Certificate

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/0p22aJ2cWC1_oPCyYvTCT3qZB84.cer
File:                     0p22aJ2cWC1_oPCyYvTCT3qZB84.cer (raw, json)
Hash identifier:          Zrt+PHqTRfpyxvPQ9khVIqHFnbp8ZCwGCTTtjnSARuE=
Subject key identifier:   D2:9D:B6:68:9D:9C:58:2D:7F:A0:F0:B2:62:F4:C2:4F:7A:99:07:CE
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer:       /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial:       1930
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest:                 rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANLIFE/0p22aJ2cWC1_oPCyYvTCT3qZB84.mft
caRepository:             rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANLIFE/
Notify URL:               https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before:   Tue 29 Sep 2020 09:53:27 +0000
Certificate not after:    Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources:    IP: 103.127.132.0/22
                          IP: 2404:20c0::/32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6448 (0x1930)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
        Validity
            Not Before: Sep 29 09:53:27 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=D29DB6689D9C582D7FA0F0B262F4C24F7A9907CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8a:2d:44:06:f1:7a:6f:d2:49:2a:1d:c1:ef:
                    7b:05:ea:04:0c:66:70:37:cb:b6:a5:55:e4:6f:e1:
                    8f:06:2b:2c:67:bb:52:fb:7d:d3:8e:8f:a0:37:23:
                    b9:4f:1d:b6:4e:05:da:a3:f8:ae:b9:d2:ce:bf:dd:
                    58:f6:22:3f:b8:08:f5:91:6d:49:2f:c0:ba:33:0f:
                    76:51:13:9b:79:26:c1:8e:1a:37:52:40:65:d2:ad:
                    1f:24:b4:49:5b:6f:63:db:49:0d:24:a4:3f:95:3b:
                    83:29:3e:50:4c:90:bd:ba:77:83:02:93:09:e2:a3:
                    0d:8b:01:ee:ad:a6:b4:04:fc:1d:c4:1a:65:fb:47:
                    da:62:d6:e6:5d:4d:b9:f6:c3:9f:76:e4:73:d4:2b:
                    1b:91:6e:6e:0d:c8:ed:79:88:b2:47:39:4c:02:33:
                    ab:06:d8:bd:04:83:17:cb:de:b6:29:cf:8b:b5:22:
                    07:6b:f1:bb:da:60:ea:6b:fe:00:f2:3e:ed:f6:c2:
                    63:26:46:2c:ab:4b:62:5e:0a:09:34:8a:71:f6:ad:
                    5b:e7:6c:72:83:89:a1:b3:9a:7e:6f:53:96:28:a1:
                    d2:b1:21:11:0c:bd:7b:4d:5b:f4:11:6b:4d:2e:59:
                    71:16:f5:1b:b2:0b:53:18:3a:70:8c:3a:20:63:d1:
                    da:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:9D:B6:68:9D:9C:58:2D:7F:A0:F0:B2:62:F4:C2:4F:7A:99:07:CE
            X509v3 Authority Key Identifier:
                keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANLIFE/
                RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANLIFE/0p22aJ2cWC1_oPCyYvTCT3qZB84.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.132.0/22
                IPv6:
                  2404:20c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:d5:c0:e8:a6:36:49:1c:0f:8e:88:64:e4:67:f9:47:c9:b5:
         89:81:c0:c8:6d:50:fd:42:99:bb:b6:1e:8f:58:fa:03:db:e2:
         75:4f:b0:1f:f1:79:b1:8f:be:5c:ab:6b:00:ef:0b:c9:90:e2:
         ca:a8:17:16:a9:c9:9a:ef:30:84:63:35:08:02:1b:f3:35:29:
         bd:fa:09:33:a6:39:52:d4:eb:03:11:59:d8:22:f5:9f:13:e9:
         64:a8:85:61:89:74:81:8a:7d:af:d9:86:32:5c:64:05:23:3e:
         d4:6a:2b:33:bb:2e:ff:c6:dc:d9:d5:bb:86:df:cb:2a:9a:90:
         4c:15:a9:cb:24:71:ae:02:83:2b:b0:9f:07:29:1f:aa:12:b5:
         46:73:19:6b:33:a0:6d:76:d8:96:6f:35:f6:f7:a6:16:c0:70:
         00:c2:04:27:d9:39:4e:81:e7:6b:f5:c7:12:31:88:92:9f:f3:
         a6:23:79:a8:46:44:00:30:f4:50:8b:2d:4b:25:e6:7c:dc:5b:
         a1:29:8a:85:9a:78:b3:9f:22:e5:4a:1d:fd:33:4b:20:82:65:
         de:06:ab:30:6d:61:c4:82:0e:79:d6:7a:80:d9:af:d5:b0:0c:
         fd:81:6b:14:59:ca:c8:b5:d6:83:0a:a0:84:ea:18:3e:5e:54:
         99:66:33:5a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgICGTAwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMyN1oXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoRDI5REI2Njg5RDlDNTgyRDdGQTBGMEIyNjJGNEMyNEY3QTk5MDdD
RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMeKLUQG8Xpv0kkqHcHv
ewXqBAxmcDfLtqVV5G/hjwYrLGe7Uvt9046PoDcjuU8dtk4F2qP4rrnSzr/dWPYi
P7gI9ZFtSS/AujMPdlETm3kmwY4aN1JAZdKtHyS0SVtvY9tJDSSkP5U7gyk+UEyQ
vbp3gwKTCeKjDYsB7q2mtAT8HcQaZftH2mLW5l1NufbDn3bkc9QrG5Fubg3I7XmI
skc5TAIzqwbYvQSDF8vetinPi7UiB2vxu9pg6mv+API+7fbCYyZGLKtLYl4KCTSK
cfatW+dscoOJobOafm9Tliih0rEhEQy9e01b9BFrTS5ZcRb1G7ILUxg6cIw6IGPR
2u8CAwEAAaOCAmcwggJjMB0GA1UdDgQWBBTSnbZonZxYLX+g8LJi9MJPepkHzjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgd4GCCsGAQUFBwELBIHRMIHOMDwGCCsGAQUFBzAF
hjByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FOTElG
RS8wWwYIKwYBBQUHMAqGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9UQUlXQU5MSUZFLzBwMjJhSjJjV0MxX29QQ3lZdlRDVDNxWkI4NC5tZnQw
MQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJnf4QwDQQCAAIwBwMFACQE
IMAwDQYJKoZIhvcNAQELBQADggEBAA3VwOimNkkcD46IZORn+UfJtYmBwMhtUP1C
mbu2Ho9Y+gPb4nVPsB/xebGPvlyrawDvC8mQ4sqoFxapyZrvMIRjNQgCG/M1Kb36
CTOmOVLU6wMRWdgi9Z8T6WSohWGJdIGKfa/ZhjJcZAUjPtRqKzO7Lv/G3NnVu4bf
yyqakEwVqcskca4CgyuwnwcpH6oStUZzGWszoG122JZvNfb3phbAcADCBCfZOU6B
52v1xxIxiJKf86YjeahGRAAw9FCLLUsl5nzcW6EpioWaeLOfIuVKHf0zSyCCZd4G
qzBtYcSCDnnWeoDZr9WwDP2BaxRZysi11oMKoITqGD5eVJlmM1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:58 2024 by rpki-client on console-ams.rpki-client.org