Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/8iFjLTENCFqTkHmeWkn_8Y69_bQ.cer
File: 8iFjLTENCFqTkHmeWkn_8Y69_bQ.cer (raw, json)
Hash identifier: VZro4K214hgZ1VmSc2q0nUk96RaSFm6NriNr4dVVgU4=
Subject key identifier: F2:21:63:2D:31:0D:08:5A:93:90:79:9E:5A:49:FF:F1:8E:BD:FD:B4
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 2AB1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/3LINK/8iFjLTENCFqTkHmeWkn_8Y69_bQ.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/3LINK/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 08 Dec 2023 08:50:09 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 2403:acc0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10929 (0x2ab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Dec 8 08:50:09 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F221632D310D085A9390799E5A49FFF18EBDFDB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e4:bd:25:f7:62:09:1e:1b:e4:39:6c:63:25:
74:89:cd:32:70:3b:da:d0:a9:14:9c:df:90:aa:cc:
61:21:af:4a:bb:c0:85:e1:ab:10:dc:8b:df:d4:31:
2e:8d:57:00:cd:5c:d4:d6:2a:35:8e:91:ec:21:55:
83:ec:be:89:75:d5:2c:8e:b4:ae:cb:9d:c2:b0:bb:
b8:27:53:0e:98:dd:43:42:9c:7a:7a:cc:fe:25:af:
68:2f:9f:47:f8:3b:e0:b3:84:fd:76:f8:91:c6:e0:
fe:53:ae:eb:68:f7:fa:08:fa:37:aa:e1:9d:ae:ec:
60:bd:83:83:91:2b:32:5d:5f:35:cc:61:38:92:e7:
cc:ce:08:3b:49:f8:96:5a:d9:7b:a5:47:26:8d:4b:
d5:3b:11:77:1d:8f:7f:d8:80:8d:ac:46:40:55:da:
0b:1e:c1:ac:0a:93:7e:a4:64:fe:af:46:ec:ae:f8:
88:6e:8c:ae:13:b2:de:f0:ec:8b:a7:5b:60:c5:5c:
84:ad:6f:fe:08:5e:8a:3f:1a:fb:44:53:e3:06:54:
6a:b5:07:3b:65:b9:03:89:1a:f7:8b:ab:0c:2b:34:
f3:5d:94:f7:ae:f4:fa:7d:f3:7c:92:d8:54:eb:af:
13:8f:8b:83:71:71:d3:6e:9b:47:c4:c5:3d:8f:0b:
2b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:21:63:2D:31:0D:08:5A:93:90:79:9E:5A:49:FF:F1:8E:BD:FD:B4
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3LINK/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3LINK/8iFjLTENCFqTkHmeWkn_8Y69_bQ.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:b0:60:27:97:43:69:7a:d7:eb:a3:60:08:a3:fd:b5:bc:f9:
51:22:73:01:52:ea:cc:52:f7:88:0e:ea:6c:91:b5:ce:21:8f:
6b:ac:85:ec:d8:55:6c:4e:03:4e:e6:12:21:75:0e:1a:38:84:
e4:b9:37:98:7c:2c:06:b2:18:e6:23:0c:cc:c3:b1:c9:a3:c6:
4f:8a:d0:d8:9c:d6:8d:28:2d:e2:dd:88:b5:d7:93:04:bf:a6:
52:48:2e:88:2c:01:be:06:54:ea:bb:04:df:6a:39:5c:05:31:
a5:ca:3f:7d:22:32:c5:fd:c3:2a:fb:33:9f:ec:55:8e:c4:bf:
ed:e4:d4:b6:ce:7f:ac:2f:ea:07:13:2a:bb:b5:52:d9:84:45:
3d:24:c8:80:de:42:3b:9b:f8:43:c3:44:4f:71:61:66:87:c4:
0e:e4:4c:2d:71:5d:c8:4e:34:ac:0d:b9:b4:53:58:49:03:0f:
dd:76:bb:b5:4f:91:fd:ae:ed:fe:7f:49:7e:d1:ad:18:56:eb:
87:f6:ed:14:3b:58:4a:de:38:68:f2:b6:d7:9d:42:09:d6:35:
c1:8d:86:f0:62:fc:de:5e:28:c1:83:ed:e2:8a:3e:78:ae:93:
e5:64:52:c2:c8:3b:61:41:d2:d7:70:b0:dd:a8:bc:f8:da:dd:
8b:c4:ee:5b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgICKrEwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMTIwODA4NTAwOVoXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoRjIyMTYzMkQzMTBEMDg1QTkzOTA3OTlFNUE0OUZGRjE4RUJERkRC
NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALLkvSX3YgkeG+Q5bGMl
dInNMnA72tCpFJzfkKrMYSGvSrvAheGrENyL39QxLo1XAM1c1NYqNY6R7CFVg+y+
iXXVLI60rsudwrC7uCdTDpjdQ0KcenrM/iWvaC+fR/g74LOE/Xb4kcbg/lOu62j3
+gj6N6rhna7sYL2Dg5ErMl1fNcxhOJLnzM4IO0n4llrZe6VHJo1L1TsRdx2Pf9iA
jaxGQFXaCx7BrAqTfqRk/q9G7K74iG6MrhOy3vDsi6dbYMVchK1v/gheij8a+0RT
4wZUarUHO2W5A4ka94urDCs0812U9670+n3zfJLYVOuvE4+Lg3Fx026bR8TFPY8L
K3ECAwEAAaOCAk8wggJLMB0GA1UdDgQWBBTyIWMtMQ0IWpOQeZ5aSf/xjr39tDAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvM0xJTksvMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M0xJTksvOGlGakxURU5DRnFUa0htZVdrbl84WTY5X2JRLm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEF
BQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDrMAwDQYJKoZIhvcNAQELBQADggEBAD+w
YCeXQ2l61+ujYAij/bW8+VEicwFS6sxS94gO6myRtc4hj2ushezYVWxOA07mEiF1
Dho4hOS5N5h8LAayGOYjDMzDscmjxk+K0Nic1o0oLeLdiLXXkwS/plJILogsAb4G
VOq7BN9qOVwFMaXKP30iMsX9wyr7M5/sVY7Ev+3k1LbOf6wv6gcTKru1UtmERT0k
yIDeQjub+EPDRE9xYWaHxA7kTC1xXchONKwNubRTWEkDD912u7VPkf2u7f5/SX7R
rRhW64f27RQ7WEreOGjyttedQgnWNcGNhvBi/N5eKMGD7eKKPniuk+VkUsLIO2FB
0tdwsN2ovPja3YvE7ls=
-----END CERTIFICATE-----
Generated at Tue Dec 12 08:00:17 2023 by rpki-client on console-fra.rpki-client.org