Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTsJnr9Q1u3HukBwMWJLmdnboLM.cer
File: GTsJnr9Q1u3HukBwMWJLmdnboLM.cer (raw, json)
Hash identifier: qfxrTLZEykXrmWnJGp6X450+MPrpbwR3NGgfpY97d+A=
Subject key identifier: 19:3B:09:9E:BF:50:D6:ED:C7:BA:40:70:31:62:4B:99:D9:DB:A0:B3
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 1952
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/ROAMERMOBL/GTsJnr9Q1u3HukBwMWJLmdnboLM.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/ROAMERMOBL/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:28 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.127.220.0/22
IP: 2404:27c0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6482 (0x1952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:28 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=193B099EBF50D6EDC7BA407031624B99D9DBA0B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3d:fc:6a:f8:36:f8:02:65:7f:7a:26:4a:6d:
03:34:29:ca:eb:f9:3d:de:cc:f1:ed:ae:20:b0:ab:
84:a3:c0:85:af:d3:ef:06:2e:98:fe:ba:7d:21:56:
5b:03:b5:2e:fb:bb:1b:53:db:79:13:08:12:3e:27:
f0:f8:c9:2f:38:d5:05:53:0c:90:12:fb:be:5e:0d:
b2:17:b7:f7:02:65:13:14:b8:61:b8:4c:1d:97:b2:
bd:2a:fc:03:2c:bf:b2:9d:1b:7d:a9:ed:2e:c5:6a:
71:a6:95:1d:dc:23:25:3b:76:16:c2:ce:54:7c:6c:
b1:18:ae:c8:53:a7:8d:ed:1e:f0:0f:95:c6:75:30:
a9:59:da:98:46:0e:d8:cf:df:59:d7:7b:f3:ac:f6:
c4:13:5f:f2:03:1b:8f:4b:97:1e:08:35:9e:66:e8:
d3:52:1e:28:a0:be:6a:bd:81:28:8e:86:de:d1:c1:
3e:35:b1:ac:d0:66:7e:2e:e8:3b:8b:d9:d8:a4:e6:
73:81:f1:75:34:14:58:d9:52:6b:17:5c:05:d7:99:
26:1e:c5:f1:35:43:4b:c8:16:8f:c3:5b:92:b1:e9:
2d:79:9d:42:8b:c5:a0:38:ab:b8:5e:c4:6c:3f:9d:
17:44:69:67:e7:1d:4c:04:3e:36:33:91:7a:85:f6:
04:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3B:09:9E:BF:50:D6:ED:C7:BA:40:70:31:62:4B:99:D9:DB:A0:B3
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ROAMERMOBL/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ROAMERMOBL/GTsJnr9Q1u3HukBwMWJLmdnboLM.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.220.0/22
IPv6:
2404:27c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:e8:7b:fe:8a:56:d7:df:b8:a5:16:1f:ff:6c:d8:e4:35:21:
21:3c:7c:82:7c:61:5a:33:31:7e:fc:de:13:e9:01:97:0a:87:
90:0b:c3:15:f2:25:56:36:4b:12:a0:c5:8d:da:1b:a6:ed:bd:
7b:d2:b5:25:8b:26:05:3e:75:37:f6:11:ee:31:6d:34:82:c9:
17:49:b8:e1:59:73:a9:57:33:f4:ef:bf:9a:91:bb:bf:16:75:
ca:ec:f7:42:cf:ba:01:89:f9:4c:13:fc:19:57:5f:82:c5:70:
cd:d3:bb:a7:d0:55:a9:30:7c:50:15:76:94:2f:b7:08:16:07:
fd:b2:4c:42:ac:83:81:83:3d:3b:be:8a:d4:dd:5d:94:ab:8a:
ef:71:5e:bf:8c:8c:91:7b:64:96:23:fb:e1:a4:88:55:61:44:
db:17:d1:e0:87:58:a0:66:c2:19:8c:02:12:f6:44:9f:7a:d0:
13:d4:8c:48:d0:d4:6c:41:dd:e2:73:e7:6c:13:d7:94:7b:e3:
76:ca:17:b5:3e:72:7a:42:70:08:98:7c:29:e2:3e:b4:0b:99:
b1:b7:9b:9c:6a:3a:dc:46:da:78:56:48:47:5a:3e:c0:9e:c1:
22:78:8e:e7:3c:b8:e0:fd:56:1e:cc:03:a9:e7:d0:18:4c:b7:
b9:b8:15:ee
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgICGVIwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMyOFoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoMTkzQjA5OUVCRjUwRDZFREM3QkE0MDcwMzE2MjRCOTlEOURCQTBC
MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOo9/Gr4NvgCZX96Jkpt
AzQpyuv5Pd7M8e2uILCrhKPAha/T7wYumP66fSFWWwO1Lvu7G1PbeRMIEj4n8PjJ
LzjVBVMMkBL7vl4Nshe39wJlExS4YbhMHZeyvSr8Ayy/sp0bfantLsVqcaaVHdwj
JTt2FsLOVHxssRiuyFOnje0e8A+VxnUwqVnamEYO2M/fWdd786z2xBNf8gMbj0uX
Hgg1nmbo01IeKKC+ar2BKI6G3tHBPjWxrNBmfi7oO4vZ2KTmc4HxdTQUWNlSaxdc
BdeZJh7F8TVDS8gWj8NbkrHpLXmdQovFoDiruF7EbD+dF0RpZ+cdTAQ+NjOReoX2
BBkCAwEAAaOCAmcwggJjMB0GA1UdDgQWBBQZOwmev1DW7ce6QHAxYkuZ2dugszAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgd4GCCsGAQUFBwELBIHRMIHOMDwGCCsGAQUFBzAF
hjByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUk9BTUVSTU9C
TC8wWwYIKwYBBQUHMAqGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ST0FNRVJNT0JML0dUc0pucjlRMXUzSHVrQndNV0pMbWRuYm9MTS5tZnQw
MQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJnf9wwDQQCAAIwBwMFACQE
J8AwDQYJKoZIhvcNAQELBQADggEBAIPoe/6KVtffuKUWH/9s2OQ1ISE8fIJ8YVoz
MX783hPpAZcKh5ALwxXyJVY2SxKgxY3aG6btvXvStSWLJgU+dTf2Ee4xbTSCyRdJ
uOFZc6lXM/Tvv5qRu78Wdcrs90LPugGJ+UwT/BlXX4LFcM3Tu6fQVakwfFAVdpQv
twgWB/2yTEKsg4GDPTu+itTdXZSriu9xXr+MjJF7ZJYj++GkiFVhRNsX0eCHWKBm
whmMAhL2RJ960BPUjEjQ1GxB3eJz52wT15R743bKF7U+cnpCcAiYfCniPrQLmbG3
m5xqOtxG2nhWSEdaPsCewSJ4juc8uOD9Vh7MA6nn0BhMt7m4Fe4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:54 2023 by rpki-client on console-ams.rpki-client.org