Certificate

$ rpki-client -vvf rpki.co/repo/AS945/1/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer
File:                     332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer (raw, json)
Hash identifier:          J3jyum6AVzGKGCDq7tMN7D7Vd4GlAzOZ8N7wqpW3IRU=
Subject key identifier:   33:2D:0D:DB:8B:DE:F4:CC:79:84:74:C9:59:79:FD:CC:E3:EB:B0:C2
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       0DA302F3F5EDE6D047C9784BC30B8AEC42AD16CB
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Manifest:                 rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.mft
caRepository:             rsync://rpki.co/repo/AS199762/2/
Notify URL:               https://rrdp.rpki.co/rrdp/notification.xml
Certificate not before:   Tue 23 Apr 2024 10:04:08 +0000
Certificate not after:    Tue 22 Apr 2025 10:09:08 +0000
Subordinate resources:    IP: 2a12:dd47:3900::/40

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Jun 2024 21:50:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:a3:02:f3:f5:ed:e6:d0:47:c9:78:4b:c3:0b:8a:ec:42:ad:16:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Apr 23 10:04:08 2024 GMT
            Not After : Apr 22 10:09:08 2025 GMT
        Subject: CN=332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:1f:9c:08:65:69:72:ae:d9:99:9a:2f:b5:92:
                    36:ad:ac:97:44:b9:c8:3e:81:7e:78:2f:bf:00:e7:
                    ed:92:b5:72:19:67:8d:4f:ce:08:8a:e1:d6:73:49:
                    86:49:9a:c5:e2:1d:46:bd:e6:bc:04:e0:9b:db:eb:
                    44:34:29:3b:bb:20:e5:51:cf:f6:ad:ff:3c:ee:8b:
                    64:8b:48:02:91:1f:50:e4:d2:e7:08:b8:c8:97:26:
                    50:bb:0d:ba:35:17:3d:3d:f5:eb:96:4f:66:3f:04:
                    b9:b5:61:5c:f8:63:10:b0:30:d7:a3:81:1a:f2:a3:
                    89:20:1e:ef:30:8e:4f:07:fd:cc:32:f4:9f:5d:39:
                    40:7b:ae:4d:3d:c3:17:1b:35:d2:15:dd:56:7c:9a:
                    13:47:0d:f2:7f:cb:f7:84:9e:36:fb:a7:fe:91:7d:
                    2f:00:25:7c:0d:c8:30:25:7a:04:bc:bb:54:98:47:
                    21:37:ea:a2:8f:bb:40:ff:94:d1:53:da:ea:93:43:
                    e6:9a:c9:42:bb:85:7b:8d:e9:7f:d4:a9:ad:1f:93:
                    5c:6f:4f:cd:1e:22:4c:b0:5d:b2:8c:5b:d9:d2:f6:
                    d6:5f:53:0a:c4:78:ed:1c:c3:ac:78:5b:c6:29:cc:
                    5c:30:88:18:7e:36:4e:27:86:f1:38:8d:60:71:e9:
                    b4:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                33:2D:0D:DB:8B:DE:F4:CC:79:84:74:C9:59:79:FD:CC:E3:EB:B0:C2
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.co/repo/AS199762/2/
                RPKI Manifest - URI:rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.mft
                RPKI Notify - URI:https://rrdp.rpki.co/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3900::/40

    Signature Algorithm: sha256WithRSAEncryption
         c8:88:cd:90:d0:8a:b1:26:a5:3e:ab:09:d6:69:f8:b5:e6:4c:
         81:ec:22:e7:97:c0:f9:87:6b:ae:3a:a8:82:1e:20:a9:a2:bd:
         49:61:0f:10:cc:09:8a:23:57:c2:97:b3:16:9f:c9:98:74:5f:
         6f:6d:e5:30:1c:c6:25:97:e1:36:61:74:7d:54:ab:85:c5:e1:
         9c:f0:c9:6e:84:21:4b:05:c1:2c:31:19:da:1d:39:1b:7a:bf:
         ca:2b:55:f8:a3:de:92:08:84:a4:06:1e:9c:b7:1c:f7:2e:fe:
         42:cf:d8:57:e5:8e:6c:27:90:7c:70:c8:2b:f5:5e:40:0a:f0:
         a2:02:27:06:17:f2:a8:02:62:af:3f:b0:e3:5b:0a:52:89:02:
         e1:fa:5c:81:e4:05:c2:b6:fa:0b:51:e1:5c:e1:f2:d3:69:55:
         fe:eb:68:b3:b5:a0:f9:94:7e:bd:2b:44:69:6f:25:fa:0d:c8:
         43:75:33:66:67:9f:be:5c:c6:91:98:94:a3:15:22:1e:79:b2:
         35:a7:69:ce:d3:e8:b3:0a:6b:1b:01:3f:92:32:52:ea:c4:9e:
         cb:4c:6a:55:91:8d:53:01:c2:bd:f0:79:2f:f8:44:1c:49:15:
         49:6e:7a:f0:d0:a2:dd:43:65:3c:5e:77:54:48:1d:2a:66:61:
         15:2f:be:f8
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIUDaMC8/Xt5tBHyXhLwwuK7EKtFsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yNDA0MjMxMDA0MDhaFw0yNTA0MjIxMDA5MDhaMDMxMTAvBgNV
BAMTKDMzMkQwRERCOEJERUY0Q0M3OTg0NzRDOTU5NzlGRENDRTNFQkIwQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfH5wIZWlyrtmZmi+1kjatrJdE
ucg+gX54L78A5+2StXIZZ41PzgiK4dZzSYZJmsXiHUa95rwE4Jvb60Q0KTu7IOVR
z/at/zzui2SLSAKRH1Dk0ucIuMiXJlC7Dbo1Fz099euWT2Y/BLm1YVz4YxCwMNej
gRryo4kgHu8wjk8H/cwy9J9dOUB7rk09wxcbNdIV3VZ8mhNHDfJ/y/eEnjb7p/6R
fS8AJXwNyDAlegS8u1SYRyE36qKPu0D/lNFT2uqTQ+aayUK7hXuN6X/Uqa0fk1xv
T80eIkywXbKMW9nS9tZfUwrEeO0cw6x4W8YpzFwwiBh+Nk4nhvE4jWBx6bSzAgMB
AAGjggI4MIICNDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQzLQ3bi970zHmE
dMlZef3M4+uwwjAfBgNVHSMEGDAWgBRmBCicfjngjhrhJVzuc8Bb/Znz5jAOBgNV
HQ8BAf8EBAMCAQYwWgYDVR0fBFMwUTBPoE2gS4ZJcnN5bmM6Ly9ycGtpLmNvL3Jl
cG8vQVM5NDUvMS82NjA0Mjg5QzdFMzlFMDhFMUFFMTI1NUNFRTczQzA1QkZEOTlG
M0U2LmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2
LnR3L3Jwa2kvQXVndXN0LzUvNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0Mw
NUJGRDk5RjNFNi5jZXIwgdAGCCsGAQUFBwELBIHDMIHAMCwGCCsGAQUFBzAFhiBy
c3luYzovL3Jwa2kuY28vcmVwby9BUzE5OTc2Mi8yLzBYBggrBgEFBQcwCoZMcnN5
bmM6Ly9ycGtpLmNvL3JlcG8vQVMxOTk3NjIvMi8zMzJEMEREQjhCREVGNENDNzk4
NDc0Qzk1OTc5RkRDQ0UzRUJCMEMyLm1mdDA2BggrBgEFBQcwDYYqaHR0cHM6Ly9y
cmRwLnJwa2kuY28vcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqEt1HOTAN
BgkqhkiG9w0BAQsFAAOCAQEAyIjNkNCKsSalPqsJ1mn4teZMgewi55fA+Ydrrjqo
gh4gqaK9SWEPEMwJiiNXwpezFp/JmHRfb23lMBzGJZfhNmF0fVSrhcXhnPDJboQh
SwXBLDEZ2h05G3q/yitV+KPekgiEpAYenLcc9y7+Qs/YV+WObCeQfHDIK/VeQArw
ogInBhfyqAJirz+w41sKUokC4fpcgeQFwrb6C1HhXOHy02lV/utos7Wg+ZR+vStE
aW8l+g3IQ3UzZmefvlzGkZiUoxUiHnmyNadpztPoswprGwE/kjJS6sSey0xqVZGN
UwHCvfB5L/hEHEkVSW568NCi3UNlPF53VEgdKmZhFS+++A==
-----END CERTIFICATE-----
Generated at Thu Jun 13 14:40:49 2024 by rpki-client on console-ams.rpki-client.org