$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/oMNmr2CU_YGQmNgmVzoIW7Fu4ns.cer File: oMNmr2CU_YGQmNgmVzoIW7Fu4ns.cer (raw, json) Hash identifier: boTECGfzW4hUT1nrGSxmooD1BqPgni+8kgCsj2nbfYw= Subject key identifier: A0:C3:66:AF:60:94:FD:81:90:98:D8:26:57:3A:08:5B:B1:6E:E2:7B Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 3B78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/UNITEDSOFT/oMNmr2CU_YGQmNgmVzoIW7Fu4ns.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/UNITEDSOFT/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:14:49 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: IP: 103.131.112.0/22 IP: 2403:c940::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:14:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15224 (0x3b78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Aug 22 08:14:49 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A0C366AF6094FD819098D826573A085BB16EE27B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:16:e6:e0:fa:e1:a6:9d:81:f6:08:dc:9f:4a: cb:87:2e:7f:e1:c3:ae:40:6b:c4:12:d2:8e:a4:43: a2:65:68:60:a1:a2:a2:0a:a9:49:06:ec:52:f2:26: 3c:21:9d:d8:4c:5f:5b:2c:7f:90:56:44:b0:6f:2b: 1e:a8:34:dd:b5:2f:6b:fc:10:6d:1c:68:e0:37:4d: 84:22:f2:d6:5c:c1:74:fd:fe:2c:4e:0e:1c:e1:9d: bd:d7:b5:ee:ce:de:d9:88:de:61:39:72:67:b8:45: 46:f3:d2:45:b7:93:2e:69:9e:2b:95:db:e8:52:2b: aa:3d:76:f8:c9:21:54:9b:d5:3a:80:15:0c:be:4a: 14:d1:ec:45:ce:91:1d:bc:20:83:41:87:26:7e:3f: 36:9e:55:41:c6:60:ed:b8:0c:33:3d:63:91:13:9b: 94:2e:03:cf:2a:20:6a:ef:8b:89:a4:e5:cf:55:cb: c7:df:3f:3e:de:61:9b:63:1a:56:8d:e0:4a:ee:11: bc:d4:aa:ed:8e:b3:25:91:90:05:6f:5d:a5:66:f6: 64:c3:11:a2:bc:de:e6:d5:13:61:a7:cb:f5:15:24: 91:8b:5c:54:c0:1d:29:cf:a1:f8:11:93:32:63:f2: 64:dc:1a:71:c1:b8:fc:2f:f1:b1:61:bf:5e:f2:e4: 63:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:C3:66:AF:60:94:FD:81:90:98:D8:26:57:3A:08:5B:B1:6E:E2:7B X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UNITEDSOFT/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UNITEDSOFT/oMNmr2CU_YGQmNgmVzoIW7Fu4ns.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.131.112.0/22 IPv6: 2403:c940::/32 Signature Algorithm: sha256WithRSAEncryption 94:e6:68:1c:d8:47:22:ac:0b:75:3c:f8:68:63:32:e1:c8:57: 95:c0:29:c9:cc:25:ef:99:ce:b7:e1:df:a4:34:0a:54:57:9e: c4:89:67:37:3c:37:e4:73:11:bb:c5:b0:6c:e7:de:57:9b:74: ea:17:66:b4:29:ef:3b:e1:39:ba:4b:bd:0a:2b:64:13:e8:b1: 4b:60:56:31:08:7b:04:11:0a:08:1a:c6:98:5a:f4:11:39:27: f3:06:c4:db:27:92:0d:bd:da:9d:a0:47:88:6e:18:f6:f5:cf: 05:01:95:21:92:21:7f:7a:66:19:92:6c:8f:6e:ee:fe:da:c1: ae:0b:fa:1c:a0:4a:f4:ad:59:36:57:67:8e:d5:d1:2a:de:e4: b8:b6:d3:92:bb:0e:b1:28:a4:26:cd:f7:e7:31:80:37:2a:22: 0e:8f:d9:a5:cf:61:87:42:f8:cc:49:91:c8:56:58:80:ab:fb: c7:bb:98:1f:34:c1:01:94:01:1e:9d:d7:17:56:b6:5a:b2:23: 70:69:59:38:99:d9:f3:fd:f6:99:3c:f0:c2:62:ce:25:e3:06: 97:8f:38:11:10:57:ea:6b:06:6a:74:ef:1a:9d:08:0e:09:1c: c9:6a:75:e1:ab:3b:32:d9:bc:7b:9a:15:da:9e:23:f8:f7:95: 78:bc:54:57 -----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgICO3gwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI1MDgyMjA4MTQ0OVoXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoQTBDMzY2QUY2MDk0RkQ4MTkwOThEODI2NTczQTA4NUJCMTZFRTI3 QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMW5uD64aadgfYI3J9K y4cuf+HDrkBrxBLSjqRDomVoYKGiogqpSQbsUvImPCGd2ExfWyx/kFZEsG8rHqg0 3bUva/wQbRxo4DdNhCLy1lzBdP3+LE4OHOGdvde17s7e2YjeYTlyZ7hFRvPSRbeT LmmeK5Xb6FIrqj12+MkhVJvVOoAVDL5KFNHsRc6RHbwgg0GHJn4/Np5VQcZg7bgM Mz1jkROblC4Dzyogau+LiaTlz1XLx98/Pt5hm2MaVo3gSu4RvNSq7Y6zJZGQBW9d pWb2ZMMRorze5tUTYafL9RUkkYtcVMAdKc+h+BGTMmPyZNwaccG4/C/xsWG/XvLk Yy8CAwEAAaOCAmcwggJjMB0GA1UdDgQWBBSgw2avYJT9gZCY2CZXOghbsW7iezAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgd4GCCsGAQUFBwELBIHRMIHOMDwGCCsGAQUFBzAF hjByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVU5JVEVEU09G VC8wWwYIKwYBBQUHMAqGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9VTklURURTT0ZUL29NTm1yMkNVX1lHUW1OZ21Wem9JVzdGdTRucy5tZnQw MQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54 bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJng3AwDQQCAAIwBwMFACQD yUAwDQYJKoZIhvcNAQELBQADggEBAJTmaBzYRyKsC3U8+GhjMuHIV5XAKcnMJe+Z zrfh36Q0ClRXnsSJZzc8N+RzEbvFsGzn3lebdOoXZrQp7zvhObpLvQorZBPosUtg VjEIewQRCggaxpha9BE5J/MGxNsnkg292p2gR4huGPb1zwUBlSGSIX96ZhmSbI9u 7v7awa4L+hygSvStWTZXZ47V0Sre5Li205K7DrEopCbN9+cxgDcqIg6P2aXPYYdC +MxJkchWWICr+8e7mB80wQGUAR6d1xdWtlqyI3BpWTiZ2fP99pk88MJiziXjBpeP OBEQV+prBmp07xqdCA4JHMlqdeGrOzLZvHuaFdqeI/j3lXi8VFc= -----END CERTIFICATE-----Generated at Sun Aug 24 04:06:11 2025 by rpki-client