Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/4ndJ6qVXvKVkWidePeCjr1NH98M.cer
File: 4ndJ6qVXvKVkWidePeCjr1NH98M.cer (raw, json)
Hash identifier: 80DsJi9nkEajbf6lZm4zj1bQArBIncTX/6BEZunoRtA=
Subject key identifier: E2:77:49:EA:A5:57:BC:A5:64:5A:27:5E:3D:E0:A3:AF:53:47:F7:C3
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 282C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/PARADISE/4ndJ6qVXvKVkWidePeCjr1NH98M.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/PARADISE/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 01 Sep 2023 03:11:16 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 103.175.152.0/23
IP: 2400:1b60::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10284 (0x282c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 1 03:11:16 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=E27749EAA557BCA5645A275E3DE0A3AF5347F7C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:8a:0d:5c:7c:b1:c8:43:e3:0c:33:d1:7b:
08:33:d4:72:54:a4:5a:91:24:c5:1f:3c:7c:cf:8a:
fb:dc:2f:4e:a6:9a:4c:db:ca:33:a3:f0:c4:a4:0c:
1d:c3:97:6b:3e:ec:79:d1:83:bc:77:b4:92:c6:cf:
8d:e9:0e:c3:d2:44:bb:a8:55:09:08:89:8f:a6:f9:
87:db:23:3e:d2:11:81:e7:2e:f2:cc:49:f6:58:7a:
de:46:f9:c2:fb:46:cf:c5:75:12:b7:d5:64:43:4e:
e2:56:10:64:eb:e6:9e:48:93:95:42:41:25:27:1b:
b5:13:6e:f0:c8:d1:96:12:b2:4e:f7:72:56:c0:50:
a1:c2:50:98:39:a7:18:52:2d:9d:3e:f7:3a:ed:40:
92:62:e4:09:de:67:3c:09:ce:8b:9f:6c:14:08:8d:
8a:11:58:d8:15:44:2a:85:eb:0e:d1:16:16:7e:82:
b2:b9:f8:59:f5:10:1a:f5:48:bb:97:c9:1e:54:7a:
81:4e:6c:a4:b7:4e:2a:06:63:00:cc:b4:c6:48:78:
83:dd:1a:66:57:4b:4c:ec:a4:a2:13:83:2d:14:d0:
af:4b:8f:1e:28:cc:d3:85:dc:2c:ad:e7:e6:a5:eb:
3d:91:60:dc:c2:36:2e:f9:e9:82:88:23:5d:4d:0a:
17:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:77:49:EA:A5:57:BC:A5:64:5A:27:5E:3D:E0:A3:AF:53:47:F7:C3
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PARADISE/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PARADISE/4ndJ6qVXvKVkWidePeCjr1NH98M.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.175.152.0/23
IPv6:
2400:1b60::/32
Signature Algorithm: sha256WithRSAEncryption
01:88:0c:61:9f:64:76:f1:2d:3d:3b:dc:2d:9b:66:26:ae:d9:
48:64:a7:ca:d8:62:db:56:c4:81:e2:27:03:90:21:0a:d1:db:
27:a4:be:0d:a9:78:03:cf:d8:9d:9d:0b:64:37:b3:f1:f0:e3:
9d:01:9d:3a:95:eb:c6:6d:f4:f9:98:74:19:eb:79:f7:b5:07:
fc:c3:6d:20:06:c0:cf:04:73:b5:30:78:2e:dd:1d:7d:88:93:
a5:bb:94:a1:56:1f:80:6e:95:37:32:e0:10:b4:1f:2e:1f:6a:
dc:c6:e3:2e:40:e3:90:73:c5:42:16:36:a6:e8:d4:5e:22:f4:
20:2d:a1:f4:83:72:d7:3b:c8:8d:9c:1f:ed:14:26:a2:b6:d5:
9b:54:d0:c5:d9:e6:ec:8f:cd:71:b9:af:17:d2:99:14:02:3e:
d6:b9:82:9a:b5:4c:60:b1:f4:2f:4f:2e:d1:d4:1e:2b:70:32:
14:52:d2:62:ee:c9:e2:d8:69:6e:a6:5a:91:84:0d:0d:a5:4e:
6a:f4:30:ee:32:c2:4a:07:48:98:21:f9:da:67:87:ff:4b:90:
4a:f9:03:fc:1c:d1:31:66:e7:60:b4:2f:04:80:96:91:4f:5c:
8d:91:a8:2b:7a:c8:0f:84:aa:ba:8c:97:7b:cd:5b:2b:2a:0b:
aa:e6:8b:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgICKCwwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMDkwMTAzMTExNloXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoRTI3NzQ5RUFBNTU3QkNBNTY0NUEyNzVFM0RFMEEzQUY1MzQ3RjdD
MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALFyig1cfLHIQ+MMM9F7
CDPUclSkWpEkxR88fM+K+9wvTqaaTNvKM6PwxKQMHcOXaz7sedGDvHe0ksbPjekO
w9JEu6hVCQiJj6b5h9sjPtIRgecu8sxJ9lh63kb5wvtGz8V1ErfVZENO4lYQZOvm
nkiTlUJBJScbtRNu8MjRlhKyTvdyVsBQocJQmDmnGFItnT73Ou1AkmLkCd5nPAnO
i59sFAiNihFY2BVEKoXrDtEWFn6Csrn4WfUQGvVIu5fJHlR6gU5spLdOKgZjAMy0
xkh4g90aZldLTOykohODLRTQr0uPHijM04XcLK3n5qXrPZFg3MI2LvnpgogjXU0K
F7kCAwEAAaOCAmMwggJfMB0GA1UdDgQWBBTid0nqpVe8pWRaJ1494KOvU0f3wzAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdoGCCsGAQUFBwELBIHNMIHKMDoGCCsGAQUFBzAF
hi5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEFSQURJU0Uv
MFkGCCsGAQUFBzAKhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUEFSQURJU0UvNG5kSjZxVlh2S1ZrV2lkZVBlQ2pyMU5IOThNLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAWevmDANBAIAAjAHAwUAJAAbYDAN
BgkqhkiG9w0BAQsFAAOCAQEAAYgMYZ9kdvEtPTvcLZtmJq7ZSGSnythi21bEgeIn
A5AhCtHbJ6S+Dal4A8/YnZ0LZDez8fDjnQGdOpXrxm30+Zh0Get597UH/MNtIAbA
zwRztTB4Lt0dfYiTpbuUoVYfgG6VNzLgELQfLh9q3MbjLkDjkHPFQhY2pujUXiL0
IC2h9INy1zvIjZwf7RQmorbVm1TQxdnm7I/NcbmvF9KZFAI+1rmCmrVMYLH0L08u
0dQeK3AyFFLSYu7J4thpbqZakYQNDaVOavQw7jLCSgdImCH52meH/0uQSvkD/BzR
MWbnYLQvBICWkU9cjZGoK3rID4SquoyXe81bKyoLquaLFw==
-----END CERTIFICATE-----
Generated at Mon Jan 22 06:04:38 2024 by rpki-client on console-ams.rpki-client.org