Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.mft
File:                     FZ1fiXJ28N7IV-fi3t1kmHbopII.mft (raw, json)
Hash identifier:          8jEKmsULKmmwgzaQKzx9KqxGtBkKcJ8JSuEhazCcgek=
Subject key identifier:   EC:ED:EF:DA:3A:35:A5:E8:26:6A:8B:49:47:B1:72:84:A2:57:03:1B
Authority key identifier: 15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82
Certificate issuer:       /CN=159D5F897276F0DEC857E7E2DEDD649876E8A482
Certificate serial:       0F4E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.mft
Manifest number:          0F3D
Signing time:             Sun 19 Oct 2025 21:55:44 +0000
Manifest this update:     Sun 19 Oct 2025 21:55:44 +0000
Manifest next update:     Tue 21 Oct 2025 21:55:44 +0000
Files and hashes:         1: FZ1fiXJ28N7IV-fi3t1kmHbopII.crl (hash: sFwf4q8AHzaDrvYH4brmvj+gciqQmTje0BVwwSPrJZI=)
                          2: SlnNaiCccQ8zn4CI4o9x6H7ksNg.roa (hash: 0ENT54SRlYz1XAFM4Z6dLnKV4rSdXQFHNFm67zeWqag=)
                          3: _IQ76khn0eZnlWoN5Y8WkMsAUOI.roa (hash: vOGSGQpmBJoTUnERx4ebB+yM9pGNPNEB1BDRF36w4v8=)
Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 17:56:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3918 (0xf4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=159D5F897276F0DEC857E7E2DEDD649876E8A482
        Validity
            Not Before: Oct 19 21:55:44 2025 GMT
            Not After : Aug 22 08:14:28 2026 GMT
        Subject: CN=ECEDEFDA3A35A5E8266A8B4947B17284A257031B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ff:4d:0f:f3:d7:59:03:e4:c9:59:01:5d:3d:
                    cd:75:8e:8e:e3:31:40:83:d7:72:54:47:51:d0:ec:
                    af:4b:cd:75:2e:f5:d0:5d:29:80:d5:62:ce:1b:a2:
                    ed:ec:db:24:2f:1e:07:39:75:b3:fb:2e:c0:80:41:
                    b2:cf:52:44:14:76:d7:6d:e7:30:f4:ce:85:4b:95:
                    29:43:bd:a1:28:84:49:6b:66:0a:5f:0b:71:29:7b:
                    2e:54:86:93:61:27:e1:ac:8b:97:73:27:65:8a:fc:
                    95:0c:fc:4f:e0:1f:31:ee:90:d2:e1:03:f2:3e:9d:
                    ea:18:27:5e:61:cd:63:a0:e9:7d:17:71:2f:22:f9:
                    35:5d:36:ec:08:e1:aa:55:cb:64:13:4a:1e:de:e5:
                    e0:d9:ed:78:b9:29:64:32:fc:a5:3a:60:65:83:5d:
                    25:7b:b5:61:42:dd:01:2c:57:8a:65:f1:1c:42:9d:
                    ab:40:22:dd:72:1d:fb:99:f5:2e:75:a3:6a:b8:7e:
                    cf:55:95:cf:f6:c2:6c:8c:58:6f:f4:77:f4:7e:bb:
                    20:b9:0e:98:ec:c5:27:da:43:ed:b1:bb:40:8d:01:
                    ec:ca:98:f4:b0:a8:42:6c:46:92:7b:ea:86:3b:0b:
                    e9:22:be:2e:64:d8:46:02:d4:69:30:7d:72:2f:20:
                    e2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:ED:EF:DA:3A:35:A5:E8:26:6A:8B:49:47:B1:72:84:A2:57:03:1B
            X509v3 Authority Key Identifier:
                keyid:15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:4f:aa:d7:14:4d:eb:d2:57:d1:1c:51:5c:82:2d:01:b5:02:
         7e:6d:0e:fe:4b:10:bd:6f:01:43:95:87:a4:4b:d2:76:1a:83:
         ef:11:4b:ac:86:a5:d6:41:98:8c:d9:a3:a6:83:0d:ba:59:49:
         b8:cd:dd:66:e7:cb:6c:dd:e7:af:25:14:8a:0b:04:fa:a2:c7:
         a6:a3:15:c1:96:e3:78:70:01:32:7d:43:12:4f:32:26:c3:97:
         b8:3c:b8:b5:3c:22:48:2b:78:e6:24:03:aa:5d:92:71:fa:61:
         0f:fe:f5:fa:b5:df:21:12:c1:c8:b9:67:a7:14:b6:d6:6e:b6:
         48:bb:e2:1a:75:f7:4a:99:f1:9f:f4:11:21:36:2a:ec:62:0b:
         fc:bf:a6:eb:34:27:f1:78:fc:47:22:d9:61:41:c4:76:49:dd:
         19:62:d2:3b:bc:a4:1c:a5:03:82:e4:ef:f5:39:be:59:d9:ea:
         bf:91:fe:7e:ce:48:70:28:7f:a3:bd:99:7e:b6:eb:e6:b2:ba:
         54:38:95:b4:6d:31:6e:0d:83:2e:28:f8:49:b7:91:de:6b:15:
         47:52:9e:77:5f:69:ec:dd:79:0b:8f:7f:6a:1c:af:80:55:8a:
         21:e1:29:32:02:c1:88:e1:33:6b:ea:7f:06:a8:d8:37:84:d0:
         48:2c:c8:d3
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICD04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTU5
RDVGODk3Mjc2RjBERUM4NTdFN0UyREVERDY0OTg3NkU4QTQ4MjAeFw0yNTEwMTky
MTU1NDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVDRURFRkRBM0EzNUE1
RTgyNjZBOEI0OTQ3QjE3Mjg0QTI1NzAzMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDV/00P89dZA+TJWQFdPc11jo7jMUCD13JUR1HQ7K9LzXUu9dBd
KYDVYs4bou3s2yQvHgc5dbP7LsCAQbLPUkQUdtdt5zD0zoVLlSlDvaEohElrZgpf
C3Epey5UhpNhJ+Gsi5dzJ2WK/JUM/E/gHzHukNLhA/I+neoYJ15hzWOg6X0XcS8i
+TVdNuwI4apVy2QTSh7e5eDZ7Xi5KWQy/KU6YGWDXSV7tWFC3QEsV4pl8RxCnatA
It1yHfuZ9S51o2q4fs9Vlc/2wmyMWG/0d/R+uyC5DpjsxSfaQ+2xu0CNAezKmPSw
qEJsRpJ76oY7C+kivi5k2EYC1GkwfXIvIOKlAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQU7O3v2jo1pegmaotJR7FyhKJXAxswHwYDVR0jBBgwFoAUFZ1fiXJ28N7IV+fi
3t1kmHbopIIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTk9SREFU
Vy9GWjFmaVhKMjhON0lWLWZpM3Qxa21IYm9wSUkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0ZaMWZpWEoyOE43SVYtZmkzdDFrbUhib3BJSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05PUkRBVFcvRloxZmlYSjI4TjdJVi1m
aTN0MWttSGJvcElJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsG
AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEB
AKNPqtcUTevSV9EcUVyCLQG1An5tDv5LEL1vAUOVh6RL0nYag+8RS6yGpdZBmIzZ
o6aDDbpZSbjN3Wbny2zd568lFIoLBPqix6ajFcGW43hwATJ9QxJPMibDl7g8uLU8
IkgreOYkA6pdknH6YQ/+9fq13yESwci5Z6cUttZutki74hp190qZ8Z/0ESE2Kuxi
C/y/pus0J/F4/Eci2WFBxHZJ3Rli0ju8pBylA4Lk7/U5vlnZ6r+R/n7OSHAof6O9
mX626+ayulQ4lbRtMW4Ngy4o+Em3kd5rFUdSnndfaezdeQuPf2ocr4BViiHhKTIC
wYjhM2vqfwao2DeE0EgsyNM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:40:32 2025 by rpki-client