Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/2yFBWO5LGnCY21Hjh11M0D1zRjs.cer
File: 2yFBWO5LGnCY21Hjh11M0D1zRjs.cer (raw, json)
Hash identifier: lrj7rP/YzbUbwjdW5vhixp+3JLXMHHv1O201kvfkqBk=
Subject key identifier: DB:21:41:58:EE:4B:1A:70:98:DB:51:E3:87:5D:4C:D0:3D:73:46:3B
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 316D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/2yFBWO5LGnCY21Hjh11M0D1zRjs.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Thu 07 Nov 2024 23:50:04 +0000
Certificate not after: Tue 04 Nov 2025 15:30:21 +0000
Subordinate resources: IP: 2401:d3a0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12653 (0x316d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000
Validity
Not Before: Nov 7 23:50:04 2024 GMT
Not After : Nov 4 15:30:21 2025 GMT
Subject: CN=DB214158EE4B1A7098DB51E3875D4CD03D73463B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:d9:69:51:0f:84:6f:c2:0e:48:99:37:cb:
45:4c:2e:70:ef:d9:2c:b0:37:30:1b:66:1d:12:f7:
aa:af:f4:35:2b:a1:db:a6:61:bb:79:52:9b:12:fa:
53:0c:ec:ef:07:f1:8d:3c:bb:80:0d:58:09:9e:04:
59:be:89:41:f6:be:92:24:52:35:b7:68:15:ff:cc:
88:03:59:7a:5b:60:26:a2:cc:0e:98:43:3a:db:4b:
ca:8d:72:5e:ec:7e:8d:38:04:5e:c2:13:dc:86:e8:
9e:1f:07:fc:26:9d:cc:38:e2:04:ef:8d:f3:5a:76:
85:28:65:43:2e:5f:85:46:17:57:0d:5f:35:c5:fe:
e0:dc:29:a4:28:22:c7:15:9f:30:3c:63:c5:26:1f:
f2:f8:b2:3c:a5:1b:99:c8:44:a9:f8:d9:3e:f2:1d:
5f:4c:40:2a:32:ed:3e:97:80:38:e0:88:d0:ca:c3:
8e:95:5b:c1:4a:f8:8a:bc:0a:f9:1a:e1:0c:a5:5e:
b5:86:c0:9d:a7:3d:04:0f:fc:31:d0:ed:0b:f3:43:
12:42:dc:3d:fc:4a:d5:7d:0a:e3:af:92:fc:54:86:
b6:cb:c7:7a:02:f7:1c:62:96:66:f6:e1:99:45:90:
96:d9:d1:3e:58:e3:f8:84:52:79:0a:48:b9:8a:8c:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:21:41:58:EE:4B:1A:70:98:DB:51:E3:87:5D:4C:D0:3D:73:46:3B
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/2yFBWO5LGnCY21Hjh11M0D1zRjs.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:d3a0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:b7:00:7c:95:9c:8f:51:2c:26:25:62:2f:48:2b:53:7f:83:
64:71:47:b8:77:d0:56:63:34:a4:7f:90:3e:c6:eb:fa:d4:dd:
d5:4e:f2:fe:27:6f:e9:1d:a9:55:59:f1:9f:06:10:2f:3d:62:
c8:44:95:81:5b:3a:ab:24:47:83:ee:46:51:99:47:c6:06:34:
98:96:41:1b:98:72:21:3b:b5:20:28:54:17:bb:53:77:6c:23:
07:16:e1:8d:67:bd:50:3c:ef:ef:d6:4e:cd:23:da:66:31:c5:
58:09:b6:37:9b:4a:18:45:13:47:40:b8:04:2d:99:ca:65:55:
3e:da:95:c7:bc:58:f0:88:a9:d3:91:42:83:09:6a:a5:af:c9:
ff:aa:e4:a6:e9:3d:ca:57:3e:f0:8c:c1:57:cc:63:19:d2:b3:
73:94:74:a1:09:02:5f:78:6f:3a:46:10:d5:69:26:7d:15:f0:
d0:e1:ea:64:38:41:85:3a:88:e0:13:22:e0:b8:6d:b5:49:db:
19:91:60:58:b6:9c:d5:ab:05:33:2f:94:34:27:c7:94:bf:e6:
62:85:a8:f5:3d:fa:a2:22:b6:2c:92:dd:f8:17:96:22:04:db:
24:12:98:1e:ac:d7:82:cc:d0:3d:9f:53:68:c0:05:31:0a:aa:
0a:83:25:d5
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICMW0wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTI0MTEwNzIzNTAwNFoXDTI1MTEwNDE1MzAyMVowMzEx
MC8GA1UEAxMoREIyMTQxNThFRTRCMUE3MDk4REI1MUUzODc1RDRDRDAzRDczNDYz
QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgp2WlRD4Rvwg5ImTfL
RUwucO/ZLLA3MBtmHRL3qq/0NSuh26Zhu3lSmxL6Uwzs7wfxjTy7gA1YCZ4EWb6J
Qfa+kiRSNbdoFf/MiANZeltgJqLMDphDOttLyo1yXux+jTgEXsIT3Ibonh8H/Cad
zDjiBO+N81p2hShlQy5fhUYXVw1fNcX+4NwppCgixxWfMDxjxSYf8viyPKUbmchE
qfjZPvIdX0xAKjLtPpeAOOCI0MrDjpVbwUr4irwK+RrhDKVetYbAnac9BA/8MdDt
C/NDEkLcPfxK1X0K46+S/FSGtsvHegL3HGKWZvbhmUWQltnRPljj+IRSeQpIuYqM
0YMCAwEAAaOCAlEwggJNMB0GA1UdDgQWBBTbIUFY7ksacJjbUeOHXUzQPXNGOzAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF
hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOQU5HLzBX
BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1hJTkFORy8yeUZCV081TEduQ1kyMUhqaDExTTBEMXpSanMubWZ0MDEGCCsGAQUF
BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsG
AQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHToDANBgkqhkiG9w0BAQsFAAOCAQEA
DLcAfJWcj1EsJiViL0grU3+DZHFHuHfQVmM0pH+QPsbr+tTd1U7y/idv6R2pVVnx
nwYQLz1iyESVgVs6qyRHg+5GUZlHxgY0mJZBG5hyITu1IChUF7tTd2wjBxbhjWe9
UDzv79ZOzSPaZjHFWAm2N5tKGEUTR0C4BC2ZymVVPtqVx7xY8Iip05FCgwlqpa/J
/6rkpuk9ylc+8IzBV8xjGdKzc5R0oQkCX3hvOkYQ1WkmfRXw0OHqZDhBhTqI4BMi
4LhttUnbGZFgWLac1asFMy+UNCfHlL/mYoWo9T36oiK2LJLd+BeWIgTbJBKYHqzX
gszQPZ9TaMAFMQqqCoMl1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:32:56 2025 by rpki-client