$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft File: LXIEYXNU1wUjtvZaJwcStrGdgV4.mft (raw, json) Hash identifier: YOu2pAcPOIE/D3H3YeQM4odJ+sw6rQFvAjcGSNjB2Uc= Subject key identifier: 8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37 Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0DA2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft Manifest number: 0D5C Signing time: Thu 03 Jul 2025 10:02:31 +0000 Manifest this update: Thu 03 Jul 2025 10:02:31 +0000 Manifest next update: Sat 05 Jul 2025 10:02:31 +0000 Files and hashes: 1: -Je16G7yxSwab30W7lP6iLrBJa4.roa (hash: SXNdZAUmfT/M3W6/tVxFSMApyGnXmOWfT4O+gKYhOJ8=) 2: 0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa (hash: 24D4mx/uH5LvCFZuHi9VL8FD4fAuH87qD+r4s8KSvsc=) 3: LXIEYXNU1wUjtvZaJwcStrGdgV4.crl (hash: 50SbO61GVox7Q/4KLpp+u0dUQw3CYC5QfNb3s4WHxmY=) 4: TMU-lCmYZI0dbMAhc0nOMQEDdcg.roa (hash: qrLJU2oetDE2jQ/j2VprRGRnHPHFEl6nYYORnuPKgIM=) 5: WxyfR1SJ02c3wtzPDhGT_dZ1Z9s.roa (hash: ClOc57CczSLjgSlZVe57kySjRciErM9hI9jxtuTiXqY=) 6: Y6Au06HGgYpXuNHgjf36sLWv-kg.roa (hash: MflbpmMzl7dCiLZ1z4sTf/8mnqhF3ZlnhF0SvzJuXzQ=) 7: bc3ob_czo0OcTEgKxfOdgXVriWY.roa (hash: il/vLZJHatOc7CYk49NDT6+ClW1N3OkQas8ZVKrT/Hc=) 8: dtggyWl0G_D8QQFxRJiGCa5swpg.roa (hash: MSYhMq1IPuXNaOC2QhN9A0vMPZLw0WkC7jiduw+m5kI=) 9: oYfnUrP87m0ry0Su_FSA2VApCWw.roa (hash: htw+ncRg+Usl7uVVEDTaDQl02Hb75FgObG87/n51m1U=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:33:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3490 (0xda2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Jul 3 10:02:31 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8FB24E0D840F960EB9E53763485237102DDB4637 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:26:2f:a2:8e:26:81:03:aa:24:8f:e4:9f:7f: 81:98:f3:97:3c:da:8e:dc:ed:8f:03:07:1d:77:b1: 5a:49:c3:3d:f6:ef:84:88:f6:28:be:4c:43:e9:74: 29:fe:59:b0:99:b7:cc:21:76:35:21:ef:53:e0:4a: 30:6c:f6:e4:d4:44:e6:51:a9:22:17:c8:98:9d:d2: 87:9b:6f:fc:cf:be:23:a7:d1:97:b0:d7:fe:89:b7: 9b:54:a3:f5:56:00:58:23:71:00:41:67:8a:b5:1c: d3:bc:97:ea:30:2f:20:a3:dc:ea:94:57:05:cd:87: f1:49:35:69:a0:64:11:9c:b5:d4:09:25:22:a6:cf: 82:72:2a:b6:21:f1:75:01:80:0b:b2:12:0d:d6:55: ca:f1:91:ac:80:bf:8d:bd:91:fa:d1:3c:8f:42:60: e4:2c:05:f5:95:67:86:d7:85:a4:24:6d:9d:9a:f5: fd:f5:90:c1:03:80:9a:33:8a:f6:ec:ba:d2:f5:62: f9:24:e5:05:3e:f2:a9:ec:e7:5e:b9:30:d8:69:f1: 98:b3:30:4c:50:98:22:9c:78:ce:2f:0c:01:02:69: 68:f3:3a:47:47:ae:85:ed:d9:68:6f:ff:6f:ce:04: ea:48:68:fd:a4:53:2c:fc:ba:fd:17:05:49:55:16: 32:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:8d:29:ab:0a:af:80:53:d2:06:bf:f0:2c:1b:00:8f:97:55: 40:e3:8d:b2:78:51:6c:20:08:a8:f4:ce:98:2c:4e:4e:b6:a3: 3c:27:31:97:81:97:59:56:80:67:13:af:7f:f5:69:48:5e:11: 0e:cc:63:cc:6b:7e:bf:5f:9e:5d:25:c3:df:20:fe:21:06:62: 55:7b:49:7e:fa:5f:ec:ab:58:e3:94:39:83:ce:0d:8c:99:28: e8:14:4e:a7:f0:20:7d:5d:96:2d:b1:71:31:0c:47:28:4b:f8: 50:3d:6b:cb:52:f7:aa:c1:d8:73:23:57:69:bf:81:98:71:b6: 5c:cb:56:a2:5d:91:4d:ee:a1:0d:4c:6a:b4:5b:35:1d:82:99: 09:03:08:14:c9:89:45:4f:b9:d1:a0:33:5b:d1:c8:79:a3:24: 46:ab:ab:bf:cc:24:fc:93:2e:23:ab:3c:88:86:cf:3d:59:15: b9:7e:ee:ad:45:ed:40:c8:11:01:30:d5:2d:26:7a:3b:71:8e: c2:15:ee:35:59:c2:10:32:6f:00:b0:42:ae:f5:5d:41:eb:3a: 92:b3:81:53:8e:81:ec:ee:c7:f6:a3:e8:ee:fb:e3:c3:4b:c8: 5a:ab:fd:49:a2:fe:46:48:15:73:2e:be:30:43:69:80:e0:1a: 34:3d:34:73 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgICDaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA3MDMx MDAyMzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhGQjI0RTBEODQwRjk2 MEVCOUU1Mzc2MzQ4NTIzNzEwMkREQjQ2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzJi+ijiaBA6okj+Sff4GY85c82o7c7Y8DBx13sVpJwz3274SI 9ii+TEPpdCn+WbCZt8whdjUh71PgSjBs9uTUROZRqSIXyJid0oebb/zPviOn0Zew 1/6Jt5tUo/VWAFgjcQBBZ4q1HNO8l+owLyCj3OqUVwXNh/FJNWmgZBGctdQJJSKm z4JyKrYh8XUBgAuyEg3WVcrxkayAv429kfrRPI9CYOQsBfWVZ4bXhaQkbZ2a9f31 kMEDgJozivbsutL1Yvkk5QU+8qns5165MNhp8ZizMExQmCKceM4vDAECaWjzOkdH roXt2Whv/2/OBOpIaP2kUyz8uv0XBUlVFjLLAgMBAAGjggIBMIIB/TAdBgNVHQ4E FgQUj7JODYQPlg655TdjSFI3EC3bRjcwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xYSUVZWE5VMXdVanR2WmFKd2NTdHJH ZGdWNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB /wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA+jSmrCq+A U9IGv/AsGwCPl1VA442yeFFsIAio9M6YLE5OtqM8JzGXgZdZVoBnE69/9WlIXhEO zGPMa36/X55dJcPfIP4hBmJVe0l++l/sq1jjlDmDzg2MmSjoFE6n8CB9XZYtsXEx DEcoS/hQPWvLUveqwdhzI1dpv4GYcbZcy1aiXZFN7qENTGq0WzUdgpkJAwgUyYlF T7nRoDNb0ch5oyRGq6u/zCT8ky4jqzyIhs89WRW5fu6tRe1AyBEBMNUtJno7cY7C Fe41WcIQMm8AsEKu9V1B6zqSs4FTjoHs7sf2o+ju++PDS8haq/1Jov5GSBVzLr4w Q2mA4Bo0PTRz -----END CERTIFICATE-----Generated at Fri Jul 4 14:53:45 2025 by rpki-client