$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/E3823DFEA21FEF04E3269EB9ACC3BDAC1E387ECB.cer File: E3823DFEA21FEF04E3269EB9ACC3BDAC1E387ECB.cer (raw, json) Hash identifier: +T48tvrdzz1OyUk6SfRO68tHPeuV41JdzaD8ZHQHD0Q= Subject key identifier: E3:82:3D:FE:A2:1F:EF:04:E3:26:9E:B9:AC:C3:BD:AC:1E:38:7E:CB Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 4BBAF778A431F549DA8CCCE53CC8CF1D0C76505C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/CLOUDNODE/0/E3823DFEA21FEF04E3269EB9ACC3BDAC1E387ECB.mft caRepository: rsync://rpkica.twnic.tw/rpki/CLOUDNODE/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 15:44:22 +0000 Certificate not after: Mon 10 May 2027 15:49:22 +0000 Subordinate resources: IP: 103.175.166.0/23 IP: 223.26.10.0/23 IP: 2400:1be0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:ba:f7:78:a4:31:f5:49:da:8c:cc:e5:3c:c8:cf:1d:0c:76:50:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 15:44:22 2026 GMT Not After : May 10 15:49:22 2027 GMT Subject: CN=E3823DFEA21FEF04E3269EB9ACC3BDAC1E387ECB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:74:e5:2f:2d:31:38:5d:00:ed:6d:20:12:f5: 14:3e:ed:9c:4e:32:b3:32:98:3f:d5:a8:fb:3b:d7: f4:3e:55:c0:23:58:61:7d:32:c6:e0:d6:3a:8c:b3: 04:85:a4:bb:3a:f3:0e:fe:1e:a4:8c:f9:6c:43:59: 62:b3:e0:2f:bc:83:43:77:a6:42:98:dc:a9:57:1e: 5d:65:2a:45:de:c2:f9:df:66:41:eb:a6:a2:f0:7c: 2c:7f:2f:37:f5:63:c3:89:78:fa:b2:5d:49:b6:bf: c9:27:36:b5:2d:ae:72:2e:9a:b4:6e:13:00:c8:3c: 64:16:a8:95:05:0f:26:16:51:97:ff:ba:7d:38:cf: 97:dd:97:12:8d:6e:6f:13:cd:bf:f8:a7:d4:fd:57: ac:de:04:4a:f6:97:d7:18:77:81:09:a7:3e:05:78: 9b:2f:6a:de:03:da:18:5b:c8:c8:5d:ba:f6:b5:9f: b0:4b:14:21:a6:b4:5d:98:fa:86:3a:ec:8b:1a:c1: b0:79:fb:08:ae:b9:d0:58:5a:18:eb:9d:23:9b:a2: fa:d9:ff:41:37:f1:c4:c6:28:1e:ee:01:01:04:dc: a2:04:dc:40:bb:1e:65:f1:d1:3a:f4:79:ab:57:be: 7c:ee:0b:46:dd:e0:37:91:10:b7:bd:86:d9:9a:16: b3:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: E3:82:3D:FE:A2:1F:EF:04:E3:26:9E:B9:AC:C3:BD:AC:1E:38:7E:CB X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/CLOUDNODE/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/CLOUDNODE/0/E3823DFEA21FEF04E3269EB9ACC3BDAC1E387ECB.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.175.166.0/23 223.26.10.0/23 IPv6: 2400:1be0::/32 Signature Algorithm: sha256WithRSAEncryption 6e:ac:00:53:81:ef:d5:59:dd:5f:bc:bd:18:94:db:1e:ab:2f: 10:7c:92:d4:c2:d3:96:2c:30:2c:c8:d4:52:77:fc:fb:1c:94: a0:1f:e5:88:63:94:df:b3:c9:2e:12:40:da:88:57:ac:99:78: f8:ea:33:d0:62:25:10:69:47:4e:3c:94:d7:10:7a:92:89:a7: a8:c9:d8:a8:ce:00:73:a9:7c:1e:cd:1e:57:cc:9a:df:5f:ed: 02:27:b6:45:3b:c8:40:ff:1d:6a:34:10:f3:e0:6b:0f:52:7e: 75:bf:60:f9:89:fe:9c:83:ab:3d:b7:56:47:47:b1:be:b7:31: 5c:ba:9c:f8:cb:5a:a9:a5:72:a5:a2:48:cc:a7:86:f5:09:83: e8:ce:bb:c2:9c:1d:bd:1e:72:20:5e:b9:b8:75:85:2e:31:df: 21:11:13:a4:55:98:0a:25:64:1e:b8:2c:c3:49:82:92:12:a1: ce:40:09:a0:96:06:c3:0a:b5:24:b6:9e:fc:2e:a3:d4:2b:4b: 52:02:3b:e1:c2:a9:8c:f4:a0:8e:df:79:c7:a9:d4:af:5c:bc: c9:1f:b1:44:d6:cd:4a:a5:5c:0b:5b:f5:75:ad:2e:c2:83:bd: 25:4a:c3:41:af:e0:85:34:f4:4d:f9:61:b5:7c:15:e0:9a:c1: 1b:87:d5:d6 -----BEGIN CERTIFICATE----- MIIFjjCCBHagAwIBAgIUS7r3eKQx9UnajMzlPMjPHQx2UFwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE1NDQyMloX DTI3MDUxMDE1NDkyMlowMzExMC8GA1UEAxMoRTM4MjNERkVBMjFGRUYwNEUzMjY5 RUI5QUNDM0JEQUMxRTM4N0VDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMl05S8tMThdAO1tIBL1FD7tnE4yszKYP9Wo+zvX9D5VwCNYYX0yxuDWOoyz BIWkuzrzDv4epIz5bENZYrPgL7yDQ3emQpjcqVceXWUqRd7C+d9mQeumovB8LH8v N/Vjw4l4+rJdSba/ySc2tS2uci6atG4TAMg8ZBaolQUPJhZRl/+6fTjPl92XEo1u bxPNv/in1P1XrN4ESvaX1xh3gQmnPgV4my9q3gPaGFvIyF269rWfsEsUIaa0XZj6 hjrsixrBsHn7CK650FhaGOudI5ui+tn/QTfxxMYoHu4BAQTcogTcQLseZfHROvR5 q1e+fO4LRt3gN5EQt72G2ZoWswsCAwEAAaOCAoEwggJ9MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFOOCPf6iH+8E4yaeuazDvaweOH7LMB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHjBggrBgEFBQcBCwSB1jCB0zA1Bggr BgEFBQcwBYYpcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DTE9VRE5PREUv MC8wYQYIKwYBBQUHMAqGVXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0xP VUROT0RFLzAvRTM4MjNERkVBMjFGRUYwNEUzMjY5RUI5QUNDM0JEQUMxRTM4N0VD Qi5tZnQwNwYIKwYBBQUHMA2GK2h0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25v dGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEF BQcBBwEB/wQlMCMwEgQCAAEwDAMEAWevpgMEAd8aCjANBAIAAjAHAwUAJAAb4DAN BgkqhkiG9w0BAQsFAAOCAQEAbqwAU4Hv1VndX7y9GJTbHqsvEHyS1MLTliwwLMjU Unf8+xyUoB/liGOU37PJLhJA2ohXrJl4+Ooz0GIlEGlHTjyU1xB6komnqMnYqM4A c6l8Hs0eV8ya31/tAie2RTvIQP8dajQQ8+BrD1J+db9g+Yn+nIOrPbdWR0exvrcx XLqc+MtaqaVypaJIzKeG9QmD6M67wpwdvR5yIF65uHWFLjHfIRETpFWYCiVkHrgs w0mCkhKhzkAJoJYGwwq1JLae/C6j1CtLUgI74cKpjPSgjt95x6nUr1y8yR+xRNbN SqVcC1v1da0uwoO9JUrDQa/ghTT0TflhtXwV4JrBG4fV1g== -----END CERTIFICATE-----Generated at Tue May 12 22:02:40 2026 by rpki-client