$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/x1hCDPdi5IrXyqYOs53NYisftPY.cer File: x1hCDPdi5IrXyqYOs53NYisftPY.cer (raw, json) Hash identifier: 9e6Fe8OwV++RwQcfAVSTQ0TPqnZoys/3B73Mp30Gs/E= Subject key identifier: C7:58:42:0C:F7:62:E4:8A:D7:CA:A6:0E:B3:9D:CD:62:2B:1F:B4:F6 Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 1DDF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Fri 22 Aug 2025 08:58:06 +0000 Certificate not after: Sat 22 Aug 2026 08:14:28 +0000 Subordinate resources: IP: 161.248.160.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 23:43:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7647 (0x1ddf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Aug 22 08:58:06 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C758420CF762E48AD7CAA60EB39DCD622B1FB4F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:b4:24:eb:b9:99:8b:ac:2f:15:fe:8d:a2:ae: c0:21:1f:b2:92:65:c6:45:a7:e9:73:30:32:a9:3d: bc:46:71:7a:65:dd:48:8a:7f:57:32:bf:40:40:90: 41:a2:0b:5d:ec:0d:4e:9e:c6:37:c3:52:d7:ec:56: a4:a0:73:ac:f2:bf:db:fc:35:e4:0f:64:a6:ce:f2: 81:25:54:c5:ee:2d:f6:dc:27:fa:f1:39:99:28:25: 88:01:d8:a6:a1:bf:a3:68:7f:75:99:69:b1:9c:0a: 19:1e:51:9e:f4:26:a0:44:ef:b3:73:9e:d9:4a:92: 83:7e:6a:e9:15:61:3e:e8:5b:35:e2:41:8c:2a:bf: 44:d4:4a:c4:87:2d:29:b5:1c:ad:5f:11:68:7d:37: 0f:72:b4:81:b0:87:f4:96:1e:74:ac:c7:ae:6d:2d: bc:d5:6c:b3:e1:bd:56:e5:ea:9c:a2:14:5f:47:a4: c7:91:6a:54:5e:a0:ba:6f:07:59:96:9d:e1:51:be: d2:b7:e9:9d:64:66:9c:3e:d1:84:40:b1:43:e9:b7: 4d:6f:bf:08:ba:1b:28:11:21:c8:dc:7b:ca:f9:54: d3:b4:e9:09:71:7a:bf:bf:b1:3c:a7:a7:52:0e:73: 4c:b7:f1:9d:f1:4d:d8:bd:40:fb:da:4a:c8:00:00: 28:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:58:42:0C:F7:62:E4:8A:D7:CA:A6:0E:B3:9D:CD:62:2B:1F:B4:F6 X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 161.248.160.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:cd:5c:fb:e7:6e:b8:22:39:57:ea:2c:6c:f4:86:39:3d:0f: 29:f6:fb:26:94:92:18:0c:19:30:be:41:89:0a:82:5f:32:4f: a9:17:42:7b:a5:d2:b8:15:55:72:24:28:6b:69:df:4f:9c:73: 6b:bf:02:d5:85:25:9f:ab:65:e3:35:83:0d:5b:63:52:3a:a5: 37:d0:fc:3b:5c:0f:32:a9:29:f9:6e:82:53:19:b3:2d:c8:94: 80:ce:6b:c3:dd:49:bc:94:c3:7f:4f:ce:d6:71:7b:b9:a5:44: e9:f8:59:11:20:d2:69:8c:0b:44:82:ae:9f:04:28:ba:d3:b8: ea:eb:f1:77:65:d3:95:b9:fb:52:a2:0d:1d:53:8c:d6:43:34: 44:1d:4f:f0:b7:87:e0:4b:62:3b:3b:e4:63:d8:ab:87:c0:27: f3:3e:6e:4e:7e:17:94:fe:69:33:fa:a6:05:25:92:f9:36:31: ef:e3:33:04:7a:2b:52:cc:6d:a0:56:1a:bf:9a:45:cb:71:1f: 94:1b:c1:33:d9:9a:9d:a9:89:96:57:e5:39:4b:df:eb:15:2d: 7b:91:4c:19:2a:a5:d2:60:63:16:99:af:84:64:6d:24:39:2b: c3:6c:f7:1c:3b:fd:62:10:fc:2f:a7:ff:bd:73:ca:0e:dc:11: df:82:1e:c3 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgICHd8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDgyMjA4NTgwNloXDTI2MDgyMjA4MTQyOFowMzEx MC8GA1UEAxMoQzc1ODQyMENGNzYyRTQ4QUQ3Q0FBNjBFQjM5RENENjIyQjFGQjRG NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO60JOu5mYusLxX+jaKu wCEfspJlxkWn6XMwMqk9vEZxemXdSIp/VzK/QECQQaILXewNTp7GN8NS1+xWpKBz rPK/2/w15A9kps7ygSVUxe4t9twn+vE5mSgliAHYpqG/o2h/dZlpsZwKGR5RnvQm oETvs3Oe2UqSg35q6RVhPuhbNeJBjCq/RNRKxIctKbUcrV8RaH03D3K0gbCH9JYe dKzHrm0tvNVss+G9VuXqnKIUX0ekx5FqVF6gum8HWZad4VG+0rfpnWRmnD7RhECx Q+m3TW+/CLobKBEhyNx7yvlU07TpCXF6v7+xPKenUg5zTLfxnfFN2L1A+9pKyAAA KGMCAwEAAaOCAkowggJGMB0GA1UdDgQWBBTHWEIM92LkitfKpg6znc1iKx+09jAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdAGCCsGAQUFBwELBIHDMIHAMDUGCCsGAQUFBzAF hilyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1RXLzBUBggr BgEFBQcwCoZIcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NU Vy94MWhDRFBkaTVJclh5cVlPczUzTllpc2Z0UFkubWZ0MDEGCCsGAQUFBzANhiVo dHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEH AQH/BBAwDjAMBAIAATAGAwQBofigMA0GCSqGSIb3DQEBCwUAA4IBAQBazVz75264 IjlX6ixs9IY5PQ8p9vsmlJIYDBkwvkGJCoJfMk+pF0J7pdK4FVVyJChrad9PnHNr vwLVhSWfq2XjNYMNW2NSOqU30Pw7XA8yqSn5boJTGbMtyJSAzmvD3Um8lMN/T87W cXu5pUTp+FkRINJpjAtEgq6fBCi607jq6/F3ZdOVuftSog0dU4zWQzREHU/wt4fg S2I7O+Rj2KuHwCfzPm5OfheU/mkz+qYFJZL5NjHv4zMEeitSzG2gVhq/mkXLcR+U G8Ez2ZqdqYmWV+U5S9/rFS17kUwZKqXSYGMWma+EZG0kOSvDbPccO/1iEPwvp/+9 c8oO3BHfgh7D -----END CERTIFICATE-----Generated at Sat Aug 23 22:27:10 2025 by rpki-client