$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/C4FE0149FC774090A5B6304E8968380A1F1B0426.cer File: C4FE0149FC774090A5B6304E8968380A1F1B0426.cer (raw, json) Hash identifier: Xe1v72cCvV+rigStnqwBjOXrKpjG7po3FeK4p0rFM2w= Subject key identifier: C4:FE:01:49:FC:77:40:90:A5:B6:30:4E:89:68:38:0A:1F:1B:04:26 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 1AA0891E0730AD2837BD9AA7A898267FC557BACD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/MERCYCAT/0/C4FE0149FC774090A5B6304E8968380A1F1B0426.mft caRepository: rsync://rpkica.twnic.tw/rpki/MERCYCAT/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:48:24 +0000 Certificate not after: Mon 10 May 2027 15:53:24 +0000 Subordinate resources: AS: 18428 IP: 103.172.126.0/23 IP: 2407:d240::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a0:89:1e:07:30:ad:28:37:bd:9a:a7:a8:98:26:7f:c5:57:ba:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:48:24 2026 GMT Not After : May 10 15:53:24 2027 GMT Subject: CN=C4FE0149FC774090A5B6304E8968380A1F1B0426 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e0:2c:58:89:bf:79:63:2a:34:df:57:8e:63: 76:22:c6:ef:f5:bc:a3:8c:ce:30:cd:83:13:19:ea: 11:17:67:38:c8:22:f4:b2:75:2a:30:68:b2:e2:42: 53:ea:a9:cc:20:86:55:4e:74:b3:5a:ef:28:40:7d: 6a:76:32:91:ea:49:ca:86:a5:26:94:c5:c9:ef:e6: 1f:43:33:62:76:cd:17:68:8e:af:39:98:5b:4f:e2: e3:fb:3f:9d:da:80:d6:24:79:40:e1:82:fa:8e:96: a0:19:69:44:38:26:ed:cc:55:2f:57:4e:00:0c:60: c3:52:e2:91:c2:2d:5b:50:4b:6e:ce:47:70:66:13: b4:3e:d6:68:6f:2a:b2:ca:24:c7:aa:09:78:2f:30: bb:d8:dc:2f:de:84:78:f0:86:ea:47:05:d3:90:e8: a0:b1:fa:de:ec:e1:b3:33:f3:e4:f1:f7:7e:44:97: 15:c5:d4:b9:ca:76:53:35:1c:aa:36:e9:bd:e4:9d: 12:5d:6b:59:d4:f0:57:4a:32:49:08:64:0f:a4:c1: 7e:9a:c1:67:de:71:7b:f1:88:dc:5e:6f:a2:80:56: 50:62:99:95:70:9a:c2:4c:1b:e9:b6:a5:c8:2a:80: e9:c4:34:c2:02:38:8d:0c:4e:80:b0:72:4d:d0:ba: 5d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C4:FE:01:49:FC:77:40:90:A5:B6:30:4E:89:68:38:0A:1F:1B:04:26 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/MERCYCAT/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/MERCYCAT/0/C4FE0149FC774090A5B6304E8968380A1F1B0426.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.126.0/23 IPv6: 2407:d240::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 18428 Signature Algorithm: sha256WithRSAEncryption 7a:95:58:38:62:c5:77:1d:ba:44:33:ad:20:9d:04:d5:79:85: 64:0f:11:b4:a9:1b:30:4d:77:31:c9:33:c8:10:df:87:a4:96: 37:eb:47:b6:b7:6a:52:c1:f7:1a:5b:75:4f:75:5e:5c:e6:b1: 0a:a1:4b:4f:e0:26:bd:22:a4:e8:10:c2:7d:62:fe:57:7d:97: 54:52:d0:1c:ac:6e:98:0a:6b:d8:ea:01:21:4a:f8:f9:54:ff: 48:c7:59:1d:91:9b:3f:07:75:c8:be:09:55:d4:26:be:91:a5: 8a:4c:7f:70:93:bb:cc:f7:d8:a6:4e:bc:22:75:0e:13:0b:8c: cf:7c:01:5c:2d:a3:7f:8c:93:ed:c9:ca:66:6d:71:13:ec:83: c2:7f:32:04:32:50:f1:3a:e1:cb:39:83:64:ed:37:53:7f:8d: 5c:1b:53:c6:ee:d5:03:80:f0:cf:c5:15:f0:64:45:58:60:2f: cc:5d:98:2b:37:b9:45:56:40:de:2e:cd:e5:07:73:d4:9b:a8: d2:6e:93:ef:9c:79:88:92:13:c2:9d:ca:86:e3:43:04:05:31: b0:bf:29:b6:b9:d8:0b:44:9c:83:f9:86:d7:f3:dd:3f:d4:0f: 3c:61:f1:1b:7b:ae:8f:3a:3a:94:43:3c:70:2e:16:a3:24:38: 03:05:4b:a3 -----BEGIN CERTIFICATE----- MIIFoTCCBImgAwIBAgIUGqCJHgcwrSg3vZqnqJgmf8VXus0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDgyNFoX DTI3MDUxMDE1NTMyNFowMzExMC8GA1UEAxMoQzRGRTAxNDlGQzc3NDA5MEE1QjYz MDRFODk2ODM4MEExRjFCMDQyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALrgLFiJv3ljKjTfV45jdiLG7/W8o4zOMM2DExnqERdnOMgi9LJ1KjBosuJC U+qpzCCGVU50s1rvKEB9anYykepJyoalJpTFye/mH0MzYnbNF2iOrzmYW0/i4/s/ ndqA1iR5QOGC+o6WoBlpRDgm7cxVL1dOAAxgw1LikcItW1BLbs5HcGYTtD7WaG8q ssokx6oJeC8wu9jcL96EePCG6kcF05DooLH63uzhszPz5PH3fkSXFcXUucp2UzUc qjbpveSdEl1rWdTwV0oySQhkD6TBfprBZ95xe/GI3F5vooBWUGKZlXCawkwb6bal yCqA6cQ0wgI4jQxOgLByTdC6XU8CAwEAAaOCApQwggKQMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMT+AUn8d0CQpbYwToloOAofGwQmMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHhBggrBgEFBQcBCwSB1DCB0TA0Bggr BgEFBQcwBYYocnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9NRVJDWUNBVC8w LzBgBggrBgEFBQcwCoZUcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9NRVJD WUNBVC8wL0M0RkUwMTQ5RkM3NzQwOTBBNUI2MzA0RTg5NjgzODBBMUYxQjA0MjYu bWZ0MDcGCCsGAQUFBzANhitodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUH AQcBAf8EHzAdMAwEAgABMAYDBAFnrH4wDQQCAAIwBwMFACQH0kAwGQYIKwYBBQUH AQgBAf8ECjAIoAYwBAICR/wwDQYJKoZIhvcNAQELBQADggEBAHqVWDhixXcdukQz rSCdBNV5hWQPEbSpGzBNdzHJM8gQ34ekljfrR7a3alLB9xpbdU91XlzmsQqhS0/g Jr0ipOgQwn1i/ld9l1RS0BysbpgKa9jqASFK+PlU/0jHWR2Rmz8Hdci+CVXUJr6R pYpMf3CTu8z32KZOvCJ1DhMLjM98AVwto3+Mk+3JymZtcRPsg8J/MgQyUPE64cs5 g2TtN1N/jVwbU8bu1QOA8M/FFfBkRVhgL8xdmCs3uUVWQN4uzeUHc9SbqNJuk++c eYiSE8KdyobjQwQFMbC/Kba52AtEnIP5htfz3T/UDzxh8Rt7ro86OpRDPHAuFqMk OAMFS6M= -----END CERTIFICATE-----Generated at Wed May 13 00:54:19 2026 by rpki-client