Certificate

$ rpki-client -vvf dev.tw/rpki/August/2/4A208C7877CBF7D9680C15023B778994D27CBFBB.cer
File:                     4A208C7877CBF7D9680C15023B778994D27CBFBB.cer (raw, json)
Hash identifier:          SybOPtHsbJFxxTpXmW/XFrBkNXxzy8QPZprz0egOe84=
Subject key identifier:   4A:20:8C:78:77:CB:F7:D9:68:0C:15:02:3B:77:89:94:D2:7C:BF:BB
Authority key identifier: DB:0E:EC:2B:FD:2F:E5:56:26:1F:B4:FF:C4:EC:97:A5:FC:13:32:CB
Certificate issuer:       /CN=db0eec2bfd2fe556261fb4ffc4ec97a5fc1332cb
Certificate serial:       59A072507E52A28273B5CE42C3F293DDB7D6A7A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2w7sK_0v5VYmH7T_xOyXpfwTMss.cer
Manifest:                 rsync://rpki.co/repo/AS945/0/4A208C7877CBF7D9680C15023B778994D27CBFBB.mft
caRepository:             rsync://rpki.co/repo/AS945/0/
Notify URL:               https://rrdp.rpki.co/rrdp/notification.xml
Certificate not before:   Sun 15 Oct 2023 19:20:16 +0000
Certificate not after:    Sun 13 Oct 2024 19:25:16 +0000
Subordinate resources:    AS: 51930

Validation:               OK
Signature path:           rsync://dev.tw/rpki/August/2/DB0EEC2BFD2FE556261FB4FFC4EC97A5FC1332CB.crl
                          rsync://dev.tw/rpki/August/2/DB0EEC2BFD2FE556261FB4FFC4EC97A5FC1332CB.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2w7sK_0v5VYmH7T_xOyXpfwTMss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:a0:72:50:7e:52:a2:82:73:b5:ce:42:c3:f2:93:dd:b7:d6:a7:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db0eec2bfd2fe556261fb4ffc4ec97a5fc1332cb
        Validity
            Not Before: Oct 15 19:20:16 2023 GMT
            Not After : Oct 13 19:25:16 2024 GMT
        Subject: CN=4A208C7877CBF7D9680C15023B778994D27CBFBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e4:df:29:0a:00:9c:62:dd:84:a3:19:12:24:
                    dc:d5:67:77:bf:ad:ad:1c:90:b9:93:96:75:78:ab:
                    3c:bc:7e:09:5f:75:7b:18:8a:fd:44:01:a5:c5:a3:
                    f0:2e:6c:81:59:e7:88:16:59:09:ad:84:de:1f:08:
                    70:6d:07:bf:ec:87:71:72:bd:25:e7:bc:a6:5b:9b:
                    f3:72:49:c6:3d:c1:cc:5c:68:4d:69:57:30:4b:73:
                    95:89:7e:3d:5c:ac:3d:93:2d:c7:d7:fd:14:ed:9e:
                    dd:96:d1:21:68:41:33:47:b5:e3:74:ae:cc:86:a6:
                    bf:45:ec:78:da:2c:c0:61:ca:1f:10:1f:bd:cf:f7:
                    07:8e:a2:f3:fd:2b:b5:39:67:70:dc:85:16:aa:d4:
                    2b:c5:3d:52:14:8a:45:a9:20:6e:79:d2:72:8f:23:
                    d1:10:f3:70:94:0b:77:10:d6:04:25:21:f5:18:5f:
                    6a:c3:d4:07:1a:d8:7f:97:6b:f5:57:da:03:cb:bc:
                    22:3d:d4:ae:e5:d0:25:21:19:52:7d:2f:1d:80:4a:
                    2a:f0:3f:27:2e:03:d3:67:9a:4f:a4:5b:58:7c:5a:
                    fc:a2:18:9b:d5:ca:9a:05:90:e2:b0:cf:7c:7a:eb:
                    6d:8f:98:ca:dd:1a:de:cd:3b:00:55:db:2a:9a:99:
                    f7:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                4A:20:8C:78:77:CB:F7:D9:68:0C:15:02:3B:77:89:94:D2:7C:BF:BB
            X509v3 Authority Key Identifier:
                keyid:DB:0E:EC:2B:FD:2F:E5:56:26:1F:B4:FF:C4:EC:97:A5:FC:13:32:CB

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/August/2/DB0EEC2BFD2FE556261FB4FFC4EC97A5FC1332CB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2w7sK_0v5VYmH7T_xOyXpfwTMss.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.co/repo/AS945/0/
                RPKI Manifest - URI:rsync://rpki.co/repo/AS945/0/4A208C7877CBF7D9680C15023B778994D27CBFBB.mft
                RPKI Notify - URI:https://rrdp.rpki.co/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  51930

    Signature Algorithm: sha256WithRSAEncryption
         ae:c3:3d:e1:82:28:7c:42:38:fe:7a:90:7a:47:5e:06:8e:0a:
         62:f5:de:ec:ad:af:a2:f1:a9:de:88:2f:2c:2e:00:8b:cc:35:
         31:74:57:86:5c:78:34:3b:98:cd:5a:09:ce:4e:20:46:2b:42:
         d1:0b:7d:57:03:a8:24:e6:1b:f3:73:f1:04:31:3e:fa:79:90:
         b0:7f:6d:8a:29:b8:b5:a7:d8:b3:6f:ce:7f:d2:0d:9c:55:33:
         4f:0d:03:bd:a8:3a:ad:fc:bd:df:ba:33:d2:eb:99:fd:a3:52:
         0a:89:ce:7b:61:e3:2f:8d:1c:82:3a:35:02:fb:75:11:c6:1b:
         b0:ee:a3:66:34:0a:d5:80:d0:36:f4:94:0e:f5:be:5d:e2:01:
         7e:40:d8:01:66:0a:24:c4:b6:75:2c:7e:c5:b3:1d:91:34:c3:
         36:a5:5d:0a:d0:3a:c9:46:05:99:98:e6:b2:c0:b0:0b:30:52:
         e1:39:53:c8:8a:8d:44:df:1f:30:e7:5f:8c:32:ee:b5:ec:ea:
         df:c4:24:54:e0:59:ab:3e:1f:1a:01:74:4a:a8:5e:bf:b7:19:
         05:42:76:aa:d7:2c:4d:e9:17:2a:74:a0:db:b4:ec:63:1d:f9:
         19:90:46:60:a2:f1:01:d8:45:59:77:e5:e6:34:79:c1:9c:e5:
         f9:a6:4b:5a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUWaByUH5SooJztc5Cw/KT3bfWp6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGIwZWVjMmJmZDJmZTU1NjI2MWZiNGZmYzRlYzk3YTVm
YzEzMzJjYjAeFw0yMzEwMTUxOTIwMTZaFw0yNDEwMTMxOTI1MTZaMDMxMTAvBgNV
BAMTKDRBMjA4Qzc4NzdDQkY3RDk2ODBDMTUwMjNCNzc4OTk0RDI3Q0JGQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX5N8pCgCcYt2EoxkSJNzVZ3e/
ra0ckLmTlnV4qzy8fglfdXsYiv1EAaXFo/AubIFZ54gWWQmthN4fCHBtB7/sh3Fy
vSXnvKZbm/NyScY9wcxcaE1pVzBLc5WJfj1crD2TLcfX/RTtnt2W0SFoQTNHteN0
rsyGpr9F7HjaLMBhyh8QH73P9weOovP9K7U5Z3DchRaq1CvFPVIUikWpIG550nKP
I9EQ83CUC3cQ1gQlIfUYX2rD1Aca2H+Xa/VX2gPLvCI91K7l0CUhGVJ9Lx2ASirw
PycuA9Nnmk+kW1h8WvyiGJvVypoFkOKwz3x6622PmMrdGt7NOwBV2yqamfcrAgMB
AAGjggIqMIICJjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRKIIx4d8v32WgM
FQI7d4mU0ny/uzAfBgNVHSMEGDAWgBTbDuwr/S/lViYftP/E7Jel/BMyyzAOBgNV
HQ8BAf8EBAMCAQYwWgYDVR0fBFMwUTBPoE2gS4ZJcnN5bmM6Ly9kZXYudHcvcnBr
aS9BdWd1c3QvMi9EQjBFRUMyQkZEMkZFNTU2MjYxRkI0RkZDNEVDOTdBNUZDMTMz
MkNCLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMnc3c0tfMHY1VlltSDdUX3hP
eVhwZndUTXNzLmNlcjCBygYIKwYBBQUHAQsEgb0wgbowKQYIKwYBBQUHMAWGHXJz
eW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzAvMFUGCCsGAQUFBzAKhklyc3luYzov
L3Jwa2kuY28vcmVwby9BUzk0NS8wLzRBMjA4Qzc4NzdDQkY3RDk2ODBDMTUwMjNC
Nzc4OTk0RDI3Q0JGQkIubWZ0MDYGCCsGAQUFBzANhipodHRwczovL3JyZHAucnBr
aS5jby9ycmRwL25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAytowDQYJKoZIhvcNAQELBQAD
ggEBAK7DPeGCKHxCOP56kHpHXgaOCmL13uytr6Lxqd6ILywuAIvMNTF0V4ZceDQ7
mM1aCc5OIEYrQtELfVcDqCTmG/Nz8QQxPvp5kLB/bYopuLWn2LNvzn/SDZxVM08N
A72oOq38vd+6M9Lrmf2jUgqJznth4y+NHII6NQL7dRHGG7Duo2Y0CtWA0Db0lA71
vl3iAX5A2AFmCiTEtnUsfsWzHZE0wzalXQrQOslGBZmY5rLAsAswUuE5U8iKjUTf
HzDnX4wy7rXs6t/EJFTgWas+HxoBdEqoXr+3GQVCdqrXLE3pFyp0oNu07GMd+RmQ
RmCi8QHYRVl35eY0ecGc5fmmS1o=
-----END CERTIFICATE-----