Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/JXYQuhUOg-LZBrhyOMbDLZZRsfQ.cer
File: JXYQuhUOg-LZBrhyOMbDLZZRsfQ.cer (raw, json)
Hash identifier: CZ0PkKu5om60YoFT8q1Q0HXQsjHvOs7c1mSulfBBxTc=
Subject key identifier: 25:76:10:BA:15:0E:83:E2:D9:06:B8:72:38:C6:C3:2D:96:51:B1:F4
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 1906
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/DIGITALAGE/JXYQuhUOg-LZBrhyOMbDLZZRsfQ.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/DIGITALAGE/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:25 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.139.64.0/23
IP: 2404:dcc0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6406 (0x1906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:25 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=257610BA150E83E2D906B87238C6C32D9651B1F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e2:9e:00:27:69:20:aa:85:34:9e:b0:df:41:
3c:b6:ee:35:89:69:3a:6b:c0:c9:63:90:46:a9:0a:
bc:fc:de:3f:1e:1f:bf:47:26:bd:00:43:f1:3a:34:
44:b6:79:6a:38:11:54:35:80:ba:80:80:50:6d:2e:
10:3b:e4:5f:d3:a1:3b:73:97:92:a9:e9:94:bb:37:
de:28:c2:96:5a:d8:4b:b6:9c:dd:ab:09:ad:ba:ba:
f3:db:5b:60:fd:1c:e4:2d:f2:7d:e3:2c:60:99:50:
ab:89:fe:fa:4e:ec:32:36:04:b7:94:fb:d6:e0:d4:
39:c7:32:01:f8:6f:96:6d:d6:16:ed:99:18:06:27:
27:36:6e:23:9b:c8:71:41:9e:46:86:7d:f5:76:a2:
4e:06:e2:5f:5b:ed:eb:14:33:62:e2:e5:09:01:71:
cb:49:37:4d:fc:9b:56:75:0e:17:ce:e0:7b:11:03:
aa:01:95:17:ec:51:9c:33:bc:f7:13:31:d8:23:08:
6f:d9:8d:c5:c3:dc:ad:2e:95:0e:2b:28:74:12:9c:
8d:89:7a:5b:9b:ca:ff:b1:c4:e8:ab:c0:be:27:5d:
20:50:ae:c8:59:fa:d1:47:a8:8f:7f:db:94:f4:66:
83:66:93:23:76:db:41:dd:bb:89:6b:f4:d4:dd:bc:
c2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:76:10:BA:15:0E:83:E2:D9:06:B8:72:38:C6:C3:2D:96:51:B1:F4
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DIGITALAGE/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DIGITALAGE/JXYQuhUOg-LZBrhyOMbDLZZRsfQ.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.64.0/23
IPv6:
2404:dcc0::/32
Signature Algorithm: sha256WithRSAEncryption
12:13:91:3f:46:43:b0:44:94:32:c4:8f:f4:72:12:f4:dd:54:
15:d9:79:d1:20:29:a3:db:0c:11:48:85:8a:bd:60:8f:a4:f7:
5d:43:2d:92:1a:8a:61:20:e8:cb:c1:d9:96:55:e2:4a:7b:5d:
8d:12:89:60:45:be:88:17:ff:a1:66:20:7d:af:98:12:d3:30:
65:a0:29:01:de:00:f8:c6:df:ee:d4:90:2d:85:97:e3:18:16:
d4:c0:bb:ea:fd:9c:39:d5:86:fe:d7:22:56:53:7d:2a:3c:f8:
f5:e0:8e:75:cf:42:08:e7:01:a1:99:fe:d6:20:42:ed:7c:f2:
38:fe:21:07:1b:cb:84:a3:f3:75:65:fb:bf:30:7c:da:16:92:
63:d0:cc:06:7d:5a:21:01:21:48:a8:3f:75:4f:a6:3a:0b:5b:
0f:5e:dd:4a:92:a2:5c:7f:53:a7:2e:4b:d2:33:07:e7:ef:84:
5c:22:b8:30:a3:3e:cd:51:51:c2:92:fc:ad:17:57:09:8f:28:
ab:13:58:57:61:d9:56:93:b3:bc:2c:83:c7:4e:02:26:29:8b:
bd:cf:cb:de:2c:d0:f9:4e:a2:7d:d4:13:2f:9f:c9:c5:36:b8:
56:5e:46:0e:91:91:0f:47:87:f8:a4:b7:45:11:69:c7:cf:6e:
65:1b:5d:e9
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgICGQYwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMyNVoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoMjU3NjEwQkExNTBFODNFMkQ5MDZCODcyMzhDNkMzMkQ5NjUxQjFG
NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANLingAnaSCqhTSesN9B
PLbuNYlpOmvAyWOQRqkKvPzePx4fv0cmvQBD8To0RLZ5ajgRVDWAuoCAUG0uEDvk
X9OhO3OXkqnplLs33ijCllrYS7ac3asJrbq689tbYP0c5C3yfeMsYJlQq4n++k7s
MjYEt5T71uDUOccyAfhvlm3WFu2ZGAYnJzZuI5vIcUGeRoZ99XaiTgbiX1vt6xQz
YuLlCQFxy0k3TfybVnUOF87gexEDqgGVF+xRnDO89xMx2CMIb9mNxcPcrS6VDiso
dBKcjYl6W5vK/7HE6KvAviddIFCuyFn60Ueoj3/blPRmg2aTI3bbQd27iWv01N28
wlECAwEAAaOCAmcwggJjMB0GA1UdDgQWBBQldhC6FQ6D4tkGuHI4xsMtllGx9DAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgd4GCCsGAQUFBwELBIHRMIHOMDwGCCsGAQUFBzAF
hjByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRElHSVRBTEFH
RS8wWwYIKwYBBQUHMAqGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESUdJVEFMQUdFL0pYWVF1aFVPZy1MWkJyaHlPTWJETFpaUnNmUS5tZnQw
MQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFni0AwDQQCAAIwBwMFACQE
3MAwDQYJKoZIhvcNAQELBQADggEBABITkT9GQ7BElDLEj/RyEvTdVBXZedEgKaPb
DBFIhYq9YI+k911DLZIaimEg6MvB2ZZV4kp7XY0SiWBFvogX/6FmIH2vmBLTMGWg
KQHeAPjG3+7UkC2Fl+MYFtTAu+r9nDnVhv7XIlZTfSo8+PXgjnXPQgjnAaGZ/tYg
Qu188jj+IQcby4Sj83Vl+78wfNoWkmPQzAZ9WiEBIUioP3VPpjoLWw9e3UqSolx/
U6cuS9IzB+fvhFwiuDCjPs1RUcKS/K0XVwmPKKsTWFdh2VaTs7wsg8dOAiYpi73P
y94s0PlOon3UEy+fycU2uFZeRg6RkQ9Hh/ikt0URacfPbmUbXek=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:56 2023 by rpki-client on console-ams.rpki-client.org