Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MsaCWXSrr11XZHb69yyMv92BJPM.cer
File: MsaCWXSrr11XZHb69yyMv92BJPM.cer (raw, json)
Hash identifier: RLG5nCJsTG+/SMf3mS2bJDgV1iBScOa7/g+24P3XiQE=
Subject key identifier: 32:C6:82:59:74:AB:AF:5D:57:64:76:FA:F7:2C:8C:BF:DD:81:24:F3
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 19F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/NAGF/MsaCWXSrr11XZHb69yyMv92BJPM.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/NAGF/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:36 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.131.132.0/22
IP: 2403:cac0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6646 (0x19f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:36 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=32C6825974ABAF5D576476FAF72C8CBFDD8124F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:43:26:c6:c4:87:c7:ba:05:26:20:28:90:
fb:12:d2:9c:da:d9:8b:25:a3:c2:90:f2:1d:63:ec:
48:ea:23:71:31:56:4c:cf:ea:cb:04:3f:a1:18:ab:
71:5c:0f:1f:4c:5c:6d:06:82:3c:74:da:fc:0d:84:
a5:35:d9:b1:2e:ef:a9:32:4b:17:18:c9:9f:3f:07:
3b:85:9d:16:e8:23:2f:ac:37:54:2b:1a:b7:d1:9b:
43:7d:73:00:d1:5a:ee:8d:7e:df:b6:e7:e7:71:c0:
92:fe:80:b7:d9:c1:00:97:09:48:eb:8f:a7:55:9c:
e4:f7:c1:ed:b9:f1:20:16:de:ef:a8:38:05:d2:f9:
c2:fe:01:cd:be:42:5c:55:b1:0a:6b:a4:7d:ff:bb:
73:a2:cd:9b:08:db:5c:7b:fd:1d:07:aa:76:8c:3a:
42:a8:ea:30:5b:8f:cd:7d:c3:19:77:19:19:05:32:
97:ff:c4:66:52:da:e5:58:81:92:b5:91:37:cd:48:
79:4a:08:e6:5a:3a:49:f8:67:64:8e:64:41:df:2d:
9a:c3:e8:3c:65:c4:cc:c4:e9:89:94:ea:9a:25:68:
b3:72:b5:10:ce:65:85:55:62:32:2d:b2:97:fb:1f:
33:ce:38:bd:05:fa:5c:13:ac:ed:8b:d6:05:1b:14:
7a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C6:82:59:74:AB:AF:5D:57:64:76:FA:F7:2C:8C:BF:DD:81:24:F3
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NAGF/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NAGF/MsaCWXSrr11XZHb69yyMv92BJPM.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.131.132.0/22
IPv6:
2403:cac0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:88:0d:6b:e3:54:5c:9a:ec:63:a9:d3:55:dd:fd:bc:e7:df:
97:e4:3c:4d:79:b2:98:17:e4:31:db:01:90:c6:ed:5a:03:9b:
45:7e:c8:97:6e:71:c3:1c:5b:ce:e7:7b:b9:23:1c:23:3a:f0:
3e:86:45:8f:95:ad:5f:c6:e1:84:9d:2b:e1:4f:b4:da:25:2d:
67:1c:67:32:d7:b5:04:57:08:0b:16:c5:b8:22:f1:55:42:26:
9e:57:03:01:3a:37:85:ca:0a:c7:3d:af:b5:db:01:47:34:bf:
cf:08:02:18:57:ef:ad:3e:50:11:ca:77:61:fa:e5:e2:c0:1f:
63:95:52:86:21:69:50:33:3f:d3:39:9f:02:d5:60:52:15:3d:
26:4e:79:54:b5:e1:26:bc:7a:65:f1:a9:80:42:6c:0e:32:73:
c4:4c:8c:63:49:67:10:07:6b:24:37:35:9e:bc:8e:44:f3:dc:
14:ac:95:7a:71:d7:05:66:87:76:90:8f:8e:fb:28:04:04:a5:
91:2a:c5:d7:09:38:97:f0:76:a3:af:14:d2:0b:4c:6b:08:37:
b9:cc:54:bd:0d:7b:51:09:34:ca:66:6e:1a:36:e0:4b:66:e2:
ae:d7:c5:5e:8d:09:f5:a9:74:b6:c8:dc:18:d7:47:99:b4:5d:
20:df:17:9e
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgICGfYwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMzNloXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoMzJDNjgyNTk3NEFCQUY1RDU3NjQ3NkZBRjcyQzhDQkZERDgxMjRG
MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0/QybGxIfHugUmICiQ
+xLSnNrZiyWjwpDyHWPsSOojcTFWTM/qywQ/oRircVwPH0xcbQaCPHTa/A2EpTXZ
sS7vqTJLFxjJnz8HO4WdFugjL6w3VCsat9GbQ31zANFa7o1+37bn53HAkv6At9nB
AJcJSOuPp1Wc5PfB7bnxIBbe76g4BdL5wv4Bzb5CXFWxCmukff+7c6LNmwjbXHv9
HQeqdow6QqjqMFuPzX3DGXcZGQUyl//EZlLa5ViBkrWRN81IeUoI5lo6SfhnZI5k
Qd8tmsPoPGXEzMTpiZTqmiVos3K1EM5lhVViMi2yl/sfM844vQX6XBOs7YvWBRsU
ehsCAwEAAaOCAlswggJXMB0GA1UdDgQWBBQyxoJZdKuvXVdkdvr3LIy/3YEk8zAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdIGCCsGAQUFBwELBIHFMIHCMDYGCCsGAQUFBzAF
hipyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkFHRi8wVQYI
KwYBBQUHMAqGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9O
QUdGL01zYUNXWFNycjExWFpIYjY5eXlNdjkyQkpQTS5tZnQwMQYIKwYBBQUHMA2G
JWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwLgYIKwYBBQUH
AQcBAf8EHzAdMAwEAgABMAYDBAJng4QwDQQCAAIwBwMFACQDysAwDQYJKoZIhvcN
AQELBQADggEBAJqIDWvjVFya7GOp01Xd/bzn35fkPE15spgX5DHbAZDG7VoDm0V+
yJduccMcW87ne7kjHCM68D6GRY+VrV/G4YSdK+FPtNolLWccZzLXtQRXCAsWxbgi
8VVCJp5XAwE6N4XKCsc9r7XbAUc0v88IAhhX760+UBHKd2H65eLAH2OVUoYhaVAz
P9M5nwLVYFIVPSZOeVS14Sa8emXxqYBCbA4yc8RMjGNJZxAHayQ3NZ68jkTz3BSs
lXpx1wVmh3aQj477KAQEpZEqxdcJOJfwdqOvFNILTGsIN7nMVL0Ne1EJNMpmbho2
4Etm4q7XxV6NCfWpdLbI3BjXR5m0XSDfF54=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-fra.rpki-client.org