$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft File: u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft (raw, json) Hash identifier: CTCmaf0EF9eZ3ot2+AMhTW1HoHI56jrHAkpdWGUl5RI= Subject key identifier: 5F:2E:A8:F6:BC:2A:32:CE:18:19:AD:42:C2:E6:0E:2D:B6:ED:B0:08 Authority key identifier: BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7 Certificate issuer: /CN=BBF8E5352240971787806A3E53A8904859A9F0E7 Certificate serial: 0152 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft Manifest number: 0150 Signing time: Sat 17 May 2025 21:54:15 +0000 Manifest this update: Sat 17 May 2025 21:54:15 +0000 Manifest next update: Mon 19 May 2025 21:54:15 +0000 Files and hashes: 1: u_jlNSJAlxeHgGo-U6iQSFmp8Oc.crl (hash: s/GbDyPYMTwQZD6F4MossOdjgArm16nyFd8+RzNftIM=) 2: w_KewT6KWsZuHTgvBMYnYFPhchY.roa (hash: vA7vcHpZZT9NqWFZlSoCmScIUZDx16ZMpEGvj2tJDZ0=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 04:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 338 (0x152) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BBF8E5352240971787806A3E53A8904859A9F0E7 Validity Not Before: May 17 21:54:15 2025 GMT Not After : Jan 9 15:30:20 2026 GMT Subject: CN=5F2EA8F6BC2A32CE1819AD42C2E60E2DB6EDB008 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0c:a3:25:d5:73:fe:23:56:af:9f:31:3d:98: 9c:39:b9:09:f9:35:63:31:52:3d:49:d4:d4:a8:e8: 4e:93:97:6f:59:a1:fc:73:d5:e2:fd:e7:17:f0:da: 95:a1:9c:24:cf:bb:13:2b:9e:52:3e:52:31:25:ea: ce:28:a9:b3:20:9f:63:91:81:ae:e4:db:31:6a:ee: 83:db:1a:c0:08:c9:83:bd:78:f2:cc:9f:c1:98:57: bc:64:9e:43:11:9b:4b:48:bf:f8:41:7e:af:15:b3: 18:c4:be:35:21:e7:68:9e:9d:ee:3c:6d:d5:3e:1d: 2e:ae:7a:48:9a:8d:b3:be:d6:05:9d:86:e2:83:48: a6:e8:56:c6:04:6f:2f:25:9c:17:a1:f6:50:9a:29: 7c:35:13:d2:ad:b3:37:7d:e9:80:63:11:e4:fd:b0: 76:6a:3c:2e:9a:ba:d1:78:b0:7a:20:5f:83:37:64: 5b:51:de:28:73:e2:9d:2b:ae:56:9b:7f:89:a1:5a: 6d:05:ec:69:f7:01:eb:8d:b0:9a:37:ff:63:38:8e: 8b:e7:a8:8a:16:0f:84:c5:85:59:b6:a0:c6:94:c5: 41:5e:39:d6:26:28:ea:63:90:f9:4b:7b:f2:6b:f6: 81:9b:bf:f0:a7:c7:d2:3b:4e:6d:a6:9a:1c:11:93: f1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:2E:A8:F6:BC:2A:32:CE:18:19:AD:42:C2:E6:0E:2D:B6:ED:B0:08 X509v3 Authority Key Identifier: keyid:BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:22:45:88:e0:8f:dc:b0:ff:1f:ca:f0:b4:3a:49:1e:1e:cb: e6:3e:59:47:5a:44:40:88:32:82:3a:88:1f:88:e5:1a:04:1c: 5f:18:d7:58:fe:e3:f6:d9:61:76:33:ba:80:12:c0:40:42:df: d7:83:d5:0b:eb:31:d0:72:1a:82:a9:c5:86:02:f7:01:fb:4f: 78:7a:21:c7:8d:32:08:7d:5b:11:5f:02:62:45:2f:c9:70:9a: 3b:f1:87:0a:35:ab:c3:bf:56:90:1e:66:3d:60:8e:4f:f4:42: b3:4f:5a:8d:ed:d9:79:a6:51:b9:42:1f:a4:7b:6b:cc:c7:a7: 89:06:35:bd:42:73:34:7b:1f:eb:0f:9b:86:4d:db:1d:2e:b9: d2:8f:91:19:4f:ce:61:b1:38:40:d3:32:b9:b7:4a:e8:d9:50: 7c:d9:3c:e0:d2:41:7a:38:fb:b1:70:97:2f:ce:0a:af:63:4b: f3:44:44:b4:89:fd:2d:a6:77:f4:3b:42:c3:51:05:e5:2a:95: e1:31:8b:77:cd:7a:83:b3:23:c0:25:1c:bc:e5:55:47:1c:7a: bd:e8:b8:e0:e2:e7:38:aa:cd:51:9b:5c:87:1a:0a:7e:15:7d: bf:81:d6:d0:52:5f:59:eb:56:92:27:77:e7:65:68:72:40:3b: 23:44:92:66 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJG OEU1MzUyMjQwOTcxNzg3ODA2QTNFNTNBODkwNDg1OUE5RjBFNzAeFw0yNTA1MTcy MTU0MTVaFw0yNjAxMDkxNTMwMjBaMDMxMTAvBgNVBAMTKDVGMkVBOEY2QkMyQTMy Q0UxODE5QUQ0MkMyRTYwRTJEQjZFREIwMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoDKMl1XP+I1avnzE9mJw5uQn5NWMxUj1J1NSo6E6Tl29Zofxz 1eL95xfw2pWhnCTPuxMrnlI+UjEl6s4oqbMgn2ORga7k2zFq7oPbGsAIyYO9ePLM n8GYV7xknkMRm0tIv/hBfq8VsxjEvjUh52iene48bdU+HS6uekiajbO+1gWdhuKD SKboVsYEby8lnBeh9lCaKXw1E9Ktszd96YBjEeT9sHZqPC6autF4sHogX4M3ZFtR 3ihz4p0rrlabf4mhWm0F7Gn3AeuNsJo3/2M4jovnqIoWD4TFhVm2oMaUxUFeOdYm KOpjkPlLe/Jr9oGbv/Cnx9I7Tm2mmhwRk/FfAgMBAAGjggIBMIIB/TAdBgNVHQ4E FgQUXy6o9rwqMs4YGa1CwuYOLbbtsAgwHwYDVR0jBBgwFoAUu/jlNSJAlxeHgGo+ U6iQSFmp8OcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tIL3Vf amxOU0pBbHhlSGdHby1VNmlRU0ZtcDhPYy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev dV9qbE5TSkFseGVIZ0dvLVU2aVFTRm1wOE9jLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0tIL3VfamxOU0pBbHhlSGdHby1VNmlRU0Zt cDhPYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB /wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCrIkWI4I/c sP8fyvC0OkkeHsvmPllHWkRAiDKCOogfiOUaBBxfGNdY/uP22WF2M7qAEsBAQt/X g9UL6zHQchqCqcWGAvcB+094eiHHjTIIfVsRXwJiRS/JcJo78YcKNavDv1aQHmY9 YI5P9EKzT1qN7dl5plG5Qh+ke2vMx6eJBjW9QnM0ex/rD5uGTdsdLrnSj5EZT85h sThA0zK5t0ro2VB82Tzg0kF6OPuxcJcvzgqvY0vzRES0if0tpnf0O0LDUQXlKpXh MYt3zXqDsyPAJRy85VVHHHq96Ljg4uc4qs1Rm1yHGgp+FX2/gdbQUl9Z61aSJ3fn ZWhyQDsjRJJm -----END CERTIFICATE-----Generated at Mon May 19 01:39:07 2025 by rpki-client