Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/2lEGgh7u-V6PamELPU5WfV4BQeI.cer
File: 2lEGgh7u-V6PamELPU5WfV4BQeI.cer (raw, json)
Hash identifier: EVF4z4FsHJrsVHAnqV0xF+FOY7kPVsK6bFFO636jqBA=
Subject key identifier: DA:51:06:82:1E:EE:F9:5E:8F:6A:61:0B:3D:4E:56:7D:5E:01:41:E2
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 187E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEF/2lEGgh7u-V6PamELPU5WfV4BQeI.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEF/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:18 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.137.188.0/23
IP: 2404:b840::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6270 (0x187e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:18 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DA5106821EEEF95E8F6A610B3D4E567D5E0141E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:1d:12:24:6b:af:54:3b:6a:26:32:ed:04:
83:8b:4c:4d:5d:92:93:b3:20:1d:5c:c5:8c:7c:85:
6e:59:49:3f:c8:34:a6:42:b2:30:a4:ee:67:15:6d:
38:ad:2c:aa:88:2d:b7:b6:65:13:d1:83:fe:66:29:
b8:4b:c7:e5:1d:8b:55:ed:2b:53:86:47:33:c9:4a:
a8:c1:a1:11:d4:4d:05:e7:c4:1b:cb:8e:68:02:8d:
99:c8:9b:61:72:40:11:28:40:02:de:41:b1:6d:5f:
7f:b5:51:58:2c:f3:84:3c:41:67:d7:de:05:70:5d:
76:5c:0a:40:00:df:ed:ed:ee:6e:47:69:f9:36:3f:
6b:87:fc:bb:6c:aa:57:2a:b3:48:bb:ab:e5:b3:f3:
c5:97:3c:a4:a4:38:c8:91:e7:c4:d8:17:dd:57:2a:
cf:66:00:cb:74:fa:68:9e:f1:87:bd:af:e7:c1:8d:
01:28:b4:cc:9f:8e:93:d0:25:3a:99:0a:fb:ff:e3:
1c:4b:55:7f:fe:69:8a:72:68:c3:43:f6:bf:42:e9:
43:04:89:09:fb:f9:5b:14:55:e4:35:f5:af:f6:97:
28:a3:09:21:18:d7:a4:7c:da:70:4c:9c:0b:47:c0:
6e:43:21:0d:45:cf:31:9d:47:9f:ff:b8:bd:9a:ad:
90:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:51:06:82:1E:EE:F9:5E:8F:6A:61:0B:3D:4E:56:7D:5E:01:41:E2
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEF/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEF/2lEGgh7u-V6PamELPU5WfV4BQeI.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.188.0/23
IPv6:
2404:b840::/32
Signature Algorithm: sha256WithRSAEncryption
70:92:eb:cd:c6:5a:de:14:ce:bc:2e:a6:c6:c3:57:4a:31:d5:
56:5b:65:bc:8b:d8:b7:7a:90:a6:45:f7:1c:93:5a:35:b3:f3:
92:61:26:9f:32:c6:94:39:e0:a7:e6:eb:9d:81:1c:36:a2:73:
10:7d:2b:87:ee:7c:ee:d8:e2:e3:17:0b:93:fa:6b:18:5c:0c:
0e:d8:e1:63:d5:8a:4c:30:23:5b:8b:d9:22:f9:54:26:11:55:
e0:8b:e3:e5:c2:74:22:a3:9d:a2:92:1e:15:28:87:2d:5f:a5:
1e:ec:fc:49:fa:40:c6:3e:6a:0e:f5:d1:d5:e5:7e:91:fe:7b:
1e:41:a5:80:51:5b:e7:b8:a2:0e:5b:86:ac:ce:e6:d4:81:00:
d7:7c:98:eb:d0:b0:10:03:ee:f8:64:6d:a8:87:fa:8a:c0:ec:
83:75:30:c9:b9:0c:24:c5:23:ad:cf:38:3a:4a:c3:37:6c:b5:
29:9c:70:34:97:ee:8a:7d:59:7b:10:52:01:29:8a:59:17:8f:
9c:44:58:0f:f1:a9:1e:a8:7f:9b:2c:ac:80:9b:8e:48:a6:27:
bc:5a:a6:57:6b:f8:79:ac:d4:05:25:25:12:e3:5b:8f:d7:c0:
a2:43:ef:1f:3e:bf:47:cb:58:2a:4e:9c:b8:f9:2c:83:f4:6e:
bd:17:e1:8c
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgICGH4wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMxOFoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoREE1MTA2ODIxRUVFRjk1RThGNkE2MTBCM0Q0RTU2N0Q1RTAxNDFF
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL+1HRIka69UO2omMu0E
g4tMTV2Sk7MgHVzFjHyFbllJP8g0pkKyMKTuZxVtOK0sqogtt7ZlE9GD/mYpuEvH
5R2LVe0rU4ZHM8lKqMGhEdRNBefEG8uOaAKNmcibYXJAEShAAt5BsW1ff7VRWCzz
hDxBZ9feBXBddlwKQADf7e3ubkdp+TY/a4f8u2yqVyqzSLur5bPzxZc8pKQ4yJHn
xNgX3Vcqz2YAy3T6aJ7xh72v58GNASi0zJ+Ok9AlOpkK+//jHEtVf/5pinJow0P2
v0LpQwSJCfv5WxRV5DX1r/aXKKMJIRjXpHzacEycC0fAbkMhDUXPMZ1Hn/+4vZqt
kC8CAwEAAaOCAlkwggJVMB0GA1UdDgQWBBTaUQaCHu75Xo9qYQs9TlZ9XgFB4jAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdAGCCsGAQUFBwELBIHDMIHAMDUGCCsGAQUFBzAF
hilyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0VGLzBUBggr
BgEFBQcwCoZIcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NF
Ri8ybEVHZ2g3dS1WNlBhbUVMUFU1V2ZWNEJRZUkubWZ0MDEGCCsGAQUFBzANhiVo
dHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMC4GCCsGAQUFBwEH
AQH/BB8wHTAMBAIAATAGAwQBZ4m8MA0EAgACMAcDBQAkBLhAMA0GCSqGSIb3DQEB
CwUAA4IBAQBwkuvNxlreFM68LqbGw1dKMdVWW2W8i9i3epCmRfcck1o1s/OSYSaf
MsaUOeCn5uudgRw2onMQfSuH7nzu2OLjFwuT+msYXAwO2OFj1YpMMCNbi9ki+VQm
EVXgi+PlwnQio52ikh4VKIctX6Ue7PxJ+kDGPmoO9dHV5X6R/nseQaWAUVvnuKIO
W4aszubUgQDXfJjr0LAQA+74ZG2oh/qKwOyDdTDJuQwkxSOtzzg6SsM3bLUpnHA0
l+6KfVl7EFIBKYpZF4+cRFgP8akeqH+bLKyAm45Ipie8WqZXa/h5rNQFJSUS41uP
18CiQ+8fPr9Hy1gqTpy4+SyD9G69F+GM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org