$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.mft File: 639Ki3shDbkgjtWANXBF5Zcd4NM.mft (raw, json) Hash identifier: HxVFjRLc6CNCLJ6XS34iS5veJoXnR9eP4QA+DCbqfD8= Subject key identifier: C6:A2:9D:DF:66:72:B4:B2:BC:E6:75:15:86:81:5C:B8:8C:94:C3:F3 Authority key identifier: EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3 Certificate issuer: /CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3 Certificate serial: 04A1 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.mft Manifest number: 0498 Signing time: Sat 17 May 2025 21:54:04 +0000 Manifest this update: Sat 17 May 2025 21:54:04 +0000 Manifest next update: Mon 19 May 2025 21:54:04 +0000 Files and hashes: 1: 639Ki3shDbkgjtWANXBF5Zcd4NM.crl (hash: nqG+Cp7OV1cBj1S6w0+UCA2RCNhE3PL7wS2ihmhEP6Q=) 2: QjWH8IvvcQRnRJwyrC-yfGiXzHs.roa (hash: PZ9YEwp2XR9xSBGCVl6iG4XZkPUrM/aSAEYSJqEG048=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 19:23:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1185 (0x4a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3 Validity Not Before: May 17 21:54:04 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C6A29DDF6672B4B2BCE6751586815CB88C94C3F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ee:fa:15:8c:15:9a:4d:1c:8b:ed:2f:a6:30: 71:6e:32:0a:3f:9e:03:fa:73:5b:3c:c1:6f:14:e8: 07:0c:56:1f:ee:4e:7e:71:31:a1:af:e5:b7:3d:c9: ba:2e:17:47:e1:d0:f8:0e:22:06:73:6a:8e:5f:c4: 43:cb:58:6a:9a:a5:1f:08:b4:e1:bb:60:67:97:99: 93:b5:40:a2:41:02:0c:d3:99:cc:19:34:5c:4f:11: d5:66:75:21:59:c9:34:34:d2:f5:ea:95:70:2a:9b: 12:bf:29:9a:66:58:be:b6:e6:61:56:10:ea:9e:87: 12:b4:44:1b:64:6c:a3:ad:8b:78:4d:4a:4e:fd:f7: e9:a6:16:bb:20:7b:ac:33:37:49:bd:bd:18:b2:e6: 45:fe:8c:4f:08:e7:34:6f:b7:92:18:8f:74:1c:c9: 8d:11:e8:7a:b1:7a:ba:14:0d:5a:43:89:16:b6:75: 3f:5c:bc:c2:e7:13:53:47:12:1f:12:93:7d:90:bd: 3e:c3:6d:70:09:f5:e2:5f:5e:d0:03:49:6a:a9:8d: 07:7c:f1:2c:3b:a7:95:d3:09:df:93:b2:66:8e:2f: 06:30:cf:78:34:29:89:46:bc:f3:22:3a:b1:43:2d: 1d:71:8e:38:d8:67:db:b4:02:24:76:0f:76:15:e9: c8:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:A2:9D:DF:66:72:B4:B2:BC:E6:75:15:86:81:5C:B8:8C:94:C3:F3 X509v3 Authority Key Identifier: keyid:EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:f1:75:f2:aa:fc:7e:8f:13:e1:1a:53:99:61:7b:be:2b:5e: 97:7b:9f:43:0a:6e:0f:93:f3:d5:41:55:17:d1:18:4c:4b:d1: de:6a:12:ce:9a:cb:1f:48:a5:13:81:1c:20:00:d8:f4:09:36: 9b:ea:ba:e9:53:c8:b8:e6:f2:bb:6e:57:da:99:e7:75:74:de: 31:cd:f8:5f:2b:65:4f:7e:74:d5:9e:d0:81:97:6d:28:3e:99: 91:0b:6b:9f:6c:a8:11:a3:4b:f5:28:9e:62:a3:ec:cf:5d:5c: 1b:d2:1f:17:d4:66:db:0a:1e:b2:e4:b4:ef:f8:10:a8:c5:ea: 9a:06:41:66:b8:00:ad:56:25:49:54:77:15:41:9c:a3:54:b0: 2e:7f:67:84:2b:26:a3:58:5d:99:98:74:88:6e:68:94:65:31: 6a:b8:a4:1f:b2:be:49:57:dd:b5:1d:0f:e3:86:91:31:a8:da: 97:08:fd:54:d8:46:1a:42:77:9f:ab:19:be:c7:11:fd:07:2d: a6:65:c3:0c:10:b2:c1:a5:52:98:8f:30:fb:0a:af:a4:8c:54: 5d:87:b0:04:0d:f1:ae:1a:ba:1d:29:07:7d:4d:89:86:90:a9: 0f:e7:fc:33:d4:38:7a:9a:e1:3e:1b:ab:53:67:0e:3a:53:bd: 2a:b3:88:ff -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgICBKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI3 RjRBOEI3QjIxMERCOTIwOEVENTgwMzU3MDQ1RTU5NzFERTBEMzAeFw0yNTA1MTcy MTU0MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM2QTI5RERGNjY3MkI0 QjJCQ0U2NzUxNTg2ODE1Q0I4OEM5NEMzRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCv7voVjBWaTRyL7S+mMHFuMgo/ngP6c1s8wW8U6AcMVh/uTn5x MaGv5bc9ybouF0fh0PgOIgZzao5fxEPLWGqapR8ItOG7YGeXmZO1QKJBAgzTmcwZ NFxPEdVmdSFZyTQ00vXqlXAqmxK/KZpmWL625mFWEOqehxK0RBtkbKOti3hNSk79 9+mmFrsge6wzN0m9vRiy5kX+jE8I5zRvt5IYj3QcyY0R6HqxeroUDVpDiRa2dT9c vMLnE1NHEh8Sk32QvT7DbXAJ9eJfXtADSWqpjQd88Sw7p5XTCd+TsmaOLwYwz3g0 KYlGvPMiOrFDLR1xjjjYZ9u0AiR2D3YV6chxAgMBAAGjggINMIICCTAdBgNVHQ4E FgQUxqKd32ZytLK85nUVhoFcuIyUw/MwHwYDVR0jBBgwFoAU639Ki3shDbkgjtWA NXBF5Zcd4NMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdB VENILzYzOUtpM3NoRGJrZ2p0V0FOWEJGNVpjZDROTS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvNjM5S2kzc2hEYmtnanRXQU5YQkY1WmNkNE5NLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdBVENILzYzOUtpM3NoRGJr Z2p0V0FOWEJGNVpjZDROTS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQAJ8XXyqvx+jxPhGlOZYXu+K16Xe59DCm4Pk/PVQVUX0RhMS9HeahLOmssf SKUTgRwgANj0CTab6rrpU8i45vK7blfamed1dN4xzfhfK2VPfnTVntCBl20oPpmR C2ufbKgRo0v1KJ5io+zPXVwb0h8X1GbbCh6y5LTv+BCoxeqaBkFmuACtViVJVHcV QZyjVLAuf2eEKyajWF2ZmHSIbmiUZTFquKQfsr5JV921HQ/jhpExqNqXCP1U2EYa Qnefqxm+xxH9By2mZcMMELLBpVKYjzD7Cq+kjFRdh7AEDfGuGrodKQd9TYmGkKkP 5/wz1Dh6muE+G6tTZw46U70qs4j/ -----END CERTIFICATE-----Generated at Sun May 18 16:21:33 2025 by rpki-client