Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/9_7FLtW1fLF3K2UxgvhVhOXmLLY.cer
File: 9_7FLtW1fLF3K2UxgvhVhOXmLLY.cer (raw, json)
Hash identifier: 0cNHdP2g1fi9X3SU9Ojg47MoNYBilKncqj6wcZP7fqw=
Subject key identifier: F7:FE:C5:2E:D5:B5:7C:B1:77:2B:65:31:82:F8:55:84:E5:E6:2C:B6
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 19F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/TONNET/9_7FLtW1fLF3K2UxgvhVhOXmLLY.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/TONNET/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:36 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.130.116.0/22
IP: 2403:b8c0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6648 (0x19f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:36 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F7FEC52ED5B57CB1772B653182F85584E5E62CB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4b:4b:8d:ac:f4:87:bd:ca:61:27:c0:cc:0b:
5d:8d:bb:a6:05:e2:dd:4e:85:29:3f:4d:07:da:a2:
2d:21:0c:38:8b:30:7e:13:4d:dc:4e:b3:bf:1a:0e:
9b:c0:a4:92:44:46:c4:bb:b9:a1:15:2b:4f:e5:19:
25:b4:a4:8e:99:e8:de:54:5d:ef:ad:86:50:b7:c2:
fb:43:38:25:18:0b:09:76:45:ca:61:f0:6e:c5:28:
ee:fb:5c:90:85:10:f6:13:b4:3d:2f:cb:c9:86:0e:
3d:24:62:7c:08:ff:f4:08:cc:13:9d:76:50:39:c0:
bc:c5:00:3b:b7:ae:96:a7:71:57:99:49:c5:46:58:
98:ff:6d:b9:58:de:98:6c:39:e0:82:d6:e9:20:fc:
e7:cc:f0:a6:ba:e5:3f:2c:0e:9f:da:da:57:aa:c6:
87:85:88:a1:d3:67:72:5f:9e:e5:c7:d9:77:b7:07:
36:3b:ec:b4:68:23:36:74:b6:50:61:50:b5:cb:de:
1d:7e:55:06:12:ad:29:3b:cb:0b:2b:c9:09:11:ba:
dd:76:8e:99:2f:61:04:4d:3e:11:ea:a0:d6:d9:99:
79:9d:2a:9e:e5:fe:6d:a6:48:f3:b9:04:ef:6e:2f:
a4:e9:f0:30:0a:60:8c:1b:ca:35:a5:79:ce:3d:a6:
61:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:FE:C5:2E:D5:B5:7C:B1:77:2B:65:31:82:F8:55:84:E5:E6:2C:B6
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TONNET/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TONNET/9_7FLtW1fLF3K2UxgvhVhOXmLLY.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.116.0/22
IPv6:
2403:b8c0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:f4:46:2f:0b:38:e1:0d:9f:9c:dc:96:24:27:9d:44:95:86:
5a:0b:8e:e9:91:ed:20:e2:d0:5d:c4:e2:a8:1b:f9:bc:cd:0c:
ab:72:59:a4:b4:13:9f:08:ab:c3:7a:a8:0a:34:b1:5d:bb:3a:
6a:e8:1b:d0:5d:ec:06:0f:95:6c:73:e4:ae:6e:41:65:05:5c:
bc:e4:f7:33:5b:71:17:da:e1:17:6b:5e:c5:d0:ea:08:dd:e4:
b4:3f:28:4d:aa:13:c1:d2:f4:7b:fa:fe:fd:81:40:d0:68:fd:
b6:a3:b2:84:d1:c0:c3:9f:93:69:14:c4:3d:38:d2:88:b7:d9:
09:21:a9:28:5c:4c:d8:0e:fc:a7:4d:8c:f4:cb:5d:6d:ca:40:
be:fe:18:5c:5e:fd:b1:ac:09:85:bd:3e:cb:b6:05:01:38:30:
bf:84:61:2d:f7:bd:76:af:d1:31:1e:6c:34:ff:83:d2:d3:77:
e1:92:7c:73:61:a5:3f:d2:32:7c:df:54:10:7c:aa:33:d2:b9:
95:45:3e:ea:98:92:3e:44:20:61:2f:fd:83:57:39:3b:6e:95:
e9:99:4b:9d:29:36:93:30:ba:eb:78:12:71:b5:89:4d:86:6b:
6a:36:cb:92:bf:b9:60:ff:9b:f7:11:a4:3c:b7:ff:17:ab:48:
c4:b3:d6:8c
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgICGfgwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMzNloXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoRjdGRUM1MkVENUI1N0NCMTc3MkI2NTMxODJGODU1ODRFNUU2MkNC
NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKZLS42s9Ie9ymEnwMwL
XY27pgXi3U6FKT9NB9qiLSEMOIswfhNN3E6zvxoOm8CkkkRGxLu5oRUrT+UZJbSk
jpno3lRd762GULfC+0M4JRgLCXZFymHwbsUo7vtckIUQ9hO0PS/LyYYOPSRifAj/
9AjME512UDnAvMUAO7eulqdxV5lJxUZYmP9tuVjemGw54ILW6SD858zwprrlPywO
n9raV6rGh4WIodNncl+e5cfZd7cHNjvstGgjNnS2UGFQtcveHX5VBhKtKTvLCyvJ
CRG63XaOmS9hBE0+Eeqg1tmZeZ0qnuX+baZI87kE724vpOnwMApgjBvKNaV5zj2m
YSUCAwEAAaOCAl8wggJbMB0GA1UdDgQWBBT3/sUu1bV8sXcrZTGC+FWE5eYstjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF
hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVE9OTkVULzBX
BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1RPTk5FVC85XzdGTHRXMWZMRjNLMlV4Z3ZoVmhPWG1MTFkubWZ0MDEGCCsGAQUF
BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMC4GCCsG
AQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4J0MA0EAgACMAcDBQAkA7jAMA0GCSqG
SIb3DQEBCwUAA4IBAQAO9EYvCzjhDZ+c3JYkJ51ElYZaC47pke0g4tBdxOKoG/m8
zQyrclmktBOfCKvDeqgKNLFduzpq6BvQXewGD5Vsc+SubkFlBVy85PczW3EX2uEX
a17F0OoI3eS0PyhNqhPB0vR7+v79gUDQaP22o7KE0cDDn5NpFMQ9ONKIt9kJIako
XEzYDvynTYz0y11tykC+/hhcXv2xrAmFvT7LtgUBODC/hGEt9712r9ExHmw0/4PS
03fhknxzYaU/0jJ831QQfKoz0rmVRT7qmJI+RCBhL/2DVzk7bpXpmUudKTaTMLrr
eBJxtYlNhmtqNsuSv7lg/5v3EaQ8t/8Xq0jEs9aM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org