Certificate

$ rpki-client -vvf dev.tw/rpki/AS945/1/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer
File:                     332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer (raw, json)
Hash identifier:          TK04UJ8VK6g2wq93RPRDNGF5nUfU5k3kB4aGVe3cs48=
Subject key identifier:   33:2D:0D:DB:8B:DE:F4:CC:79:84:74:C9:59:79:FD:CC:E3:EB:B0:C2
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Certificate issuer:       /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial:       4E029CD738FA5D5010D65049BF964E45735CCDB6
Authority info access:    rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Manifest:                 rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.mft
caRepository:             rsync://rpki.co/repo/AS199762/2/
Notify URL:               https://rrdp.rpki.co/rrdp/notification.xml
Certificate not before:   Sat 12 Oct 2024 17:41:54 +0000
Certificate not after:    Sat 11 Oct 2025 17:46:54 +0000
Subordinate resources:    IP: 2a12:dd47:3900::/40

Validation:               OK
Signature path:           rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
                          rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
                          rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 03:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:02:9c:d7:38:fa:5d:50:10:d6:50:49:bf:96:4e:45:73:5c:cd:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
        Validity
            Not Before: Oct 12 17:41:54 2024 GMT
            Not After : Oct 11 17:46:54 2025 GMT
        Subject: CN=332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1f:9c:08:65:69:72:ae:d9:99:9a:2f:b5:92:
                    36:ad:ac:97:44:b9:c8:3e:81:7e:78:2f:bf:00:e7:
                    ed:92:b5:72:19:67:8d:4f:ce:08:8a:e1:d6:73:49:
                    86:49:9a:c5:e2:1d:46:bd:e6:bc:04:e0:9b:db:eb:
                    44:34:29:3b:bb:20:e5:51:cf:f6:ad:ff:3c:ee:8b:
                    64:8b:48:02:91:1f:50:e4:d2:e7:08:b8:c8:97:26:
                    50:bb:0d:ba:35:17:3d:3d:f5:eb:96:4f:66:3f:04:
                    b9:b5:61:5c:f8:63:10:b0:30:d7:a3:81:1a:f2:a3:
                    89:20:1e:ef:30:8e:4f:07:fd:cc:32:f4:9f:5d:39:
                    40:7b:ae:4d:3d:c3:17:1b:35:d2:15:dd:56:7c:9a:
                    13:47:0d:f2:7f:cb:f7:84:9e:36:fb:a7:fe:91:7d:
                    2f:00:25:7c:0d:c8:30:25:7a:04:bc:bb:54:98:47:
                    21:37:ea:a2:8f:bb:40:ff:94:d1:53:da:ea:93:43:
                    e6:9a:c9:42:bb:85:7b:8d:e9:7f:d4:a9:ad:1f:93:
                    5c:6f:4f:cd:1e:22:4c:b0:5d:b2:8c:5b:d9:d2:f6:
                    d6:5f:53:0a:c4:78:ed:1c:c3:ac:78:5b:c6:29:cc:
                    5c:30:88:18:7e:36:4e:27:86:f1:38:8d:60:71:e9:
                    b4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                33:2D:0D:DB:8B:DE:F4:CC:79:84:74:C9:59:79:FD:CC:E3:EB:B0:C2
            X509v3 Authority Key Identifier:
                keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.co/repo/AS199762/2/
                RPKI Manifest - URI:rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.mft
                RPKI Notify - URI:https://rrdp.rpki.co/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3900::/40

    Signature Algorithm: sha256WithRSAEncryption
         c1:05:cf:6f:dc:95:de:6b:e5:50:2b:44:a0:f7:64:ce:f7:48:
         bd:70:5d:fb:0f:0a:cc:72:46:9d:6c:98:9f:aa:1a:81:4b:0e:
         1e:79:72:1d:12:19:16:ce:1a:49:6d:66:0a:d5:34:e1:2c:e3:
         1a:f8:9a:41:30:35:97:7b:7a:75:9b:17:b2:4f:2d:65:2a:55:
         45:46:72:f5:9d:3e:8a:31:94:3a:52:3b:52:3c:f3:79:25:45:
         ef:28:72:fd:71:a3:63:d7:bc:33:aa:00:18:e6:03:7e:f0:55:
         dc:45:8b:be:dc:57:44:58:00:7b:22:e7:6a:f4:63:0e:4e:47:
         f8:0c:0c:1f:8b:7d:d6:84:97:2d:ee:2b:8b:24:fc:c7:fa:53:
         9d:00:fb:d7:4d:3b:a0:3b:b3:e6:c7:df:49:a0:42:37:e6:ca:
         14:ce:9f:79:40:31:0c:48:e3:64:ad:24:73:73:91:09:ea:26:
         b7:6e:56:1c:13:f1:07:c9:3b:0e:3c:27:4c:4b:7a:29:ea:ea:
         d5:73:2c:81:eb:33:36:3e:3d:19:c6:55:c9:a6:57:b8:d2:dd:
         aa:7c:16:e4:8f:83:9e:f3:17:c0:01:6a:9f:f6:97:e3:e7:57:
         f0:a9:4b:4f:af:ac:5c:5b:f9:18:67:d8:56:be:4e:10:a5:42:
         a9:7f:19:5e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUTgKc1zj6XVAQ1lBJv5ZORXNczbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTIxNzQxNTRaFw0yNTEwMTExNzQ2NTRaMDMxMTAvBgNV
BAMTKDMzMkQwRERCOEJERUY0Q0M3OTg0NzRDOTU5NzlGRENDRTNFQkIwQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfH5wIZWlyrtmZmi+1kjatrJdE
ucg+gX54L78A5+2StXIZZ41PzgiK4dZzSYZJmsXiHUa95rwE4Jvb60Q0KTu7IOVR
z/at/zzui2SLSAKRH1Dk0ucIuMiXJlC7Dbo1Fz099euWT2Y/BLm1YVz4YxCwMNej
gRryo4kgHu8wjk8H/cwy9J9dOUB7rk09wxcbNdIV3VZ8mhNHDfJ/y/eEnjb7p/6R
fS8AJXwNyDAlegS8u1SYRyE36qKPu0D/lNFT2uqTQ+aayUK7hXuN6X/Uqa0fk1xv
T80eIkywXbKMW9nS9tZfUwrEeO0cw6x4W8YpzFwwiBh+Nk4nhvE4jWBx6bSzAgMB
AAGjggI3MIICMzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQzLQ3bi970zHmE
dMlZef3M4+uwwjAfBgNVHSMEGDAWgBQSliAooYHnWLiZCmyk8EqZimkxHjAOBgNV
HQ8BAf8EBAMCAQYwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9kZXYudHcvcnBr
aS9BUzk0NS8xLzEyOTYyMDI4QTE4MUU3NThCODk5MEE2Q0E0RjA0QTk5OEE2OTMx
MUUuY3JsMGUGCCsGAQUFBwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9kZXYu
dHcvcnBraS9BdWd1c3QvNS8xMjk2MjAyOEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5
OThBNjkzMTFFLmNlcjCB0AYIKwYBBQUHAQsEgcMwgcAwLAYIKwYBBQUHMAWGIHJz
eW5jOi8vcnBraS5jby9yZXBvL0FTMTk5NzYyLzIvMFgGCCsGAQUFBzAKhkxyc3lu
YzovL3Jwa2kuY28vcmVwby9BUzE5OTc2Mi8yLzMzMkQwRERCOEJERUY0Q0M3OTg0
NzRDOTU5NzlGRENDRTNFQkIwQzIubWZ0MDYGCCsGAQUFBzANhipodHRwczovL3Jy
ZHAucnBraS5jby9ycmRwL25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoS3Uc5MA0G
CSqGSIb3DQEBCwUAA4IBAQDBBc9v3JXea+VQK0Sg92TO90i9cF37DwrMckadbJif
qhqBSw4eeXIdEhkWzhpJbWYK1TThLOMa+JpBMDWXe3p1mxeyTy1lKlVFRnL1nT6K
MZQ6UjtSPPN5JUXvKHL9caNj17wzqgAY5gN+8FXcRYu+3FdEWAB7Iudq9GMOTkf4
DAwfi33WhJct7iuLJPzH+lOdAPvXTTugO7Pmx99JoEI35soUzp95QDEMSONkrSRz
c5EJ6ia3blYcE/EHyTsOPCdMS3op6urVcyyB6zM2Pj0ZxlXJple40t2qfBbkj4Oe
8xfAAWqf9pfj51fwqUtPr6xcW/kYZ9hWvk4QpUKpfxle
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:34 2024 by rpki-client on console-fra.rpki-client.org