Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/5O7S0O0X83kJxuybdYQD9NGM4M4.cer
File: 5O7S0O0X83kJxuybdYQD9NGM4M4.cer (raw, json)
Hash identifier: clmJzAVP3ujaU8vWJDMOFM7Hge1Xci/8q2JwET+yXXc=
Subject key identifier: E4:EE:D2:D0:ED:17:F3:79:09:C6:EC:9B:75:84:03:F4:D1:8C:E0:CE
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 19DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/IVYISP/5O7S0O0X83kJxuybdYQD9NGM4M4.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/IVYISP/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:35 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.123.152.0/22
IP: 2403:a440::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6618 (0x19da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:35 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E4EED2D0ED17F37909C6EC9B758403F4D18CE0CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4a:24:13:6f:17:29:99:33:47:b9:e1:24:07:
33:48:83:38:6d:29:06:61:4c:85:63:28:cc:bf:ea:
4c:43:83:27:82:7b:f7:f4:09:17:7a:68:8c:70:c1:
47:89:7a:99:e1:fe:64:a5:a5:d1:7a:4e:99:d2:b3:
6b:90:8b:0a:4e:38:b1:8c:ac:e0:14:05:4a:1c:04:
f6:fb:34:4b:fe:ee:05:4b:f4:c7:04:7d:38:58:5a:
95:9c:6f:4a:76:d9:43:55:64:a7:0e:e1:80:a1:cb:
5e:50:10:0f:1c:07:d9:08:6c:69:69:79:00:41:6d:
07:1b:60:d5:d8:5d:8b:c9:c6:75:ca:7e:70:db:bc:
c3:e7:1a:28:e0:a3:82:86:ce:73:ed:ef:ca:7c:76:
68:5f:bc:55:e3:f8:04:54:56:08:18:c2:46:b1:ce:
46:7a:e4:59:6a:e0:a9:3f:cc:41:fc:7b:d5:12:02:
3c:55:85:4a:34:04:3d:c7:6f:b3:c1:0d:7a:2c:3a:
3e:82:bb:07:4c:9c:f6:2e:57:d1:34:fd:0c:a6:7c:
1b:8d:2e:10:b7:58:c5:8d:64:bb:ed:68:ba:35:e1:
61:8b:ec:b9:38:d4:44:9e:b6:6a:df:89:22:ad:38:
32:a7:7a:c2:b7:da:b4:a7:13:17:d3:d2:03:58:32:
8d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EE:D2:D0:ED:17:F3:79:09:C6:EC:9B:75:84:03:F4:D1:8C:E0:CE
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IVYISP/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IVYISP/5O7S0O0X83kJxuybdYQD9NGM4M4.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.152.0/22
IPv6:
2403:a440::/32
Signature Algorithm: sha256WithRSAEncryption
5f:3d:54:56:ad:8c:ae:28:cf:60:21:fd:e9:c1:9d:18:83:48:
6d:c8:75:59:ea:9d:57:3c:6b:f8:45:9b:b3:a5:11:80:b9:51:
98:9c:a1:f2:c2:9a:f9:6f:39:20:63:cb:fa:ab:1e:72:e8:77:
16:b1:8c:59:36:fd:37:d1:26:e7:ff:4e:55:f7:99:99:ae:30:
03:f7:dc:06:c4:f0:56:cc:90:ad:07:96:b1:52:5f:8c:9a:96:
01:8a:49:3d:11:af:6a:43:0c:45:1b:52:91:8a:23:b0:ff:b7:
9b:ab:c6:fd:c3:d2:b7:60:8d:2e:b2:fd:81:aa:ed:6b:e8:6b:
ee:0d:79:62:b2:1c:b5:56:b3:c8:c9:6e:db:6b:d4:13:ff:46:
ca:3c:1f:d0:2a:c5:b0:d0:7d:f2:da:b1:5a:b1:bb:73:14:34:
a5:b6:89:cd:15:57:4c:a1:91:a4:ad:98:ea:7b:7f:47:83:d7:
ae:eb:54:e5:be:f9:78:3f:16:68:cd:7f:93:b5:31:48:4c:30:
28:a2:4f:eb:b3:7f:8f:48:b6:3c:7e:67:89:2b:7f:f2:41:eb:
96:9e:cb:54:56:9b:2d:9b:51:a0:01:fa:3a:bc:41:8d:7c:e8:
2b:65:77:ea:13:a3:46:8f:66:d7:3a:4c:11:88:95:eb:9b:47:
91:0b:41:b8
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgICGdowDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMzNVoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoRTRFRUQyRDBFRDE3RjM3OTA5QzZFQzlCNzU4NDAzRjREMThDRTBD
RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBKJBNvFymZM0e54SQH
M0iDOG0pBmFMhWMozL/qTEODJ4J79/QJF3pojHDBR4l6meH+ZKWl0XpOmdKza5CL
Ck44sYys4BQFShwE9vs0S/7uBUv0xwR9OFhalZxvSnbZQ1Vkpw7hgKHLXlAQDxwH
2QhsaWl5AEFtBxtg1dhdi8nGdcp+cNu8w+caKOCjgobOc+3vynx2aF+8VeP4BFRW
CBjCRrHORnrkWWrgqT/MQfx71RICPFWFSjQEPcdvs8ENeiw6PoK7B0yc9i5X0TT9
DKZ8G40uELdYxY1ku+1oujXhYYvsuTjURJ62at+JIq04Mqd6wrfatKcTF9PSA1gy
jUUCAwEAAaOCAl8wggJbMB0GA1UdDgQWBBTk7tLQ7RfzeQnG7Jt1hAP00YzgzjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF
hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSVZZSVNQLzBX
BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0lWWUlTUC81TzdTME8wWDgza0p4dXliZFlRRDlOR000TTQubWZ0MDEGCCsGAQUF
BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMC4GCCsG
AQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ3uYMA0EAgACMAcDBQAkA6RAMA0GCSqG
SIb3DQEBCwUAA4IBAQBfPVRWrYyuKM9gIf3pwZ0Yg0htyHVZ6p1XPGv4RZuzpRGA
uVGYnKHywpr5bzkgY8v6qx5y6HcWsYxZNv030Sbn/05V95mZrjAD99wGxPBWzJCt
B5axUl+MmpYBikk9Ea9qQwxFG1KRiiOw/7ebq8b9w9K3YI0usv2Bqu1r6GvuDXli
shy1VrPIyW7ba9QT/0bKPB/QKsWw0H3y2rFasbtzFDSltonNFVdMoZGkrZjqe39H
g9eu61Tlvvl4PxZozX+TtTFITDAook/rs3+PSLY8fmeJK3/yQeuWnstUVpstm1Gg
Afo6vEGNfOgrZXfqE6NGj2bXOkwRiJXrm0eRC0G4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org