$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/lMbd_dS6pQQA86EZpYM84AIb2y4.cer File: lMbd_dS6pQQA86EZpYM84AIb2y4.cer (raw, json) Hash identifier: sbNQNNU6nrHZRtAnm5/jD3yC63Dt2lTNhPeflW5Stak= Subject key identifier: 94:C6:DD:FD:D4:BA:A5:04:00:F3:A1:19:A5:83:3C:E0:02:1B:DB:2E Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 3411 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/lMbd_dS6pQQA86EZpYM84AIb2y4.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Mon 10 Feb 2025 14:28:58 +0000 Certificate not after: Tue 26 Aug 2025 01:57:03 +0000 Subordinate resources: AS: 18411 IP: 61.56.16.0/20 IP: 119.30.16.0/20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 23:53:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13329 (0x3411) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Feb 10 14:28:58 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=94C6DDFDD4BAA50400F3A119A5833CE0021BDB2E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:2b:8e:ab:14:55:f2:2c:6b:40:4c:3c:3b:f4: 08:d9:83:0d:c8:ed:58:f8:41:7f:c9:3e:48:bf:79: 59:af:76:9a:6c:31:71:14:d6:1e:15:57:fc:34:21: 79:cc:c0:fd:39:a9:f3:83:ec:69:9e:fc:80:83:bf: d9:56:64:45:5a:aa:ad:97:5f:23:75:e1:2f:be:63: b4:54:9d:80:d8:05:ed:b2:21:d8:0d:87:ac:33:59: 44:a6:32:2a:3e:34:7d:47:2d:36:fc:67:4f:27:3b: 24:75:fd:32:75:14:cf:d4:a8:5e:99:e4:11:bf:ac: d3:30:7b:bd:9e:08:35:e5:f4:10:15:68:b3:96:4c: 70:77:12:ca:dc:bc:b3:a4:da:1b:50:cf:6d:f7:d9: ba:73:21:f7:23:6c:cc:c3:62:a3:46:c6:2a:62:46: a9:9e:74:cb:e7:c5:26:a2:85:e8:22:29:56:c0:5c: 77:ef:60:cd:92:52:4e:0a:32:1f:79:14:ee:66:97: 58:d3:a2:8a:d1:b3:da:f3:fd:7d:8d:89:e3:4e:fc: 7e:84:5c:f7:04:8e:ff:b8:06:97:b3:ef:cf:b5:26: 2f:97:dd:c1:ae:6b:91:e9:ee:16:52:50:fe:e2:27: 0d:1a:cc:cf:7c:ea:37:e0:b5:d3:4d:0d:68:db:a2: 51:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:C6:DD:FD:D4:BA:A5:04:00:F3:A1:19:A5:83:3C:E0:02:1B:DB:2E X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EDTNS/lMbd_dS6pQQA86EZpYM84AIb2y4.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 18411 sbgp-ipAddrBlock: critical IPv4: 61.56.16.0/20 119.30.16.0/20 Signature Algorithm: sha256WithRSAEncryption 01:10:14:bc:5d:72:34:13:56:8b:00:b0:1f:b6:94:ca:d1:e8: 12:cb:b8:44:7d:e0:f8:c6:a8:ae:b4:04:68:7f:32:4a:fc:83: 2d:ba:8e:50:fd:cf:2f:21:b2:36:7f:92:c0:6c:b3:d8:31:83: 3c:b1:b6:81:94:72:e8:44:14:7f:ec:46:e7:01:c2:c3:88:3e: 48:11:b3:62:a2:3b:0e:c6:f2:e5:65:8b:a3:a1:2a:71:60:2a: 10:03:3a:45:76:d2:24:b1:80:e4:a2:a7:88:9a:42:45:01:c8: 3f:26:91:56:b6:b6:e5:15:08:61:da:b0:6f:6a:c4:4e:21:0b: 72:e8:0f:8c:dd:75:5a:ec:b5:e1:9a:f4:b5:03:bd:14:59:2c: fe:ad:d6:16:f0:69:9a:6f:ce:41:62:4f:1d:cc:3a:3f:37:1d: f5:e5:23:fd:19:9d:2d:df:9a:32:4c:9d:32:5e:10:32:2e:a5: 3a:c6:a3:27:e4:44:76:47:ef:2d:cd:cc:cf:9b:6e:cc:14:55: 5d:ee:c9:cd:b0:a9:d4:08:e9:2a:70:cf:72:0a:88:c7:22:7e: 74:94:4b:c0:22:7f:16:78:b2:09:a8:63:11:35:81:73:f3:fb: 78:58:33:d5:79:42:ae:3e:4a:09:a1:f9:96:ba:3d:06:7b:22: 21:f7:36:a7 -----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgICNBEwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI1MDIxMDE0Mjg1OFoXDTI1MDgyNjAxNTcwM1owMzEx MC8GA1UEAxMoOTRDNkRERkRENEJBQTUwNDAwRjNBMTE5QTU4MzNDRTAwMjFCREIy RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPgrjqsUVfIsa0BMPDv0 CNmDDcjtWPhBf8k+SL95Wa92mmwxcRTWHhVX/DQheczA/Tmp84PsaZ78gIO/2VZk RVqqrZdfI3XhL75jtFSdgNgF7bIh2A2HrDNZRKYyKj40fUctNvxnTyc7JHX9MnUU z9SoXpnkEb+s0zB7vZ4INeX0EBVos5ZMcHcSyty8s6TaG1DPbffZunMh9yNszMNi o0bGKmJGqZ50y+fFJqKF6CIpVsBcd+9gzZJSTgoyH3kU7maXWNOiitGz2vP9fY2J 4078foRc9wSO/7gGl7Pvz7UmL5fdwa5rkenuFlJQ/uInDRrMz3zqN+C1000NaNui UUsCAwEAAaOCAm8wggJrMB0GA1UdDgQWBBSUxt391LqlBADzoRmlgzzgAhvbLjAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRURUTlMvMFYG CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RURUTlMvbE1iZF9kUzZwUVFBODZFWnBZTTg0QUliMnk0Lm1mdDAxBggrBgEFBQcw DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAZBggrBgEF BQcBCAEB/wQKMAigBjAEAgJH6zAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAME BD04EAMEBHceEDANBgkqhkiG9w0BAQsFAAOCAQEAARAUvF1yNBNWiwCwH7aUytHo Esu4RH3g+MaorrQEaH8ySvyDLbqOUP3PLyGyNn+SwGyz2DGDPLG2gZRy6EQUf+xG 5wHCw4g+SBGzYqI7Dsby5WWLo6EqcWAqEAM6RXbSJLGA5KKniJpCRQHIPyaRVra2 5RUIYdqwb2rETiELcugPjN11Wuy14Zr0tQO9FFks/q3WFvBpmm/OQWJPHcw6Pzcd 9eUj/RmdLd+aMkydMl4QMi6lOsajJ+REdkfvLc3Mz5tuzBRVXe7JzbCp1AjpKnDP cgqIxyJ+dJRLwCJ/FniyCahjETWBc/P7eFgz1XlCrj5KCaH5lro9BnsiIfc2pw== -----END CERTIFICATE-----Generated at Sun May 18 21:33:45 2025 by rpki-client