Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/4PkrwcUj2DOzyCt7IGonr4HGCa8.cer
File: 4PkrwcUj2DOzyCt7IGonr4HGCa8.cer (raw, json)
Hash identifier: LswoBfjLABHV4nKEkn3PTpiL3/hnUvFCwQanHg9G/Gk=
Subject key identifier: E0:F9:2B:C1:C5:23:D8:33:B3:C8:2B:7B:20:6A:27:AF:81:C6:09:AF
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 19C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/YUFENG/4PkrwcUj2DOzyCt7IGonr4HGCa8.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/YUFENG/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:34 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: AS: 131625
IP: 103.118.148.0/22
IP: 2403:3ac0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6600 (0x19c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:34 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E0F92BC1C523D833B3C82B7B206A27AF81C609AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:21:0f:52:03:23:b4:f2:c3:a5:79:bd:6d:30:
d2:5e:5d:c9:f8:d0:af:a3:e9:40:d9:90:07:2e:cb:
a8:13:f4:3f:c2:43:8a:3b:09:c8:e4:00:5f:06:9a:
a2:bc:e3:04:9c:67:b6:70:72:c7:94:3b:e0:c7:cd:
5b:03:a8:e9:49:53:0b:33:16:72:5e:0d:d6:82:2d:
90:9d:e0:91:b4:0a:ec:35:fa:f7:fb:b0:a8:d3:99:
c4:a8:cf:2e:31:2a:be:ab:7c:fb:da:8f:0e:a3:18:
ff:e4:bc:21:dc:fd:0b:16:4a:72:b7:09:8e:11:61:
9b:2f:4a:16:b8:ab:28:8d:9b:e0:c7:fa:9e:d5:ef:
92:b5:02:9b:d4:c3:6a:d0:04:1d:0b:f1:8a:68:e4:
33:a6:0e:8e:f0:fc:a7:77:5d:bf:2e:c2:98:7c:dd:
9b:c1:7e:2e:28:b9:c3:94:29:0a:2f:72:28:4a:da:
bc:4a:b3:f9:96:62:04:e3:e6:07:0d:0a:09:76:ce:
98:df:00:92:9c:47:71:4e:7d:d5:8d:10:3a:82:8b:
68:c4:88:a4:bd:02:13:b2:8d:36:ca:f2:4a:c0:38:
74:eb:4b:5f:89:94:95:1d:aa:f4:90:50:08:45:2d:
7b:73:8b:e2:7d:89:3e:4e:08:2b:29:1f:f6:ae:98:
58:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F9:2B:C1:C5:23:D8:33:B3:C8:2B:7B:20:6A:27:AF:81:C6:09:AF
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUFENG/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUFENG/4PkrwcUj2DOzyCt7IGonr4HGCa8.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131625
sbgp-ipAddrBlock: critical
IPv4:
103.118.148.0/22
IPv6:
2403:3ac0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:b8:53:73:5a:11:ad:65:74:8e:13:5c:f9:6b:f5:61:97:16:
0d:d5:a7:d1:a3:80:89:4c:bd:b4:75:96:ba:10:07:bd:a8:fc:
eb:90:60:e6:04:b1:25:52:d6:dc:67:65:a1:63:3e:0d:53:d8:
41:21:f9:14:fa:e5:5a:f6:a4:9f:f0:1f:b3:11:dc:ac:71:ba:
62:fa:ee:4c:b0:7b:3b:99:bc:bc:af:23:a8:c2:3a:94:ed:eb:
f9:c7:8e:a1:f5:0f:2d:86:b7:bd:e7:9b:76:d3:af:68:ef:26:
7d:ee:3e:b6:1e:8e:62:16:cd:30:a3:7b:c3:40:ec:6c:1a:73:
d5:e6:28:f3:97:50:7f:c7:5a:65:21:cb:ca:07:d8:ad:65:d5:
45:50:06:ed:0c:b3:09:ee:dd:38:18:90:95:09:61:da:1f:85:
38:8a:cc:0b:ea:2c:0e:f2:cd:8c:07:13:76:5b:17:1c:88:7c:
28:85:77:97:69:18:f5:a4:68:eb:29:c1:8b:f5:6f:13:d6:d2:
e3:b9:db:e7:d1:83:ce:8b:1a:49:69:88:05:6f:ea:fe:83:70:
3b:5b:9d:e8:08:89:ca:14:4f:f8:34:44:f8:90:ad:fe:1d:ca:
96:fa:35:92:ec:c9:1c:4c:09:a1:72:e6:eb:c2:de:64:9d:0a:
aa:49:d8:d7
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICGcgwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMzNFoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoRTBGOTJCQzFDNTIzRDgzM0IzQzgyQjdCMjA2QTI3QUY4MUM2MDlB
RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANchD1IDI7Tyw6V5vW0w
0l5dyfjQr6PpQNmQBy7LqBP0P8JDijsJyOQAXwaaorzjBJxntnByx5Q74MfNWwOo
6UlTCzMWcl4N1oItkJ3gkbQK7DX69/uwqNOZxKjPLjEqvqt8+9qPDqMY/+S8Idz9
CxZKcrcJjhFhmy9KFrirKI2b4Mf6ntXvkrUCm9TDatAEHQvximjkM6YOjvD8p3dd
vy7CmHzdm8F+Lii5w5QpCi9yKEravEqz+ZZiBOPmBw0KCXbOmN8AkpxHcU591Y0Q
OoKLaMSIpL0CE7KNNsrySsA4dOtLX4mUlR2q9JBQCEUte3OL4n2JPk4IKykf9q6Y
WM0CAwEAAaOCAnswggJ3MB0GA1UdDgQWBBTg+SvBxSPYM7PIK3sgaievgcYJrzAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF
hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWVVGRU5HLzBX
BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1lVRkVORy80UGtyd2NVajJET3p5Q3Q3SUdvbnI0SEdDYTgubWZ0MDEGCCsGAQUF
BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMBoGCCsG
AQUFBwEIAQH/BAswCaAHMAUCAwICKTAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEw
BgMEAmd2lDANBAIAAjAHAwUAJAM6wDANBgkqhkiG9w0BAQsFAAOCAQEAW7hTc1oR
rWV0jhNc+Wv1YZcWDdWn0aOAiUy9tHWWuhAHvaj865Bg5gSxJVLW3GdloWM+DVPY
QSH5FPrlWvakn/AfsxHcrHG6YvruTLB7O5m8vK8jqMI6lO3r+ceOofUPLYa3veeb
dtOvaO8mfe4+th6OYhbNMKN7w0DsbBpz1eYo85dQf8daZSHLygfYrWXVRVAG7Qyz
Ce7dOBiQlQlh2h+FOIrMC+osDvLNjAcTdlsXHIh8KIV3l2kY9aRo6ynBi/VvE9bS
47nb59GDzosaSWmIBW/q/oNwO1ud6AiJyhRP+DRE+JCt/h3Klvo1kuzJHEwJoXLm
68LeZJ0KqknY1w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org