$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer File: 3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer (raw, json) Hash identifier: 8ZRp/LDSu/Dy89wC9S7mO8QE2LMtigB+956PUJn9jxw= Subject key identifier: DC:D4:56:A0:9D:54:14:0D:BC:42:D3:2B:09:D6:E7:77:8B:58:AA:EF Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 1C7B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Tue 01 Jul 2025 00:31:19 +0000 Certificate not after: Tue 30 Jun 2026 15:30:18 +0000 Subordinate resources: IP: 165.101.88.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 23:33:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7291 (0x1c7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Jul 1 00:31:19 2025 GMT Not After : Jun 30 15:30:18 2026 GMT Subject: CN=DCD456A09D54140DBC42D32B09D6E7778B58AAEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:31:ec:47:d2:1f:b5:86:f4:a2:fc:10:99:e2: e5:08:cb:94:3c:43:01:bc:f5:8f:b3:c0:90:ce:6d: 88:ff:6c:76:00:b9:d4:de:28:91:26:65:70:7c:6f: 7d:9c:65:0a:be:01:db:f8:72:6e:24:b3:cc:b5:df: 43:78:a4:59:00:58:3f:c4:e4:67:9b:a7:d3:8a:0c: 33:7c:ee:b0:e4:38:8f:19:01:12:6b:c7:f3:08:03: 80:44:c4:54:fa:24:f2:4b:35:be:7a:de:88:b2:f3: 46:47:84:9d:fb:6f:d7:ad:3f:c8:72:e6:62:52:a1: fc:23:53:eb:e8:44:b9:6b:fa:4d:00:00:21:8e:7b: ad:b8:97:fd:90:30:6a:a8:b2:a8:8c:a8:4a:ef:15: 42:38:3f:2f:6b:8d:87:29:8b:83:6a:51:dd:bf:32: 37:01:d2:66:ef:ab:a3:b3:11:ad:8e:9f:d7:c6:52: 48:37:ed:d4:87:c2:e7:0d:07:bc:8e:ee:0f:92:ab: c1:10:b2:98:47:47:5a:b1:b2:a5:e6:8b:0f:be:11: 0e:b8:bf:5c:9e:cc:ec:cb:1a:a8:12:11:ad:08:6a: 1e:f9:3e:eb:7b:89:b7:ed:17:32:43:bc:41:fb:a8: 7e:bb:57:c5:6d:79:ba:c7:5b:fe:e4:cd:ef:60:63: a2:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:D4:56:A0:9D:54:14:0D:BC:42:D3:2B:09:D6:E7:77:8B:58:AA:EF X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 165.101.88.0/23 Signature Algorithm: sha256WithRSAEncryption 65:e4:97:4c:3c:70:cb:96:f3:88:4c:ea:8d:5a:3b:f1:d1:c1: 58:99:67:3a:45:3c:b1:cf:09:fb:7e:fa:be:c0:1a:7d:6d:5b: ec:7f:69:24:6d:a7:08:6d:ff:5b:fb:8a:e1:04:91:30:8f:ba: 0d:38:ec:31:8e:9a:ba:97:d0:9d:da:02:06:2f:90:a8:a4:91: e4:86:b5:61:89:1c:92:87:b1:9d:4a:96:d6:1b:8e:a6:f7:9b: e1:79:a9:6f:10:d3:39:52:03:73:29:b3:45:2f:3b:50:66:a9: 33:ad:67:3a:6c:1f:3b:ce:3d:22:0b:e7:0b:ca:a1:19:b1:a4: 54:a9:cc:37:fc:a0:d7:4a:41:7a:52:a4:0d:84:6a:2c:db:e3: 57:99:41:5a:4c:57:75:d2:33:2a:5d:a1:9c:ca:11:35:3b:79: f2:11:56:04:d3:5c:d6:f0:7d:ad:fb:68:ae:38:f5:9f:29:6c: 27:38:a2:40:46:92:6f:7b:d6:ef:29:12:74:17:f1:a3:5b:cf: 22:cb:4e:8a:fc:39:71:a3:98:73:5c:11:07:a2:80:6d:d8:dd: a8:10:01:51:db:76:06:b0:6e:f8:ad:ab:83:a7:29:98:bf:6a: 8d:4b:36:81:73:d6:ae:ae:4b:40:8f:fc:a3:dc:65:7d:e0:40: 17:75:ad:3c -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgICHHswDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDcwMTAwMzExOVoXDTI2MDYzMDE1MzAxOFowMzEx MC8GA1UEAxMoRENENDU2QTA5RDU0MTQwREJDNDJEMzJCMDlENkU3Nzc4QjU4QUFF RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANox7EfSH7WG9KL8EJni 5QjLlDxDAbz1j7PAkM5tiP9sdgC51N4okSZlcHxvfZxlCr4B2/hybiSzzLXfQ3ik WQBYP8TkZ5un04oMM3zusOQ4jxkBEmvH8wgDgETEVPok8ks1vnreiLLzRkeEnftv 160/yHLmYlKh/CNT6+hEuWv6TQAAIY57rbiX/ZAwaqiyqIyoSu8VQjg/L2uNhymL g2pR3b8yNwHSZu+ro7MRrY6f18ZSSDft1IfC5w0HvI7uD5KrwRCymEdHWrGypeaL D74RDri/XJ7M7MsaqBIRrQhqHvk+63uJt+0XMkO8QfuofrtXxW15usdb/uTN72Bj oi0CAwEAAaOCAk4wggJKMB0GA1UdDgQWBBTc1FagnVQUDbxC0ysJ1ud3i1iq7zAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUlVJS0UvMFYG CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UlVJS0UvM05SV29KMVVGQTI4UXRNckNkYm5kNHRZcXU4Lm1mdDAxBggrBgEFBQcw DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF BQcBBwEB/wQQMA4wDAQCAAEwBgMEAaVlWDANBgkqhkiG9w0BAQsFAAOCAQEAZeSX TDxwy5bziEzqjVo78dHBWJlnOkU8sc8J+376vsAafW1b7H9pJG2nCG3/W/uK4QSR MI+6DTjsMY6aupfQndoCBi+QqKSR5Ia1YYkckoexnUqW1huOpveb4XmpbxDTOVID cymzRS87UGapM61nOmwfO849IgvnC8qhGbGkVKnMN/yg10pBelKkDYRqLNvjV5lB WkxXddIzKl2hnMoRNTt58hFWBNNc1vB9rftorjj1nylsJziiQEaSb3vW7ykSdBfx o1vPIstOivw5caOYc1wRB6KAbdjdqBABUdt2BrBu+K2rg6cpmL9qjUs2gXPWrq5L QI/8o9xlfeBAF3WtPA== -----END CERTIFICATE-----Generated at Fri Jul 4 20:19:18 2025 by rpki-client