Certificate

$ rpki-client -vvf dev.tw/rpki/August/15/8D6938E003E519E96B0A9EEC938E98EDAC0F5E65.cer
File:                     8D6938E003E519E96B0A9EEC938E98EDAC0F5E65.cer (raw, json)
Hash identifier:          3Q4YWLZkHKCRD34ZEdQjlatuJwQoiEoUEI5CmQvcoc4=
Subject key identifier:   8D:69:38:E0:03:E5:19:E9:6B:0A:9E:EC:93:8E:98:ED:AC:0F:5E:65
Authority key identifier: F9:9F:05:18:25:38:0E:88:D3:1B:92:BF:EA:78:62:BE:91:72:8D:80
Certificate issuer:       /CN=f99f051825380e88d31b92bfea7862be91728d80
Certificate serial:       7658C8826C4869BAC205BD693F30E48A894BE728
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-Z8FGCU4DojTG5K_6nhivpFyjYA.cer
Manifest:                 rsync://rpki.co/repo/AS945/16/8D6938E003E519E96B0A9EEC938E98EDAC0F5E65.mft
caRepository:             rsync://rpki.co/repo/AS945/16/
Notify URL:               https://rrdp.rpki.co/rrdp/notification.xml
Certificate not before:   Sun 28 Jan 2024 16:54:43 +0000
Certificate not after:    Sun 26 Jan 2025 16:59:43 +0000
Subordinate resources:    AS: 48103

Validation:               OK
Signature path:           rsync://dev.tw/rpki/August/15/F99F051825380E88D31B92BFEA7862BE91728D80.crl
                          rsync://dev.tw/rpki/August/15/F99F051825380E88D31B92BFEA7862BE91728D80.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-Z8FGCU4DojTG5K_6nhivpFyjYA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 21:03:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:58:c8:82:6c:48:69:ba:c2:05:bd:69:3f:30:e4:8a:89:4b:e7:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f99f051825380e88d31b92bfea7862be91728d80
        Validity
            Not Before: Jan 28 16:54:43 2024 GMT
            Not After : Jan 26 16:59:43 2025 GMT
        Subject: CN=8D6938E003E519E96B0A9EEC938E98EDAC0F5E65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:61:93:7a:2e:48:3a:98:32:34:a7:bf:b7:78:
                    0f:2c:28:a6:0f:d4:f8:8c:a7:2c:8f:52:36:73:24:
                    eb:76:8b:52:59:50:c1:fb:52:c6:42:27:e6:79:39:
                    e6:f4:82:2d:ea:29:1d:58:24:a7:f4:f7:9e:b7:7b:
                    60:67:e3:cd:02:5c:8e:d2:35:bf:97:ce:8f:c1:38:
                    ff:f0:dc:2a:00:9e:dc:d9:ac:30:b8:6b:ea:d7:66:
                    b8:52:37:00:76:90:2b:6f:30:c8:62:a2:9a:82:ad:
                    2d:9f:a1:81:05:bf:8e:0c:4e:f3:8e:54:a5:46:84:
                    50:a5:23:ef:87:01:6a:c5:cd:36:0f:ed:24:47:d4:
                    7d:cd:70:e0:34:3a:47:0e:d6:68:4f:0c:99:6c:1f:
                    2a:2c:34:83:e9:81:89:da:6b:ae:f0:8a:d8:3a:7c:
                    1d:2b:31:5c:26:e4:ba:2e:89:13:93:69:bc:d3:66:
                    36:5e:02:d7:72:03:2c:af:ab:5c:72:80:6b:6d:44:
                    6b:e8:03:83:ae:2a:89:2b:81:94:8a:d4:53:a2:56:
                    9e:e5:91:01:03:c9:06:ba:43:b6:08:fa:95:90:e0:
                    16:c6:89:f9:30:bb:2f:64:a4:4e:c4:45:e9:da:4b:
                    f2:60:b5:62:b3:0e:ba:5b:fc:0c:6a:fe:20:74:6a:
                    89:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                8D:69:38:E0:03:E5:19:E9:6B:0A:9E:EC:93:8E:98:ED:AC:0F:5E:65
            X509v3 Authority Key Identifier:
                keyid:F9:9F:05:18:25:38:0E:88:D3:1B:92:BF:EA:78:62:BE:91:72:8D:80

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/August/15/F99F051825380E88D31B92BFEA7862BE91728D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Z8FGCU4DojTG5K_6nhivpFyjYA.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.co/repo/AS945/16/
                RPKI Manifest - URI:rsync://rpki.co/repo/AS945/16/8D6938E003E519E96B0A9EEC938E98EDAC0F5E65.mft
                RPKI Notify - URI:https://rrdp.rpki.co/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48103

    Signature Algorithm: sha256WithRSAEncryption
         96:45:54:a4:04:07:0f:9e:25:a5:06:04:8e:32:bb:9a:06:58:
         bf:85:0e:fc:39:35:8c:e1:5a:6d:07:1d:44:6a:19:43:6e:54:
         1a:c8:9d:26:3e:bb:ff:d2:5a:cf:62:44:fd:aa:a4:36:07:25:
         4c:c1:8b:57:a5:63:4a:74:9d:78:60:be:f3:b6:1a:be:78:6b:
         6c:8a:1c:d6:3e:06:dc:9d:09:bd:db:5a:e6:ab:fd:51:e5:d9:
         87:0f:bc:76:b2:2b:d5:f0:62:02:45:c8:8c:26:c1:e6:59:68:
         8c:df:1a:da:0d:94:53:c8:c6:7f:74:1d:6b:a3:34:12:69:ad:
         17:0e:57:1b:cd:b3:42:f2:8f:ee:c5:ca:8a:d8:25:0f:6a:b5:
         5f:bc:33:ce:18:bf:13:62:ff:ad:9f:b8:df:c4:a8:f1:0b:0b:
         b6:55:6c:44:17:8b:53:c7:1f:21:a0:69:4d:1f:6f:25:a1:67:
         e2:a9:2c:f7:fc:f3:e9:c1:86:a7:39:b6:29:79:7c:2e:ea:c8:
         bc:8b:2f:72:a9:95:31:32:53:8e:21:bd:d6:59:77:28:59:0f:
         81:93:53:15:c9:d3:14:c7:67:52:53:df:d2:89:e7:bb:83:da:
         0e:0b:c9:ed:35:d0:f5:6a:70:cd:32:92:88:8e:77:92:42:2d:
         f8:34:0a:ba
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUdljIgmxIabrCBb1pPzDkiolL5ygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjk5ZjA1MTgyNTM4MGU4OGQzMWI5MmJmZWE3ODYyYmU5
MTcyOGQ4MDAeFw0yNDAxMjgxNjU0NDNaFw0yNTAxMjYxNjU5NDNaMDMxMTAvBgNV
BAMTKDhENjkzOEUwMDNFNTE5RTk2QjBBOUVFQzkzOEU5OEVEQUMwRjVFNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5YZN6Lkg6mDI0p7+3eA8sKKYP
1PiMpyyPUjZzJOt2i1JZUMH7UsZCJ+Z5Oeb0gi3qKR1YJKf09563e2Bn480CXI7S
Nb+Xzo/BOP/w3CoAntzZrDC4a+rXZrhSNwB2kCtvMMhiopqCrS2foYEFv44MTvOO
VKVGhFClI++HAWrFzTYP7SRH1H3NcOA0OkcO1mhPDJlsHyosNIPpgYnaa67witg6
fB0rMVwm5LouiROTabzTZjZeAtdyAyyvq1xygGttRGvoA4OuKokrgZSK1FOiVp7l
kQEDyQa6Q7YI+pWQ4BbGifkwuy9kpE7ERenaS/JgtWKzDrpb/Axq/iB0aonxAgMB
AAGjggIuMIICKjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSNaTjgA+UZ6WsK
nuyTjpjtrA9eZTAfBgNVHSMEGDAWgBT5nwUYJTgOiNMbkr/qeGK+kXKNgDAOBgNV
HQ8BAf8EBAMCAQYwWwYDVR0fBFQwUjBQoE6gTIZKcnN5bmM6Ly9kZXYudHcvcnBr
aS9BdWd1c3QvMTUvRjk5RjA1MTgyNTM4MEU4OEQzMUI5MkJGRUE3ODYyQkU5MTcy
OEQ4MC5jcmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtWjhGR0NVNERvalRHNUtf
Nm5oaXZwRnlqWUEuY2VyMIHMBggrBgEFBQcBCwSBvzCBvDAqBggrBgEFBQcwBYYe
cnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUvMTYvMFYGCCsGAQUFBzAKhkpyc3lu
YzovL3Jwa2kuY28vcmVwby9BUzk0NS8xNi84RDY5MzhFMDAzRTUxOUU5NkIwQTlF
RUM5MzhFOThFREFDMEY1RTY1Lm1mdDA2BggrBgEFBQcwDYYqaHR0cHM6Ly9ycmRw
LnJwa2kuY28vcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDALvnMA0GCSqGSIb3DQEB
CwUAA4IBAQCWRVSkBAcPniWlBgSOMruaBli/hQ78OTWM4VptBx1EahlDblQayJ0m
Prv/0lrPYkT9qqQ2ByVMwYtXpWNKdJ14YL7zthq+eGtsihzWPgbcnQm921rmq/1R
5dmHD7x2sivV8GICRciMJsHmWWiM3xraDZRTyMZ/dB1rozQSaa0XDlcbzbNC8o/u
xcqK2CUParVfvDPOGL8TYv+tn7jfxKjxCwu2VWxEF4tTxx8hoGlNH28loWfiqSz3
/PPpwYanObYpeXwu6si8iy9yqZUxMlOOIb3WWXcoWQ+Bk1MVydMUx2dSU9/Siee7
g9oOC8ntNdD1anDNMpKIjneSQi34NAq6
-----END CERTIFICATE-----