Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/I9Xgs1INrEJpq0pCWyPSJcsmSog.cer
File: I9Xgs1INrEJpq0pCWyPSJcsmSog.cer (raw, json)
Hash identifier: ve0RwTMXH30B/vSwEzKyUk4jVvAcg2Q4mzIxfTExPH4=
Subject key identifier: 23:D5:E0:B3:52:0D:AC:42:69:AB:4A:42:5B:23:D2:25:CB:26:4A:88
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 28FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNOC/I9Xgs1INrEJpq0pCWyPSJcsmSog.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNOC/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 01 Sep 2023 03:11:27 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 103.123.240.0/22
IP: 2403:ac40::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10492 (0x28fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 1 03:11:27 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=23D5E0B3520DAC4269AB4A425B23D225CB264A88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:44:bd:d9:a4:e6:c5:2a:1b:bf:77:ef:e7:93:
93:e5:34:05:bd:6f:54:38:ce:70:05:ea:0d:30:fb:
0f:18:b2:86:4f:08:b6:4f:e1:b4:9c:11:0b:02:5e:
3e:23:11:b7:30:d5:2e:1d:d7:c2:99:2f:64:cc:ae:
4d:00:51:de:5a:d5:e7:c2:d9:45:1f:75:4f:1f:6f:
ee:58:33:42:37:b3:b7:b8:d2:ee:4a:9e:10:54:55:
5d:4d:99:a1:f6:c1:6b:8f:b0:b4:a0:9d:c2:45:83:
b9:b9:b5:5e:a1:83:a5:3b:af:e7:51:29:e6:90:ef:
3b:97:84:61:07:16:5a:fb:2d:35:e4:0a:bd:76:e1:
e0:0c:14:e6:22:6a:52:d1:ec:4c:4b:57:37:51:f0:
26:6f:0a:8a:ba:74:9f:2d:83:b6:02:80:22:54:e0:
b2:c5:6c:27:d6:33:ee:e0:0f:61:37:8b:06:67:5b:
b2:de:86:e0:ab:18:79:01:6a:74:b7:c2:69:42:1d:
07:a7:78:b5:17:e6:ba:15:8a:14:36:f6:fd:9e:eb:
b3:13:5b:9a:78:e2:6a:27:7e:d6:d2:c6:3e:a1:1e:
e5:cb:0e:6a:d1:21:49:cc:97:09:57:64:4a:b9:60:
43:75:2f:af:c0:b3:db:e7:31:c0:3b:7c:b2:7e:8a:
9a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D5:E0:B3:52:0D:AC:42:69:AB:4A:42:5B:23:D2:25:CB:26:4A:88
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNOC/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNOC/I9Xgs1INrEJpq0pCWyPSJcsmSog.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.240.0/22
IPv6:
2403:ac40::/32
Signature Algorithm: sha256WithRSAEncryption
97:bc:b2:d3:2f:4c:5e:9a:5e:b8:8d:56:69:a5:e7:32:ba:da:
45:a3:af:be:e7:da:b5:d8:e7:e2:38:4c:e2:38:b0:9b:90:06:
5f:35:71:c7:75:b8:b8:16:c0:09:2a:8b:a4:58:7e:73:1e:6f:
95:91:49:46:3a:88:70:a3:72:a3:ee:53:27:74:54:ba:d9:fa:
6c:41:81:be:4c:a3:6e:4a:41:b0:c2:78:6d:6d:32:d3:16:53:
c0:27:ac:f2:58:27:0b:c8:9e:15:09:77:ef:d9:d4:8d:b6:12:
30:a7:f3:86:95:1e:c3:9d:43:f6:b8:b7:7e:23:9b:b4:c8:6b:
6e:52:33:e6:da:0b:ab:e2:a0:87:2c:99:e4:23:87:ec:46:f1:
3b:e3:9b:1d:42:20:cd:8a:b7:6f:34:4b:bf:06:7f:25:2a:c9:
e9:40:e7:e4:98:47:f4:d2:3f:b2:c9:06:04:4f:c9:34:4f:da:
ee:4e:76:44:05:0b:3c:69:30:44:9f:0d:92:69:3a:20:6a:18:
68:7f:98:f0:fc:62:36:8a:78:43:43:24:02:99:66:95:6d:78:
6c:cf:68:7d:43:f5:46:d9:4d:ad:10:3d:7c:7b:5a:f1:e0:ae:
2f:9a:dc:0a:33:84:35:c3:9b:38:19:ed:11:1f:ed:ec:18:82:
4a:ae:51:49
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgICKPwwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMDkwMTAzMTEyN1oXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoMjNENUUwQjM1MjBEQUM0MjY5QUI0QTQyNUIyM0QyMjVDQjI2NEE4
ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL5Evdmk5sUqG7937+eT
k+U0Bb1vVDjOcAXqDTD7Dxiyhk8Itk/htJwRCwJePiMRtzDVLh3XwpkvZMyuTQBR
3lrV58LZRR91Tx9v7lgzQjezt7jS7kqeEFRVXU2ZofbBa4+wtKCdwkWDubm1XqGD
pTuv51Ep5pDvO5eEYQcWWvstNeQKvXbh4AwU5iJqUtHsTEtXN1HwJm8Kirp0ny2D
tgKAIlTgssVsJ9Yz7uAPYTeLBmdbst6G4KsYeQFqdLfCaUIdB6d4tRfmuhWKFDb2
/Z7rsxNbmnjiaid+1tLGPqEe5csOatEhScyXCVdkSrlgQ3Uvr8Cz2+cxwDt8sn6K
mnUCAwEAAaOCAl0wggJZMB0GA1UdDgQWBBQj1eCzUg2sQmmrSkJbI9IlyyZKiDAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOT0MvMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
VFdOT0MvSTlYZ3MxSU5yRUpwcTBwQ1d5UFNKY3NtU29nLm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEAmd78DANBAIAAjAHAwUAJAOsQDANBgkqhkiG
9w0BAQsFAAOCAQEAl7yy0y9MXppeuI1WaaXnMrraRaOvvufatdjn4jhM4jiwm5AG
XzVxx3W4uBbACSqLpFh+cx5vlZFJRjqIcKNyo+5TJ3RUutn6bEGBvkyjbkpBsMJ4
bW0y0xZTwCes8lgnC8ieFQl379nUjbYSMKfzhpUew51D9ri3fiObtMhrblIz5toL
q+KghyyZ5COH7EbxO+ObHUIgzYq3bzRLvwZ/JSrJ6UDn5JhH9NI/sskGBE/JNE/a
7k52RAULPGkwRJ8Nkmk6IGoYaH+Y8PxiNop4Q0MkAplmlW14bM9ofUP1RtlNrRA9
fHta8eCuL5rcCjOENcObOBntER/t7BiCSq5RSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:38 2024 by rpki-client on console-fra.rpki-client.org