Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/H_DEOuYS_VfqrHHcIIrsTlbS1mU.cer
File: H_DEOuYS_VfqrHHcIIrsTlbS1mU.cer (raw, json)
Hash identifier: vRyPmkAak3HGmnpQnDsA4eY5Iiaq0pfP+MTYni+NwIk=
Subject key identifier: 1F:F0:C4:3A:E6:12:FD:57:EA:AC:71:DC:20:8A:EC:4E:56:D2:D6:65
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 18B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/H_DEOuYS_VfqrHHcIIrsTlbS1mU.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:20 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: AS: 131652
IP: 103.139.92.0/23
IP: 2404:dfc0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6320 (0x18b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:20 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1FF0C43AE612FD57EAAC71DC208AEC4E56D2D665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4f:08:69:8f:cb:f7:f3:0c:79:fc:0c:3e:77:
c6:5e:e6:70:63:2e:75:dc:ad:97:4e:09:a2:a5:ae:
bb:77:e0:40:b4:2b:b8:60:8e:37:5b:a8:6d:27:2c:
15:cf:e8:b8:ce:3c:30:32:b3:55:22:df:90:53:01:
6b:d9:87:92:71:a4:37:13:a4:c2:06:c4:8f:b0:7a:
56:2a:c8:19:f2:26:95:a9:ce:23:ef:33:45:41:83:
60:ed:0b:4d:27:75:58:bc:fe:a6:12:00:f1:99:e8:
65:f2:f8:e6:f9:f8:76:bb:26:2f:bb:b6:0d:4b:2b:
c9:08:dd:a5:89:50:23:1a:c6:c1:1d:99:e9:85:37:
0f:a6:6a:04:37:70:88:98:f6:50:c4:f1:e7:c9:88:
0c:b1:1f:1d:5b:02:76:0f:5c:26:20:20:77:24:94:
ce:09:70:3a:30:e0:31:26:bd:55:b5:c5:0e:85:a9:
30:33:ba:f3:94:2d:27:4a:b9:29:85:da:46:09:6a:
09:5e:d5:91:21:94:ba:d9:ca:9d:c7:a3:aa:ed:3c:
c3:01:44:8b:bd:b4:71:2e:2d:eb:76:94:76:0c:f5:
95:27:54:49:80:6e:14:44:37:fd:4e:81:78:d4:82:
2d:f9:80:6e:22:57:fb:c5:58:03:b4:2b:2c:1f:d6:
28:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F0:C4:3A:E6:12:FD:57:EA:AC:71:DC:20:8A:EC:4E:56:D2:D6:65
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/H_DEOuYS_VfqrHHcIIrsTlbS1mU.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131652
sbgp-ipAddrBlock: critical
IPv4:
103.139.92.0/23
IPv6:
2404:dfc0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:2a:97:26:27:0c:00:79:bf:60:78:a6:58:77:d8:f6:e8:2b:
4c:2d:09:42:64:de:28:ad:f5:69:73:19:ce:41:0e:4d:f0:1a:
0b:ea:3e:3c:79:cf:82:d9:b8:c7:53:6f:5f:2f:37:83:57:0e:
2d:9e:04:3e:3c:d1:d8:7b:cd:92:10:f7:b3:93:de:e2:37:97:
30:f9:3e:8b:23:46:c6:97:89:1a:a4:89:dd:6b:98:a0:8d:78:
e9:c8:e4:31:1d:a3:4e:52:34:a7:f6:ac:1c:34:27:13:9b:9a:
eb:bb:cb:0a:c8:7f:18:3b:cb:7a:aa:bf:a7:98:c1:c9:47:16:
0e:06:a0:85:99:0e:49:f9:1d:35:e8:5e:b3:4f:eb:07:0a:f2:
dc:4f:7d:f2:2d:4c:0f:19:a6:08:3f:34:74:c1:a0:6f:cb:49:
a5:d4:75:e3:76:6a:51:38:c2:a5:16:5d:36:2f:14:fb:3f:4b:
df:b8:cc:1d:84:e1:ea:30:54:d7:3b:24:75:80:84:d0:de:7a:
57:08:2b:62:07:64:8f:22:5c:4a:c9:e9:71:80:aa:8c:71:62:
3e:9a:60:b2:bc:8b:e9:44:91:69:62:04:bd:65:19:df:b0:24:
53:da:67:07:df:b9:8d:99:17:ee:5b:57:1d:9b:af:7b:9d:b3:
d5:0b:69:b0
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICGLAwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMyMFoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoMUZGMEM0M0FFNjEyRkQ1N0VBQUM3MURDMjA4QUVDNEU1NkQyRDY2
NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANlPCGmPy/fzDHn8DD53
xl7mcGMuddytl04JoqWuu3fgQLQruGCON1uobScsFc/ouM48MDKzVSLfkFMBa9mH
knGkNxOkwgbEj7B6VirIGfImlanOI+8zRUGDYO0LTSd1WLz+phIA8ZnoZfL45vn4
drsmL7u2DUsryQjdpYlQIxrGwR2Z6YU3D6ZqBDdwiJj2UMTx58mIDLEfHVsCdg9c
JiAgdySUzglwOjDgMSa9VbXFDoWpMDO685QtJ0q5KYXaRglqCV7VkSGUutnKncej
qu08wwFEi720cS4t63aUdgz1lSdUSYBuFEQ3/U6BeNSCLfmAbiJX+8VYA7QrLB/W
KGMCAwEAAaOCAncwggJzMB0GA1UdDgQWBBQf8MQ65hL9V+qscdwgiuxOVtLWZTAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdIGCCsGAQUFBwELBIHFMIHCMDYGCCsGAQUFBzAF
hipyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tJUy8wVQYI
KwYBBQUHMAqGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9L
S0lTL0hfREVPdVlTX1ZmcXJISGNJSXJzVGxiUzFtVS5tZnQwMQYIKwYBBQUHMA2G
JWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwGgYIKwYBBQUH
AQgBAf8ECzAJoAcwBQIDAgJEMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB
Z4tcMA0EAgACMAcDBQAkBN/AMA0GCSqGSIb3DQEBCwUAA4IBAQANKpcmJwwAeb9g
eKZYd9j26CtMLQlCZN4orfVpcxnOQQ5N8BoL6j48ec+C2bjHU29fLzeDVw4tngQ+
PNHYe82SEPezk97iN5cw+T6LI0bGl4kapInda5igjXjpyOQxHaNOUjSn9qwcNCcT
m5rru8sKyH8YO8t6qr+nmMHJRxYOBqCFmQ5J+R016F6zT+sHCvLcT33yLUwPGaYI
PzR0waBvy0ml1HXjdmpROMKlFl02LxT7P0vfuMwdhOHqMFTXOyR1gITQ3npXCCti
B2SPIlxKyelxgKqMcWI+mmCyvIvpRJFpYgS9ZRnfsCRT2mcH37mNmRfuW1cdm697
nbPVC2mw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:07 2023 by rpki-client on console-fra.rpki-client.org