$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/STWN/NHeonar8bfap_guUO9EBoGzgEIs.mft File: NHeonar8bfap_guUO9EBoGzgEIs.mft (raw, json) Hash identifier: qXYMSHuYgl300c7jNuYTwJJEGP9s0/qPjpBOtm3WmUI= Subject key identifier: FC:D0:5F:1E:77:CF:F5:C9:68:47:4D:B2:72:2F:3D:AA:66:D7:23:9F Authority key identifier: 34:77:A8:9D:AA:FC:6D:F6:A9:FE:0B:94:3B:D1:01:A0:6C:E0:10:8B Certificate issuer: /CN=3477A89DAAFC6DF6A9FE0B943BD101A06CE0108B Certificate serial: 0CF3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NHeonar8bfap_guUO9EBoGzgEIs.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/STWN/NHeonar8bfap_guUO9EBoGzgEIs.mft Manifest number: 0CF3 Signing time: Thu 03 Jul 2025 09:32:43 +0000 Manifest this update: Thu 03 Jul 2025 09:32:43 +0000 Manifest next update: Sat 05 Jul 2025 09:32:43 +0000 Files and hashes: 1: NHeonar8bfap_guUO9EBoGzgEIs.crl (hash: HBokmUQ0HvazVBc6/GQZk0ZrxoNR9bxUtXIX+ZgSlbw=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/STWN/NHeonar8bfap_guUO9EBoGzgEIs.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/STWN/NHeonar8bfap_guUO9EBoGzgEIs.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NHeonar8bfap_guUO9EBoGzgEIs.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 20:03:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3315 (0xcf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3477A89DAAFC6DF6A9FE0B943BD101A06CE0108B Validity Not Before: Jul 3 09:32:43 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=FCD05F1E77CFF5C968474DB2722F3DAA66D7239F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:6b:1c:55:3d:ae:a2:f6:47:77:5a:c3:28:ec: ce:3e:77:cd:65:22:83:a1:ea:af:ba:15:d3:95:8f: 83:62:4a:4e:4e:ba:c6:3e:e9:f3:75:80:b8:7b:e4: ae:d3:8a:c3:30:64:fa:ee:43:d2:fe:fd:58:59:87: 73:20:c0:53:0f:d0:30:f6:85:5e:7a:9c:98:0f:7c: 82:f0:38:b3:a8:11:b6:52:e7:b9:c3:04:27:2f:87: 99:0b:e3:59:03:8e:5b:ec:08:ca:44:b9:cc:89:24: a0:78:81:c9:c8:9b:f3:e1:ce:fd:04:31:4e:44:6c: 3d:f4:ce:93:e1:2a:08:82:ab:fe:f1:96:79:89:b8: 2c:64:85:5d:5a:a3:33:19:f6:cf:3b:e8:46:df:2d: 3d:9f:a0:74:26:0c:af:f6:a7:e1:6b:15:d7:ae:63: 91:85:6e:22:88:89:5d:37:26:ea:3d:ec:b9:a3:cb: 64:25:15:b9:31:4c:dd:da:af:4b:d8:03:08:ea:0f: 5a:32:fc:97:f1:48:fe:1c:73:59:1d:7f:d8:5a:65: 0a:5d:9f:a4:50:b3:e5:11:31:13:8c:0b:8e:65:f8: e3:39:ae:fc:a2:cb:2d:f7:59:f4:a2:e9:71:57:c1: c8:83:a0:22:0c:65:79:22:7a:6d:94:7e:90:26:10: 9b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:D0:5F:1E:77:CF:F5:C9:68:47:4D:B2:72:2F:3D:AA:66:D7:23:9F X509v3 Authority Key Identifier: keyid:34:77:A8:9D:AA:FC:6D:F6:A9:FE:0B:94:3B:D1:01:A0:6C:E0:10:8B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STWN/NHeonar8bfap_guUO9EBoGzgEIs.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NHeonar8bfap_guUO9EBoGzgEIs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STWN/NHeonar8bfap_guUO9EBoGzgEIs.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:07:ce:ef:fb:b3:0b:e0:e6:5e:22:b2:87:0f:0c:5a:c0:90: 97:ef:80:fc:b1:1a:fb:62:23:55:53:4e:a2:4f:52:a7:1c:b3: be:75:76:ce:b5:72:6f:76:f0:e3:07:da:a0:4e:bb:65:ad:c7: 2a:d6:e5:81:8b:37:1d:8a:43:19:17:c5:d3:63:a1:23:40:07: e3:da:3a:c4:4f:37:c4:e8:55:0e:db:9f:aa:f4:48:4b:b3:c6: a4:f1:89:fa:2e:27:7a:8c:cd:ef:f8:04:85:28:be:57:fa:4c: 6e:3a:c0:03:bc:b7:ab:e6:c0:c0:df:b1:f5:6a:a8:b3:10:a5: 63:d8:4a:b3:95:b5:aa:75:da:d2:88:ad:e0:44:5b:0b:31:83: 1a:ea:83:46:1d:7c:4d:3d:ca:ce:4a:0d:d7:f0:06:cf:04:dd: c5:eb:e5:56:ff:d0:04:93:a7:e6:75:12:f4:19:82:88:d3:cc: 6f:a2:79:af:d7:a3:e9:ef:9d:09:d8:d7:e4:63:44:82:d7:64: d8:89:35:2b:76:cd:a3:81:66:88:98:cc:d2:67:b7:b1:e0:9c: f8:09:20:a0:2c:15:8a:dc:60:4c:16:b9:34:66:53:df:1d:71: 22:51:c0:69:44:fe:d6:38:e2:74:e5:5c:f2:10:ec:eb:9c:c4: 28:44:1a:2d -----BEGIN CERTIFICATE----- MIIE5zCCA8+gAwIBAgICDPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ3 N0E4OURBQUZDNkRGNkE5RkUwQjk0M0JEMTAxQTA2Q0UwMTA4QjAeFw0yNTA3MDMw OTMyNDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZDRDA1RjFFNzdDRkY1 Qzk2ODQ3NERCMjcyMkYzREFBNjZENzIzOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqaxxVPa6i9kd3WsMo7M4+d81lIoOh6q+6FdOVj4NiSk5OusY+ 6fN1gLh75K7TisMwZPruQ9L+/VhZh3MgwFMP0DD2hV56nJgPfILwOLOoEbZS57nD BCcvh5kL41kDjlvsCMpEucyJJKB4gcnIm/Phzv0EMU5EbD30zpPhKgiCq/7xlnmJ uCxkhV1aozMZ9s876EbfLT2foHQmDK/2p+FrFdeuY5GFbiKIiV03Juo97Lmjy2Ql FbkxTN3ar0vYAwjqD1oy/JfxSP4cc1kdf9haZQpdn6RQs+URMROMC45l+OM5rvyi yy33WfSi6XFXwciDoCIMZXkiem2UfpAmEJsxAgMBAAGjggIDMIIB/zAdBgNVHQ4E FgQU/NBfHnfP9cloR02yci89qmbXI58wHwYDVR0jBBgwFoAUNHeonar8bfap/guU O9EBoGzgEIswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1RXTi9O SGVvbmFyOGJmYXBfZ3VVTzlFQm9HemdFSXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05IZW9uYXI4YmZhcF9ndVVPOUVCb0d6Z0VJcy5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1NUV04vTkhlb25hcjhiZmFwX2d1VU85RUJv R3pnRUlzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUFBwEH AQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAHcHzu/7 swvg5l4isocPDFrAkJfvgPyxGvtiI1VTTqJPUqccs751ds61cm928OMH2qBOu2Wt xyrW5YGLNx2KQxkXxdNjoSNAB+PaOsRPN8ToVQ7bn6r0SEuzxqTxifouJ3qMze/4 BIUovlf6TG46wAO8t6vmwMDfsfVqqLMQpWPYSrOVtap12tKIreBEWwsxgxrqg0Yd fE09ys5KDdfwBs8E3cXr5Vb/0ASTp+Z1EvQZgojTzG+iea/Xo+nvnQnY1+RjRILX ZNiJNSt2zaOBZoiYzNJnt7HgnPgJIKAsFYrcYEwWuTRmU98dcSJRwGlE/tY44nTl XPIQ7OucxChEGi0= -----END CERTIFICATE-----Generated at Fri Jul 4 17:44:47 2025 by rpki-client