgZ5uRdY/kWG+VaBgypfp4bx/SnbGf4 /G/s90dcDkYYXI/FVjx+8OIvUckdLza176+5SXJt4BN+mQnAyxMMKHc/ojf+xQbV 8NYtjr4IJI94PIEL35Fj5kqm+c8CAwEAAaOCAn0wggJ5MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK/BGoJNmSO+khe33S7WzsmW2//5MB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHlBggrBgEFBQcBCwSB2DCB1TA2Bggr BgEFBQcwBYYqcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9CRVNUSU5URUNI LzAvMGIGCCsGAQUFBzAKhlZyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL0JF U1RJTlRFQ0gvMC9BRkMxMUE4MjREOTkyM0JFOTIxN0I3REQyRUQ2Q0VDOTk2REJG RkY5Lm1mdDA3BggrBgEFBQcwDYYraHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv bm90aWZpY2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsG AQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ5x0MA0EAgACMAcDBQAkBobAMA0GCSqG SIb3DQEBCwUAA4IBAQA2xWe38Ws/NfuJnK6h9S3w7Uo30zACDZdJZJS7djYhXgde i66gIgMtMmltsRBVMSHhCqVCuutFWZDUVOCssjXOCNR2gouljJ0Dv29RSU7/j9nR 0c1VEjjjzqZ4loR9nGxoZugLX43+T/mKkGAGXdRMeEksqq8ieksyvouG9C/qgCuq F4wPZWr0w22k4CI9j0xu4+xI+QV5tMBZI3dNVofqsHyhUZ1C+0ha8Q14he//GRCd P+WX6jPLZHLZV3g6TZeqVQMRabZlMIt7mInLsJ6CK/KlE5Jd8ekouyBe9804CQtI hFyECk2COT6VxTXfs0Axw9xFiXn6aaIHjTkjD1GR -----END CERTIFICATE-----Generated at Tue May 12 22:47:39 2026 by rpki-client