$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer File: 3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer (raw, json) Hash identifier: VNXF39KG+5jjD9RS33y3lfZVCn81ClJMELr/+EXM3Cs= Subject key identifier: DC:D4:56:A0:9D:54:14:0D:BC:42:D3:2B:09:D6:E7:77:8B:58:AA:EF Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 1DD5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:52:24 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: IP: 165.101.88.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 23:43:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7637 (0x1dd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Aug 22 08:52:24 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DCD456A09D54140DBC42D32B09D6E7778B58AAEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:31:ec:47:d2:1f:b5:86:f4:a2:fc:10:99:e2: e5:08:cb:94:3c:43:01:bc:f5:8f:b3:c0:90:ce:6d: 88:ff:6c:76:00:b9:d4:de:28:91:26:65:70:7c:6f: 7d:9c:65:0a:be:01:db:f8:72:6e:24:b3:cc:b5:df: 43:78:a4:59:00:58:3f:c4:e4:67:9b:a7:d3:8a:0c: 33:7c:ee:b0:e4:38:8f:19:01:12:6b:c7:f3:08:03: 80:44:c4:54:fa:24:f2:4b:35:be:7a:de:88:b2:f3: 46:47:84:9d:fb:6f:d7:ad:3f:c8:72:e6:62:52:a1: fc:23:53:eb:e8:44:b9:6b:fa:4d:00:00:21:8e:7b: ad:b8:97:fd:90:30:6a:a8:b2:a8:8c:a8:4a:ef:15: 42:38:3f:2f:6b:8d:87:29:8b:83:6a:51:dd:bf:32: 37:01:d2:66:ef:ab:a3:b3:11:ad:8e:9f:d7:c6:52: 48:37:ed:d4:87:c2:e7:0d:07:bc:8e:ee:0f:92:ab: c1:10:b2:98:47:47:5a:b1:b2:a5:e6:8b:0f:be:11: 0e:b8:bf:5c:9e:cc:ec:cb:1a:a8:12:11:ad:08:6a: 1e:f9:3e:eb:7b:89:b7:ed:17:32:43:bc:41:fb:a8: 7e:bb:57:c5:6d:79:ba:c7:5b:fe:e4:cd:ef:60:63: a2:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:D4:56:A0:9D:54:14:0D:BC:42:D3:2B:09:D6:E7:77:8B:58:AA:EF X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 165.101.88.0/23 Signature Algorithm: sha256WithRSAEncryption 84:75:59:1c:d0:80:fe:c6:38:41:aa:50:94:45:5b:48:91:c7: e8:8e:5c:af:8e:13:44:6f:69:d8:b5:dd:b7:a3:65:0a:e6:8b: d0:64:a8:db:4d:ac:e1:9b:9c:c1:b3:28:7b:5e:b5:60:54:c5: 0e:90:ca:9b:60:c4:d6:b7:c3:75:ee:36:9c:90:c7:a5:c9:26: 3a:ea:ef:86:3c:e4:53:11:c6:aa:54:d3:c0:3a:55:c8:f3:03: 80:bc:8f:40:e4:48:12:c8:c2:b5:e9:09:44:bd:52:8a:97:c7: 61:9e:a0:eb:5d:b1:27:e4:2f:71:89:b8:cc:81:dd:bb:a1:8b: 97:4b:56:37:a1:fd:26:94:3d:77:74:95:55:62:76:d2:2b:52: 44:18:be:5b:23:2d:cc:c2:c9:0e:0a:90:97:67:92:56:04:94: c5:d1:80:17:70:5e:3e:dd:7f:2c:52:05:ec:54:ff:46:b3:24: 67:df:0a:19:19:b8:90:8e:f6:a7:2d:d9:d0:1f:af:dc:c3:09: 56:8f:0a:35:9a:3a:d7:8b:d0:34:d8:44:67:b2:3a:f4:a6:51: fd:18:ef:8b:8a:01:b8:0c:e4:9b:1c:96:0d:03:91:da:3c:bc: 08:75:51:96:0c:94:dd:3e:60:89:0e:59:e8:0e:f0:d0:98:e9: a9:01:c1:2a -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgICHdUwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDgyMjA4NTIyNFoXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoRENENDU2QTA5RDU0MTQwREJDNDJEMzJCMDlENkU3Nzc4QjU4QUFF RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANox7EfSH7WG9KL8EJni 5QjLlDxDAbz1j7PAkM5tiP9sdgC51N4okSZlcHxvfZxlCr4B2/hybiSzzLXfQ3ik WQBYP8TkZ5un04oMM3zusOQ4jxkBEmvH8wgDgETEVPok8ks1vnreiLLzRkeEnftv 160/yHLmYlKh/CNT6+hEuWv6TQAAIY57rbiX/ZAwaqiyqIyoSu8VQjg/L2uNhymL g2pR3b8yNwHSZu+ro7MRrY6f18ZSSDft1IfC5w0HvI7uD5KrwRCymEdHWrGypeaL D74RDri/XJ7M7MsaqBIRrQhqHvk+63uJt+0XMkO8QfuofrtXxW15usdb/uTN72Bj oi0CAwEAAaOCAk4wggJKMB0GA1UdDgQWBBTc1FagnVQUDbxC0ysJ1ud3i1iq7zAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUlVJS0UvMFYG CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UlVJS0UvM05SV29KMVVGQTI4UXRNckNkYm5kNHRZcXU4Lm1mdDAxBggrBgEFBQcw DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF BQcBBwEB/wQQMA4wDAQCAAEwBgMEAaVlWDANBgkqhkiG9w0BAQsFAAOCAQEAhHVZ HNCA/sY4QapQlEVbSJHH6I5cr44TRG9p2LXdt6NlCuaL0GSo202s4ZucwbMoe161 YFTFDpDKm2DE1rfDde42nJDHpckmOurvhjzkUxHGqlTTwDpVyPMDgLyPQORIEsjC tekJRL1SipfHYZ6g612xJ+QvcYm4zIHdu6GLl0tWN6H9JpQ9d3SVVWJ20itSRBi+ WyMtzMLJDgqQl2eSVgSUxdGAF3BePt1/LFIF7FT/RrMkZ98KGRm4kI72py3Z0B+v 3MMJVo8KNZo614vQNNhEZ7I69KZR/Rjvi4oBuAzkmxyWDQOR2jy8CHVRlgyU3T5g iQ5Z6A7w0JjpqQHBKg== -----END CERTIFICATE-----Generated at Sat Aug 23 21:40:37 2025 by rpki-client