$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer File: Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer (raw, json) Hash identifier: TxLAZJEsULvWWV5fbxMcmj/c75QVP8UXsxbtISBWWKE= Subject key identifier: 43:EB:D3:9F:B5:18:B5:5D:A0:07:42:AE:EC:7B:0D:A6:AA:BA:61:F7 Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 19D9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Mon 10 Feb 2025 14:29:27 +0000 Certificate not after: Tue 26 Aug 2025 01:57:03 +0000 Subordinate resources: IP: 160.19.90.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6617 (0x19d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Feb 10 14:29:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=43EBD39FB518B55DA00742AEEC7B0DA6AABA61F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:8a:02:d8:e6:8d:21:6c:ec:ac:b9:bd:8f:92: 9f:fe:16:0f:35:1a:6b:91:ac:3e:8e:91:0e:03:88: 80:2d:31:32:f6:67:b7:fd:8a:ff:63:a9:33:04:99: 8f:21:e4:fc:8a:cf:28:8f:15:01:fe:7f:88:0b:18: 67:6e:1e:46:a5:00:13:9d:a4:67:36:28:d9:e2:be: 57:89:0c:1b:33:76:42:3c:e0:ab:80:0d:ee:cd:44: d2:9e:a7:69:7b:fe:a7:38:82:9f:e9:a7:e5:56:e1: 09:9f:bb:f0:a3:da:df:f5:04:02:bf:0c:f0:0d:57: 46:14:74:bb:50:1e:cc:50:32:8f:8f:40:8e:44:5d: a1:de:86:9d:5d:49:8e:d2:63:81:66:cb:5d:c8:23: 89:cb:8e:56:fb:61:8d:67:f9:6c:8b:96:da:60:3d: 22:1e:3c:2e:e7:d7:12:ca:00:88:24:a4:21:35:0c: bb:17:47:6c:52:48:5d:dc:ae:7a:c1:bf:35:70:ae: 51:21:30:6f:3b:44:49:78:2d:bb:6b:25:24:42:43: 1e:2e:4d:44:47:37:58:6a:84:15:71:fb:ed:44:a8: 94:67:a0:8a:2b:f7:9e:e4:b2:86:0e:0e:df:0f:b2: a4:49:3c:05:88:11:97:3c:59:52:8d:57:5c:25:d2: d5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:EB:D3:9F:B5:18:B5:5D:A0:07:42:AE:EC:7B:0D:A6:AA:BA:61:F7 X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.19.90.0/23 Signature Algorithm: sha256WithRSAEncryption cd:b2:ea:86:4e:b4:eb:3f:b1:6e:a2:f2:c5:a7:41:cd:1e:56: 69:59:68:d0:1d:f8:3f:1c:06:fc:30:5f:a8:28:23:70:ac:c8: d7:4b:cb:0f:62:2c:a8:9a:4c:2a:cc:43:e3:62:eb:06:03:f0: 72:d0:ba:24:9e:6d:17:13:46:34:61:6b:b2:1e:93:f3:3d:1b: c2:48:b8:4c:01:54:9c:8a:1a:bf:1d:a4:fb:ae:d3:9c:c5:3e: a7:71:12:5d:ab:d9:9f:41:5f:15:f0:6a:bd:eb:e1:ab:a8:9b: 85:3e:25:8d:33:eb:cc:c3:4a:2f:66:b8:16:92:09:96:d3:94: 5e:05:9f:51:4d:81:52:64:24:2b:ed:c1:d5:ae:34:a2:df:ca: a8:ea:cc:ac:b9:37:62:d9:87:e1:74:e1:ef:c1:1a:1d:d8:56: 8b:1b:9d:ef:d3:57:83:82:9b:b7:11:18:36:b7:ea:fe:fc:8b: 46:15:ca:e4:74:d7:b2:3f:2c:d9:f0:8f:61:b3:5e:48:db:12: 20:fc:de:af:76:fe:86:3f:05:6b:9c:b8:1a:ba:c4:8a:76:eb: 46:b0:2c:6e:c9:9f:64:aa:b6:f6:61:17:c3:81:27:a4:3a:a1: 4e:c1:39:6d:6b:ea:eb:5b:a1:ad:76:98:48:66:d5:33:1d:d1: 97:9e:53:54 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgICGdkwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDIxMDE0MjkyN1oXDTI1MDgyNjAxNTcwM1owMzEx MC8GA1UEAxMoNDNFQkQzOUZCNTE4QjU1REEwMDc0MkFFRUM3QjBEQTZBQUJBNjFG NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMeKAtjmjSFs7Ky5vY+S n/4WDzUaa5GsPo6RDgOIgC0xMvZnt/2K/2OpMwSZjyHk/IrPKI8VAf5/iAsYZ24e RqUAE52kZzYo2eK+V4kMGzN2Qjzgq4AN7s1E0p6naXv+pziCn+mn5VbhCZ+78KPa 3/UEAr8M8A1XRhR0u1AezFAyj49AjkRdod6GnV1JjtJjgWbLXcgjicuOVvthjWf5 bIuW2mA9Ih48LufXEsoAiCSkITUMuxdHbFJIXdyuesG/NXCuUSEwbztESXgtu2sl JEJDHi5NREc3WGqEFXH77USolGegiiv3nuSyhg4O3w+ypEk8BYgRlzxZUo1XXCXS 1X0CAwEAAaOCAk4wggJKMB0GA1UdDgQWBBRD69OftRi1XaAHQq7sew2mqrph9zAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FFTFcvMFYG CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev U0FFTFcvUS12VG43VVl0VjJnQjBLdTdIc05wcXE2WWZjLm1mdDAxBggrBgEFBQcw DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF BQcBBwEB/wQQMA4wDAQCAAEwBgMEAaATWjANBgkqhkiG9w0BAQsFAAOCAQEAzbLq hk606z+xbqLyxadBzR5WaVlo0B34PxwG/DBfqCgjcKzI10vLD2IsqJpMKsxD42Lr BgPwctC6JJ5tFxNGNGFrsh6T8z0bwki4TAFUnIoavx2k+67TnMU+p3ESXavZn0Ff FfBqvevhq6ibhT4ljTPrzMNKL2a4FpIJltOUXgWfUU2BUmQkK+3B1a40ot/KqOrM rLk3YtmH4XTh78EaHdhWixud79NXg4KbtxEYNrfq/vyLRhXK5HTXsj8s2fCPYbNe SNsSIPzer3b+hj8Fa5y4GrrEinbrRrAsbsmfZKq29mEXw4EnpDqhTsE5bWvq61uh rXaYSGbVMx3Rl55TVA== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:43 2025 by rpki-client on console.sobornost.net