Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft
File:                     3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft (raw, json)
Hash identifier:          nnD5g3ZcHnZ8ETVZj+q4OSSAEEWb7VT5aA0FyiXHVtU=
Subject key identifier:   14:0D:94:13:D8:96:A1:2C:05:A4:53:2F:32:C6:6F:65:F1:0D:B6:A9
Authority key identifier: DC:D4:56:A0:9D:54:14:0D:BC:42:D3:2B:09:D6:E7:77:8B:58:AA:EF
Certificate issuer:       /CN=DCD456A09D54140DBC42D32B09D6E7778B58AAEF
Certificate serial:       0255
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft
Manifest number:          0253
Signing time:             Mon 20 Oct 2025 14:55:13 +0000
Manifest this update:     Mon 20 Oct 2025 14:55:13 +0000
Manifest next update:     Mon 20 Oct 2025 20:55:13 +0000
Files and hashes:         1: 3NRWoJ1UFA28QtMrCdbnd4tYqu8.crl (hash: WdMe9YISPBdSzEl4jPvdauPP+oHSii2/l8wpDqhqr4E=)
                          2: EOtjY12nXNnenB16AIWc3Jh3NF4.roa (hash: Dd6iulKgytlJlVAbqdWg8yiBukB823mXx4bredXWnlI=)
                          3: h3gM3umksJIYEAeAEiPCdJFIFto.roa (hash: P0RBcokTOeWzNU9SKVJvXJAAZk3Gv4yQBEr42Kf75Ew=)
Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 20:55:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 597 (0x255)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DCD456A09D54140DBC42D32B09D6E7778B58AAEF
        Validity
            Not Before: Oct 20 14:55:13 2025 GMT
            Not After : Aug 22 08:14:28 2026 GMT
        Subject: CN=140D9413D896A12C05A4532F32C66F65F10DB6A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ff:73:ee:5a:a6:e3:54:27:2b:18:34:ac:07:
                    9a:f9:21:e7:2e:7f:37:1f:4a:b7:05:b9:a0:ef:f3:
                    85:f7:6d:92:2e:9a:e9:57:b8:9a:f1:86:ea:5d:82:
                    6d:48:90:71:57:0b:2c:2a:06:4a:8c:aa:df:bd:ae:
                    9e:9b:78:1b:f1:d0:4f:c1:3a:24:50:d6:19:ed:5b:
                    8d:0b:0c:18:fe:f2:1e:9e:49:a5:c8:ce:fe:b1:4e:
                    7e:98:f6:a9:3f:6b:f2:4d:ee:9e:16:85:48:28:c3:
                    f8:6d:12:a4:7e:17:7d:33:2e:3f:0d:01:6f:4e:52:
                    f7:67:8c:17:1c:46:29:e3:91:6b:14:86:88:64:42:
                    75:7b:a0:47:b7:c6:1e:1c:96:c2:d4:b4:41:f2:73:
                    5a:7f:45:cb:8b:18:1b:ac:c2:51:7f:56:85:d8:3d:
                    b5:a6:dd:d6:94:47:6d:a3:36:c0:62:66:e8:67:27:
                    b8:18:f6:c7:89:51:62:7f:53:af:70:5b:b9:97:ca:
                    41:e0:4b:c1:d6:2a:b2:f2:66:ed:0a:2a:de:de:32:
                    01:d9:b1:e0:a8:7a:27:5a:82:82:ac:1d:dd:99:d8:
                    68:09:58:61:ed:cb:cf:17:de:a6:fc:31:36:be:bf:
                    cf:6f:2b:61:15:a7:cd:78:80:d6:76:26:c3:df:02:
                    e3:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:0D:94:13:D8:96:A1:2C:05:A4:53:2F:32:C6:6F:65:F1:0D:B6:A9
            X509v3 Authority Key Identifier:
                keyid:DC:D4:56:A0:9D:54:14:0D:BC:42:D3:2B:09:D6:E7:77:8B:58:AA:EF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3NRWoJ1UFA28QtMrCdbnd4tYqu8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUIKE/3NRWoJ1UFA28QtMrCdbnd4tYqu8.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:10:c6:72:04:ba:bb:3b:4e:af:a4:be:74:7e:33:80:a5:5d:
         62:8d:5a:59:81:09:99:1c:f5:70:8f:d7:16:66:fa:62:c5:02:
         34:f2:ec:0b:04:05:ea:fe:4b:50:3a:eb:a6:34:cb:8f:52:6b:
         e2:bf:76:ae:d8:38:d4:8f:62:7c:32:86:04:e3:98:9b:4b:85:
         c6:de:a9:9d:e9:8c:ca:4d:c1:ac:99:71:01:0c:b2:e8:db:a4:
         57:ef:36:54:f5:f0:6c:85:b3:2e:ba:b4:11:9d:cf:5f:e6:25:
         aa:92:4a:19:91:f7:55:34:6b:4f:d2:c8:b8:5c:64:7c:42:5f:
         30:71:70:dc:a5:f8:8d:f5:69:e9:28:3c:43:e2:8e:23:e1:9f:
         e7:c2:aa:8d:d3:f9:9d:63:96:ab:46:11:8e:a7:53:16:9a:0f:
         a4:37:0d:69:13:3d:32:dc:9f:e0:0f:eb:9d:06:2a:4c:e0:7d:
         c5:91:d6:f1:07:90:53:ab:f0:80:cb:9f:1b:a1:0e:79:27:b0:
         69:5d:50:77:2a:e0:df:46:44:1b:d8:92:b5:46:bf:37:e8:c3:
         e8:6e:15:d0:47:11:fb:df:3c:f9:1a:1a:53:a0:15:08:55:fd:
         c6:cc:49:7d:33:9d:c7:22:85:f8:8f:c5:ea:8a:96:86:ba:07:
         95:3b:21:f8
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICAlUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRENE
NDU2QTA5RDU0MTQwREJDNDJEMzJCMDlENkU3Nzc4QjU4QUFFRjAeFw0yNTEwMjAx
NDU1MTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDE0MEQ5NDEzRDg5NkEx
MkMwNUE0NTMyRjMyQzY2RjY1RjEwREI2QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU/3PuWqbjVCcrGDSsB5r5IecufzcfSrcFuaDv84X3bZIumulX
uJrxhupdgm1IkHFXCywqBkqMqt+9rp6beBvx0E/BOiRQ1hntW40LDBj+8h6eSaXI
zv6xTn6Y9qk/a/JN7p4WhUgow/htEqR+F30zLj8NAW9OUvdnjBccRinjkWsUhohk
QnV7oEe3xh4clsLUtEHyc1p/RcuLGBuswlF/VoXYPbWm3daUR22jNsBiZuhnJ7gY
9seJUWJ/U69wW7mXykHgS8HWKrLyZu0KKt7eMgHZseCoeidagoKsHd2Z2GgJWGHt
y88X3qb8MTa+v89vK2EVp814gNZ2JsPfAuNdAgMBAAGjggIFMIICATAdBgNVHQ4E
FgQUFA2UE9iWoSwFpFMvMsZvZfENtqkwHwYDVR0jBBgwFoAU3NRWoJ1UFA28QtMr
Cdbnd4tYqu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUlVJS0Uv
M05SV29KMVVGQTI4UXRNckNkYm5kNHRZcXU4LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zTlJXb0oxVUZBMjhRdE1yQ2RibmQ0dFlxdTguY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SVUlLRS8zTlJXb0oxVUZBMjhRdE1yQ2Ri
bmQ0dFlxdTgubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYBBQUH
AQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUxDG
cgS6uztOr6S+dH4zgKVdYo1aWYEJmRz1cI/XFmb6YsUCNPLsCwQF6v5LUDrrpjTL
j1Jr4r92rtg41I9ifDKGBOOYm0uFxt6pnemMyk3BrJlxAQyy6NukV+82VPXwbIWz
Lrq0EZ3PX+YlqpJKGZH3VTRrT9LIuFxkfEJfMHFw3KX4jfVp6Sg8Q+KOI+Gf58Kq
jdP5nWOWq0YRjqdTFpoPpDcNaRM9Mtyf4A/rnQYqTOB9xZHW8QeQU6vwgMufG6EO
eSewaV1Qdyrg30ZEG9iStUa/N+jD6G4V0EcR+988+RoaU6AVCFX9xsxJfTOdxyKF
+I/F6oqWhroHlTsh+A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:34:57 2025 by rpki-client