$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/DF17A9D7D1F0BA49C098D57487B9782B1BC65166.cer File: DF17A9D7D1F0BA49C098D57487B9782B1BC65166.cer (raw, json) Hash identifier: /0SROUMJpJ0Z0R+h/El6jRI1t0m/JZJRa3I2L5qZ7Gg= Subject key identifier: DF:17:A9:D7:D1:F0:BA:49:C0:98:D5:74:87:B9:78:2B:1B:C6:51:66 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 72695F0A39C8277FFF723608D86085FEB0B2D8AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/YUFENG/0/DF17A9D7D1F0BA49C098D57487B9782B1BC65166.mft caRepository: rsync://rpkica.twnic.tw/rpki/YUFENG/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 16:01:07 +0000 Certificate not after: Mon 10 May 2027 16:06:07 +0000 Subordinate resources: AS: 152609 IP: 223.165.0.0/23 IP: 2402:2e20::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:69:5f:0a:39:c8:27:7f:ff:72:36:08:d8:60:85:fe:b0:b2:d8:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 16:01:07 2026 GMT Not After : May 10 16:06:07 2027 GMT Subject: CN=DF17A9D7D1F0BA49C098D57487B9782B1BC65166 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:37:16:7c:a6:e5:7c:7a:1f:76:3c:5b:39:a4: 34:15:17:f2:c8:17:8f:cb:18:63:91:0a:3b:f4:53: 96:1b:fc:89:6f:6a:00:ab:7e:c7:bc:8f:d7:1c:9f: 4c:e4:65:e8:a6:40:36:ad:e8:74:5c:fa:12:ce:4f: 8e:ab:d4:b0:2a:5a:f2:bb:d6:0a:66:a7:6e:11:17: 8b:f5:67:73:cb:3d:4f:42:90:2d:a3:1d:4b:db:b9: 26:dd:98:d7:82:21:14:9a:a4:f9:a6:c3:9e:9e:ac: c4:aa:14:69:a2:6f:d4:8e:5e:47:19:4e:03:85:cd: de:d4:72:c6:4e:d1:30:1a:98:d1:99:46:2f:39:23: e1:30:0c:2a:4b:87:0d:fa:67:24:9e:df:07:eb:3b: df:4b:d1:0d:39:3a:ec:71:52:c5:7f:63:fd:58:a6: a8:7b:42:39:31:52:9d:ca:f7:b7:89:12:c4:13:ec: 0d:ca:ca:4e:59:41:4a:c0:b4:03:c0:88:0b:f6:ce: e6:33:10:ff:42:f2:53:b9:ad:9d:c6:69:a5:1e:8d: 8b:1b:58:cf:0d:51:1b:5b:24:f3:c4:6c:ab:2d:cd: 07:26:b8:30:e5:64:26:4c:79:e5:a0:c9:36:9d:36: 11:07:6d:45:9a:4e:c2:5a:b4:8d:3f:bd:be:d7:7a: c9:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DF:17:A9:D7:D1:F0:BA:49:C0:98:D5:74:87:B9:78:2B:1B:C6:51:66 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/YUFENG/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/YUFENG/0/DF17A9D7D1F0BA49C098D57487B9782B1BC65166.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.165.0.0/23 IPv6: 2402:2e20::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 152609 Signature Algorithm: sha256WithRSAEncryption 79:bf:c8:a9:e6:6c:3d:7d:5e:46:d2:d6:4d:b3:df:c5:6b:78: cd:e1:f6:8f:bf:e0:87:ee:22:da:74:0b:36:7b:7b:40:ad:df: 1d:3c:3b:85:60:e3:d8:29:59:00:6b:9b:54:c6:c7:6a:a6:7a: 93:80:b6:9d:d9:85:be:51:1f:de:39:3b:9e:16:23:27:ad:59: e3:e4:e6:a1:6a:b7:79:c3:76:06:9d:32:29:68:42:71:f4:3e: f9:31:24:6e:7a:12:6e:7c:91:81:91:75:b8:3c:d9:a3:5c:35: 7a:b9:dc:e4:d1:73:37:7e:d3:3a:3e:6c:40:17:6b:42:a1:7c: 83:dd:12:2f:7f:66:6f:25:7b:55:99:09:e9:f2:0e:82:06:7e: 10:83:ef:1e:d1:d3:96:f7:c5:b0:d4:a6:36:c9:4a:eb:09:f6: 91:c5:8f:71:4f:90:a4:85:66:2f:f1:f6:83:f3:ea:ea:a2:a5: bc:05:88:62:e5:be:07:ea:ed:f0:60:d0:0a:1c:a4:3d:8c:9a: b0:27:3d:66:f2:92:fd:92:41:d1:07:94:c1:eb:13:de:c0:b1: f1:43:2b:7e:22:c1:58:88:a3:de:85:aa:32:4d:95:91:14:be: b0:a6:56:26:ab:75:9c:48:fc:6c:46:69:9f:16:98:60:b7:4b: 8a:38:b3:c7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcmlfCjnIJ3//cjYI2GCF/rCy2KwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE2MDEwN1oX DTI3MDUxMDE2MDYwN1owMzExMC8GA1UEAxMoREYxN0E5RDdEMUYwQkE0OUMwOThE NTc0ODdCOTc4MkIxQkM2NTE2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK03Fnym5Xx6H3Y8WzmkNBUX8sgXj8sYY5EKO/RTlhv8iW9qAKt+x7yP1xyf TORl6KZANq3odFz6Es5PjqvUsCpa8rvWCmanbhEXi/Vnc8s9T0KQLaMdS9u5Jt2Y 14IhFJqk+abDnp6sxKoUaaJv1I5eRxlOA4XN3tRyxk7RMBqY0ZlGLzkj4TAMKkuH DfpnJJ7fB+s730vRDTk67HFSxX9j/VimqHtCOTFSncr3t4kSxBPsDcrKTllBSsC0 A8CIC/bO5jMQ/0LyU7mtncZppR6NixtYzw1RG1sk88Rsqy3NBya4MOVkJkx55aDJ Np02EQdtRZpOwlq0jT+9vtd6ycMCAwEAAaOCApEwggKNMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN8XqdfR8LpJwJjVdIe5eCsbxlFmMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHdBggrBgEFBQcBCwSB0DCBzTAyBggr BgEFBQcwBYYmcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ZVUZFTkcvMC8w XgYIKwYBBQUHMAqGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvWVVGRU5H LzAvREYxN0E5RDdEMUYwQkE0OUMwOThENTc0ODdCOTc4MkIxQkM2NTE2Ni5tZnQw NwYIKwYBBQUHMA2GK2h0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmaWNh dGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB /wQfMB0wDAQCAAEwBgMEAd+lADANBAIAAjAHAwUAJAIuIDAaBggrBgEFBQcBCAEB /wQLMAmgBzAFAgMCVCEwDQYJKoZIhvcNAQELBQADggEBAHm/yKnmbD19XkbS1k2z 38VreM3h9o+/4IfuItp0CzZ7e0Ct3x08O4Vg49gpWQBrm1TGx2qmepOAtp3Zhb5R H945O54WIyetWePk5qFqt3nDdgadMiloQnH0PvkxJG56Em58kYGRdbg82aNcNXq5 3OTRczd+0zo+bEAXa0KhfIPdEi9/Zm8le1WZCenyDoIGfhCD7x7R05b3xbDUpjbJ SusJ9pHFj3FPkKSFZi/x9oPz6uqipbwFiGLlvgfq7fBg0AocpD2MmrAnPWbykv2S QdEHlMHrE97AsfFDK34iwViIo96FqjJNlZEUvrCmViardZxI/GxGaZ8WmGC3S4o4 s8c= -----END CERTIFICATE-----Generated at Tue May 12 22:03:03 2026 by rpki-client