Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/R-7U2n7kHMEiQqUTtB6xfkerAYY.cer
File: R-7U2n7kHMEiQqUTtB6xfkerAYY.cer (raw, json)
Hash identifier: CoaQYJir+lsblB55uZq71yv2GOF/5K1zylmIgohJvcQ=
Subject key identifier: 47:EE:D4:DA:7E:E4:1C:C1:22:42:A5:13:B4:1E:B1:7E:47:AB:01:86
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 2403
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/R-7U2n7kHMEiQqUTtB6xfkerAYY.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 06 Sep 2022 03:05:09 +0000
Certificate not after: Wed 06 Sep 2023 03:00:35 +0000
Subordinate resources: IP: 103.136.212.0/23
IP: 2404:9d40::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9219 (0x2403)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 6 03:05:09 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=47EED4DA7EE41CC12242A513B41EB17E47AB0186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:71:08:04:48:49:75:e2:cb:3e:d7:55:9d:8b:
d1:09:87:8e:15:32:14:90:41:ae:02:71:2a:64:d9:
4d:06:c9:40:32:5a:d5:33:09:ce:88:e9:88:ed:68:
db:9f:f3:9e:14:78:2a:8c:c8:b1:08:53:9d:ac:50:
08:15:47:68:6f:94:f2:18:17:4f:9b:e8:8d:25:1c:
5f:37:bd:ca:37:98:c6:c6:6d:c1:71:08:6a:0d:d0:
00:35:01:f6:af:51:c2:3c:b7:be:1d:60:c7:69:83:
ae:01:1c:63:a6:18:53:a7:e4:5f:a7:87:e7:53:0d:
f4:a3:ed:d0:14:00:01:d5:83:37:ad:a9:e4:70:32:
a0:0b:77:c5:87:63:41:ba:05:27:c1:ee:18:74:da:
b4:e7:7b:1e:3b:35:39:52:79:fc:c1:a0:53:d7:88:
1c:16:13:6f:4a:fc:17:ab:19:11:e1:ac:d8:53:26:
3d:c1:c3:99:1a:77:ce:e3:5f:93:0a:97:c4:79:2a:
02:a1:b3:2d:c6:0f:df:aa:24:bc:e6:df:f1:26:25:
f8:f4:e7:64:89:ef:02:93:db:47:06:27:29:bd:bf:
7e:00:d6:62:00:33:e6:44:f8:0d:42:c9:8d:31:94:
b0:a3:d8:8b:37:41:46:9b:56:06:b1:22:69:22:a8:
a7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:EE:D4:DA:7E:E4:1C:C1:22:42:A5:13:B4:1E:B1:7E:47:AB:01:86
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/R-7U2n7kHMEiQqUTtB6xfkerAYY.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.212.0/23
IPv6:
2404:9d40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:db:74:c8:d4:91:4e:ca:57:49:6c:eb:64:b2:d8:dd:c9:23:
f7:46:91:14:e5:e4:57:25:49:60:58:ab:e8:9a:e3:4d:6a:2b:
b9:13:09:d9:6b:8d:25:ff:18:a1:cb:ad:3d:da:0a:09:82:ff:
54:ef:ea:c9:2d:38:b4:05:ba:89:4f:24:47:15:0e:d2:54:57:
4f:c2:df:a8:a4:73:9e:0a:53:fe:36:ce:04:d9:fc:54:a9:4a:
2f:15:3d:8a:f5:4c:22:6c:bc:50:21:8a:9d:ab:eb:4a:16:88:
da:67:7d:f0:28:b4:56:4e:23:59:ce:05:12:95:66:fb:f9:ce:
07:b2:e3:ed:a3:8f:0a:25:a1:fd:4e:c7:4b:51:de:9d:1b:c5:
b4:c5:51:7c:71:73:34:b5:c7:66:f8:ea:7c:c2:7e:33:66:6a:
22:af:80:8b:58:04:c7:c0:85:65:20:15:03:d1:ff:12:df:b8:
a2:f0:e7:33:18:99:7d:61:f5:75:4a:5c:f3:b5:9b:eb:3e:d9:
37:de:a3:e1:0b:5a:92:04:52:85:6d:97:d0:00:84:f9:49:1a:
5a:73:69:7c:91:74:9c:a9:d2:d2:e3:03:ab:7b:c0:e2:a9:b4:
7e:85:ff:c8:c7:1c:ac:1c:00:36:92:f6:bd:9d:5e:64:33:fa:
da:dd:6e:f0
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgICJAMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIyMDkwNjAzMDUwOVoXDTIzMDkwNjAzMDAzNVowMzEx
MC8GA1UEAxMoNDdFRUQ0REE3RUU0MUNDMTIyNDJBNTEzQjQxRUIxN0U0N0FCMDE4
NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALdxCARISXXiyz7XVZ2L
0QmHjhUyFJBBrgJxKmTZTQbJQDJa1TMJzojpiO1o25/znhR4KozIsQhTnaxQCBVH
aG+U8hgXT5vojSUcXze9yjeYxsZtwXEIag3QADUB9q9Rwjy3vh1gx2mDrgEcY6YY
U6fkX6eH51MN9KPt0BQAAdWDN62p5HAyoAt3xYdjQboFJ8HuGHTatOd7Hjs1OVJ5
/MGgU9eIHBYTb0r8F6sZEeGs2FMmPcHDmRp3zuNfkwqXxHkqAqGzLcYP36okvObf
8SYl+PTnZInvApPbRwYnKb2/fgDWYgAz5kT4DULJjTGUsKPYizdBRptWBrEiaSKo
p9cCAwEAAaOCAl0wggJZMB0GA1UdDgQWBBRH7tTafuQcwSJCpRO0HrF+R6sBhjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWE1ORVQvMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
WE1ORVQvUi03VTJuN2tITUVpUXFVVHRCNnhma2VyQVlZLm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEAWeI1DANBAIAAjAHAwUAJASdQDANBgkqhkiG
9w0BAQsFAAOCAQEAW9t0yNSRTspXSWzrZLLY3ckj90aRFOXkVyVJYFir6JrjTWor
uRMJ2WuNJf8YocutPdoKCYL/VO/qyS04tAW6iU8kRxUO0lRXT8LfqKRzngpT/jbO
BNn8VKlKLxU9ivVMImy8UCGKnavrShaI2md98Ci0Vk4jWc4FEpVm+/nOB7Lj7aOP
CiWh/U7HS1HenRvFtMVRfHFzNLXHZvjqfMJ+M2ZqIq+Ai1gEx8CFZSAVA9H/Et+4
ovDnMxiZfWH1dUpc87Wb6z7ZN96j4QtakgRShW2X0ACE+UkaWnNpfJF0nKnS0uMD
q3vA4qm0foX/yMccrBwANpL2vZ1eZDP62t1u8A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org