Certificate

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MJ8EMTBBTDNKgr65IG-Hi59YvXQ.cer
File:                     MJ8EMTBBTDNKgr65IG-Hi59YvXQ.cer (raw, json)
Hash identifier:          5lPJ7vNF80yt/XZUw1vh8MnBxMsqZIN4a0UuRUiIV1E=
Subject key identifier:   30:9F:04:31:30:41:4C:33:4A:82:BE:B9:20:6F:87:8B:9F:58:BD:74
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer:       /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial:       1964
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest:                 rsync://rpkica.twnic.tw/rpki/TWNICCA/NEWAY/MJ8EMTBBTDNKgr65IG-Hi59YvXQ.mft
caRepository:             rsync://rpkica.twnic.tw/rpki/TWNICCA/NEWAY/
Notify URL:               https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before:   Tue 29 Sep 2020 09:53:29 +0000
Certificate not after:    Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources:    AS: 131624
                          IP: 103.118.28.0/22

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6500 (0x1964)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
        Validity
            Not Before: Sep 29 09:53:29 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=309F043130414C334A82BEB9206F878B9F58BD74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c6:1e:29:ae:a4:e6:da:28:c6:4b:39:c4:dc:
                    8d:a8:25:70:13:74:1f:53:09:d3:a3:bf:cb:f0:3b:
                    6a:30:a0:de:ba:4c:e3:db:d3:04:3f:3a:8d:5a:a7:
                    db:4a:5c:cf:bc:37:12:12:0a:f3:2e:84:db:5d:e1:
                    d9:12:0a:1c:3e:f4:0f:42:43:c5:22:a8:40:e1:7f:
                    39:54:5c:6b:78:e5:16:3e:1d:73:40:50:13:f3:e6:
                    0f:f6:bb:b8:2f:6b:bd:85:42:aa:46:8b:fd:ac:ef:
                    fd:e3:79:8e:38:a7:67:63:1a:8b:9b:7d:c5:98:f6:
                    90:d7:27:9d:b1:a5:d6:e1:ab:96:70:98:e1:59:83:
                    12:66:d5:39:3f:70:78:c6:a2:df:10:07:7d:d4:3e:
                    f9:e9:37:0c:cd:a9:b8:4e:6b:92:c1:e8:2b:2f:18:
                    25:4a:7e:4a:80:4f:68:22:cd:88:30:b8:d0:5f:13:
                    ce:a3:f2:40:98:a4:07:37:7a:c3:fa:20:1b:be:68:
                    dd:fb:44:1c:a3:85:88:25:86:87:51:75:96:e2:9c:
                    ae:ad:68:31:d9:62:f3:7e:b4:77:41:c3:e2:a7:80:
                    cb:05:8e:42:ae:b3:83:6d:17:38:a7:54:fe:10:43:
                    71:69:07:3e:b6:f8:a5:96:ca:03:14:0a:94:ac:95:
                    04:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:9F:04:31:30:41:4C:33:4A:82:BE:B9:20:6F:87:8B:9F:58:BD:74
            X509v3 Authority Key Identifier:
                keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NEWAY/
                RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NEWAY/MJ8EMTBBTDNKgr65IG-Hi59YvXQ.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  131624

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.118.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:8e:12:20:2e:6b:f7:e3:11:45:be:0a:8d:08:22:a6:e5:61:
         76:db:8f:89:ed:d5:1d:b9:b9:a0:a8:af:bc:38:62:a0:6c:a8:
         1f:86:e9:53:61:1d:19:4b:bc:90:3d:d4:19:86:c0:48:bb:4d:
         c0:1a:a8:14:c3:98:bf:e8:5e:7d:e7:84:c4:4f:52:54:ce:78:
         0f:20:a8:96:be:7d:a2:2e:5c:94:21:84:9e:2d:5d:73:17:29:
         26:b7:9c:cc:77:28:5d:5d:29:be:a8:f1:83:1b:1f:03:ab:6d:
         ca:c8:55:a8:ca:40:97:eb:a6:26:69:ad:85:06:3d:2e:45:d2:
         10:b9:18:c7:db:9c:b3:06:a4:32:2d:ce:6a:d2:c9:50:05:02:
         2f:15:49:51:49:ee:86:13:34:a2:6e:90:de:ae:d2:1d:c4:e7:
         4d:28:f1:bf:3b:bf:f8:42:46:6d:a4:a0:6a:21:57:a0:f5:75:
         70:c5:d8:9c:c7:55:22:05:51:16:e3:7c:cb:ed:c4:f6:54:d5:
         ec:fd:1a:13:1e:28:61:b7:35:d3:fe:f7:a9:37:1e:ab:f3:80:
         f7:39:ca:46:21:58:23:b3:f3:2a:ab:53:32:17:95:f9:77:7f:
         7c:4c:7a:f4:39:8c:ee:a5:c0:35:a0:d2:87:88:e7:34:45:c7:
         53:df:bc:ae
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgICGWQwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMyOVoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoMzA5RjA0MzEzMDQxNEMzMzRBODJCRUI5MjA2Rjg3OEI5RjU4QkQ3
NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/GHimupObaKMZLOcTc
jaglcBN0H1MJ06O/y/A7ajCg3rpM49vTBD86jVqn20pcz7w3EhIK8y6E213h2RIK
HD70D0JDxSKoQOF/OVRca3jlFj4dc0BQE/PmD/a7uC9rvYVCqkaL/azv/eN5jjin
Z2Mai5t9xZj2kNcnnbGl1uGrlnCY4VmDEmbVOT9weMai3xAHfdQ++ek3DM2puE5r
ksHoKy8YJUp+SoBPaCLNiDC40F8TzqPyQJikBzd6w/ogG75o3ftEHKOFiCWGh1F1
luKcrq1oMdli8360d0HD4qeAywWOQq6zg20XOKdU/hBDcWkHPrb4pZbKAxQKlKyV
BBsCAwEAAaOCAmowggJmMB0GA1UdDgQWBBQwnwQxMEFMM0qCvrkgb4eLn1i9dDAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkVXQVkvMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TkVXQVkvTUo4RU1UQkJURE5LZ3I2NUlHLUhpNTlZdlhRLm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMCAigwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJndhwwDQYJKoZIhvcNAQELBQADggEBAE2OEiAua/fjEUW+Co0IIqblYXbbj4nt
1R25uaCor7w4YqBsqB+G6VNhHRlLvJA91BmGwEi7TcAaqBTDmL/oXn3nhMRPUlTO
eA8gqJa+faIuXJQhhJ4tXXMXKSa3nMx3KF1dKb6o8YMbHwOrbcrIVajKQJfrpiZp
rYUGPS5F0hC5GMfbnLMGpDItzmrSyVAFAi8VSVFJ7oYTNKJukN6u0h3E500o8b87
v/hCRm2koGohV6D1dXDF2JzHVSIFURbjfMvtxPZU1ez9GhMeKGG3NdP+96k3Hqvz
gPc5ykYhWCOz8yqrUzIXlfl3f3xMevQ5jO6lwDWg0oeI5zRFx1PfvK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:11 2024 by rpki-client on console-ams.rpki-client.org