$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/BBDAB4FF025C8E486AD2FFB69F3309CDE5488C33.cer File: BBDAB4FF025C8E486AD2FFB69F3309CDE5488C33.cer (raw, json) Hash identifier: s27l8/P9PgQi+iFrt0hvTXmhbdjFcx697Q60GyXTNDk= Subject key identifier: BB:DA:B4:FF:02:5C:8E:48:6A:D2:FF:B6:9F:33:09:CD:E5:48:8C:33 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 74F11511CAA9FBBBAEDEDA7EC8F1D1373F0FFF07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/TLGCAPITAL/0/BBDAB4FF025C8E486AD2FFB69F3309CDE5488C33.mft caRepository: rsync://rpkica.twnic.tw/rpki/TLGCAPITAL/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:57:54 +0000 Certificate not after: Mon 10 May 2027 16:02:54 +0000 Subordinate resources: IP: 103.127.148.0/22 IP: 2404:22c0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:f1:15:11:ca:a9:fb:bb:ae:de:da:7e:c8:f1:d1:37:3f:0f:ff:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:57:54 2026 GMT Not After : May 10 16:02:54 2027 GMT Subject: CN=BBDAB4FF025C8E486AD2FFB69F3309CDE5488C33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ef:76:f2:af:47:25:aa:68:af:4a:d7:93:4b: 6b:df:62:6f:b4:69:f2:5f:01:dc:d0:49:1b:c3:eb: dc:99:94:94:44:d9:32:fb:dd:50:30:56:1c:53:d2: aa:39:33:9c:bd:b8:30:72:16:44:c0:00:75:b4:90: 17:59:fa:22:71:86:07:98:b3:16:7e:f9:a9:c2:e2: 80:cb:ee:ad:83:fc:d1:71:5e:5e:bb:a3:47:90:59: 97:a1:a5:76:ed:8f:97:80:d2:42:70:d9:5d:9f:a4: 66:2d:46:a3:76:76:c6:04:fd:01:9f:2a:9c:04:45: 7f:9a:e8:b0:82:75:6e:db:49:de:79:6a:6f:1b:04: 87:c7:02:96:25:f8:0c:10:b1:da:ed:a6:a4:c6:20: b2:6e:dd:37:ee:af:3b:4a:01:af:f9:57:c3:b4:32: 21:73:2d:1d:49:76:9e:a0:4c:c2:fd:dc:45:d8:11: af:53:67:aa:0c:a9:4a:a5:26:10:df:c7:4e:0a:3a: c0:e7:f6:4d:4a:44:1d:e0:04:80:ca:80:24:57:5c: 75:c4:59:b0:a1:0d:5d:d9:01:c7:3e:9a:1b:93:4c: 05:97:ca:bc:2c:a5:6f:ad:3e:06:43:02:9c:8f:54: 0e:67:53:24:c3:57:c2:be:99:ec:df:6e:0e:92:2c: 5e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BB:DA:B4:FF:02:5C:8E:48:6A:D2:FF:B6:9F:33:09:CD:E5:48:8C:33 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TLGCAPITAL/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TLGCAPITAL/0/BBDAB4FF025C8E486AD2FFB69F3309CDE5488C33.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.127.148.0/22 IPv6: 2404:22c0::/32 Signature Algorithm: sha256WithRSAEncryption 5d:0d:29:bb:e9:db:40:10:6c:4a:2f:a5:d6:0a:2c:49:80:63: 7e:fe:89:22:d9:9d:a5:32:d0:a5:01:4f:18:1c:b8:bf:d6:af: 96:0c:35:2e:15:8d:0a:16:23:f1:c1:46:e7:0d:23:61:79:44: e4:04:bd:f9:2f:86:bf:3b:c2:1d:04:0d:99:a2:11:13:ca:c5: c0:a2:4e:01:94:be:8c:df:d1:c6:1a:eb:ca:d7:84:ae:88:a2: 08:0f:42:df:da:85:72:7c:ac:48:c4:af:0a:87:a3:f8:7c:9e: ae:90:ed:58:74:ad:c8:3e:8c:db:a4:cc:34:aa:86:8f:52:6e: b2:30:f5:23:79:a4:44:0b:08:a7:cd:14:e2:b5:5a:00:23:e7: 6b:0d:c7:b1:fd:9e:3c:1c:3c:ca:f5:b3:79:58:2b:41:ce:94: 83:f9:aa:53:f0:08:88:37:36:c0:d3:e8:35:13:95:bb:64:0f: 23:9f:49:a8:d0:d1:5a:7c:80:71:6f:15:94:44:9d:0e:34:e9: 07:8b:5f:b0:c8:36:eb:d3:bc:6d:a5:f2:17:1b:4f:10:59:b1: c8:62:fb:43:04:9f:f0:92:6d:07:23:fa:97:7d:5a:63:37:f4: 3a:c7:83:1b:f3:89:75:ba:d0:5d:ec:16:f9:e9:af:9a:2b:2b: 72:3d:82:b7 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgIUdPEVEcqp+7uu3tp+yPHRNz8P/wcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NTc1NFoX DTI3MDUxMDE2MDI1NFowMzExMC8GA1UEAxMoQkJEQUI0RkYwMjVDOEU0ODZBRDJG RkI2OUYzMzA5Q0RFNTQ4OEMzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHvdvKvRyWqaK9K15NLa99ib7Rp8l8B3NBJG8Pr3JmUlETZMvvdUDBWHFPS qjkznL24MHIWRMAAdbSQF1n6InGGB5izFn75qcLigMvurYP80XFeXrujR5BZl6Gl du2Pl4DSQnDZXZ+kZi1Go3Z2xgT9AZ8qnARFf5rosIJ1bttJ3nlqbxsEh8cCliX4 DBCx2u2mpMYgsm7dN+6vO0oBr/lXw7QyIXMtHUl2nqBMwv3cRdgRr1NnqgypSqUm EN/HTgo6wOf2TUpEHeAEgMqAJFdcdcRZsKENXdkBxz6aG5NMBZfKvCylb60+BkMC nI9UDmdTJMNXwr6Z7N9uDpIsXrsCAwEAAaOCAn0wggJ5MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLvatP8CXI5IatL/tp8zCc3lSIwzMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHlBggrBgEFBQcBCwSB2DCB1TA2Bggr BgEFBQcwBYYqcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UTEdDQVBJVEFM LzAvMGIGCCsGAQUFBzAKhlZyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RM R0NBUElUQUwvMC9CQkRBQjRGRjAyNUM4RTQ4NkFEMkZGQjY5RjMzMDlDREU1NDg4 QzMzLm1mdDA3BggrBgEFBQcwDYYraHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv bm90aWZpY2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsG AQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ3+UMA0EAgACMAcDBQAkBCLAMA0GCSqG SIb3DQEBCwUAA4IBAQBdDSm76dtAEGxKL6XWCixJgGN+/oki2Z2lMtClAU8YHLi/ 1q+WDDUuFY0KFiPxwUbnDSNheUTkBL35L4a/O8IdBA2ZohETysXAok4BlL6M39HG GuvK14SuiKIID0Lf2oVyfKxIxK8Kh6P4fJ6ukO1YdK3IPozbpMw0qoaPUm6yMPUj eaRECwinzRTitVoAI+drDcex/Z48HDzK9bN5WCtBzpSD+apT8AiINzbA0+g1E5W7 ZA8jn0mo0NFafIBxbxWURJ0ONOkHi1+wyDbr07xtpfIXG08QWbHIYvtDBJ/wkm0H I/qXfVpjN/Q6x4Mb84l1utBd7Bb56a+aKytyPYK3 -----END CERTIFICATE-----Generated at Tue May 12 22:49:50 2026 by rpki-client