Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WsGqz2ly1f4CvqS0yJa2Zibfj74.cer
File: WsGqz2ly1f4CvqS0yJa2Zibfj74.cer (raw, json)
Hash identifier: MyMzvCJbUZp/SVJ62usquFXYCWJnfOkC0X9kFrRrJ0A=
Subject key identifier: 5A:C1:AA:CF:69:72:D5:FE:02:BE:A4:B4:C8:96:B6:66:26:DF:8F:BE
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 1A3C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLICKAP/WsGqz2ly1f4CvqS0yJa2Zibfj74.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLICKAP/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:40 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.122.220.0/22
IP: 2403:9640::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6716 (0x1a3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:40 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5AC1AACF6972D5FE02BEA4B4C896B66626DF8FBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c7:c1:f2:36:69:7a:5d:2b:2d:55:ab:b0:ab:
ec:39:7a:b2:77:3d:cb:ef:05:00:f6:05:87:e6:3b:
4c:be:eb:2a:5a:63:2c:8d:12:83:98:c0:13:01:3a:
50:68:5a:14:0b:0a:50:87:e9:4f:43:94:ca:08:0a:
c1:2f:cd:fd:1e:73:58:a9:25:ed:42:f7:56:bd:74:
be:b5:06:56:d3:ab:ac:29:81:61:d7:63:29:95:35:
be:7f:33:20:3e:3d:5e:1c:48:1e:a0:35:90:80:2b:
f8:60:e2:55:70:85:18:c2:9d:07:86:83:80:f6:dc:
c3:79:7e:7f:29:d8:59:f9:5f:82:91:7b:7d:26:ed:
ef:56:b2:ad:56:c7:1e:ed:42:09:04:6d:28:d4:75:
32:64:31:5f:4e:97:89:d5:dd:58:6c:42:b6:4e:30:
e4:77:78:15:a2:c0:fc:4f:48:85:64:bc:c5:6e:00:
d4:c7:7c:f9:74:06:f7:d1:82:b3:c3:f9:e3:63:b5:
84:d4:d2:55:4a:d3:3d:bc:23:be:16:2d:47:00:77:
72:bb:6a:20:1f:b1:77:ae:5d:c6:a3:69:a1:5f:45:
b1:58:e2:59:fa:2e:31:4c:d3:f5:39:b8:6b:fa:7b:
12:f8:69:7f:33:5c:45:a4:f4:dd:1a:4e:52:73:80:
38:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C1:AA:CF:69:72:D5:FE:02:BE:A4:B4:C8:96:B6:66:26:DF:8F:BE
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLICKAP/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLICKAP/WsGqz2ly1f4CvqS0yJa2Zibfj74.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.220.0/22
IPv6:
2403:9640::/32
Signature Algorithm: sha256WithRSAEncryption
83:bd:69:d8:ea:28:66:b8:11:55:59:10:d8:68:79:12:03:92:
d7:ec:92:8c:3a:b3:3d:c3:e1:3b:49:04:a4:1d:f6:c0:7e:f6:
d1:f8:d4:a8:80:82:78:21:c3:96:3b:56:55:30:55:33:3e:ef:
bf:39:20:f2:9a:99:31:cf:23:46:17:74:5a:b6:87:ef:f5:40:
eb:a6:06:91:f8:97:a7:ee:9c:cb:27:2a:7c:d1:29:07:2f:7a:
3e:39:ef:2b:f4:a9:66:0c:e5:8c:fe:87:19:3e:9b:3b:ba:15:
c6:00:c6:44:e7:77:26:86:96:33:8e:17:52:c8:88:15:a1:f8:
81:88:60:7b:c8:46:24:6f:e3:06:0a:87:5b:29:f7:88:b9:6d:
47:57:6e:6a:39:53:52:2d:7c:12:cf:14:21:00:1a:1f:14:54:
cd:19:75:a4:da:3c:9f:36:43:d7:fe:b3:07:42:d8:f7:bc:08:
4d:6c:67:ea:5b:6b:53:e5:29:a1:23:7a:be:a1:d2:6c:23:99:
c2:14:97:90:b9:3f:e8:f0:5a:ed:fd:9e:57:1e:e8:21:8c:f4:
2d:85:a5:01:bd:cf:62:bc:07:9a:46:7b:b3:90:fe:15:27:60:
bd:32:5d:e1:21:88:86:53:2a:26:cf:44:f2:23:6b:f9:2c:95:
d7:2a:46:8e
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgICGjwwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTM0MFoXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoNUFDMUFBQ0Y2OTcyRDVGRTAyQkVBNEI0Qzg5NkI2NjYyNkRGOEZC
RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANLHwfI2aXpdKy1Vq7Cr
7Dl6snc9y+8FAPYFh+Y7TL7rKlpjLI0Sg5jAEwE6UGhaFAsKUIfpT0OUyggKwS/N
/R5zWKkl7UL3Vr10vrUGVtOrrCmBYddjKZU1vn8zID49XhxIHqA1kIAr+GDiVXCF
GMKdB4aDgPbcw3l+fynYWflfgpF7fSbt71ayrVbHHu1CCQRtKNR1MmQxX06XidXd
WGxCtk4w5Hd4FaLA/E9IhWS8xW4A1Md8+XQG99GCs8P542O1hNTSVUrTPbwjvhYt
RwB3crtqIB+xd65dxqNpoV9FsVjiWfouMUzT9Tm4a/p7EvhpfzNcRaT03RpOUnOA
OLcCAwEAAaOCAmEwggJdMB0GA1UdDgQWBBRawarPaXLV/gK+pLTIlrZmJt+PvjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUFBzAF
hi1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0xJQ0tBUC8w
WAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9DTElDS0FQL1dzR3F6Mmx5MWY0Q3ZxUzB5SmEyWmliZmo3NC5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwLgYI
KwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJnetwwDQQCAAIwBwMFACQDlkAwDQYJ
KoZIhvcNAQELBQADggEBAIO9adjqKGa4EVVZENhoeRIDktfskow6sz3D4TtJBKQd
9sB+9tH41KiAgnghw5Y7VlUwVTM+7785IPKamTHPI0YXdFq2h+/1QOumBpH4l6fu
nMsnKnzRKQcvej457yv0qWYM5Yz+hxk+mzu6FcYAxkTndyaGljOOF1LIiBWh+IGI
YHvIRiRv4wYKh1sp94i5bUdXbmo5U1ItfBLPFCEAGh8UVM0ZdaTaPJ82Q9f+swdC
2Pe8CE1sZ+pba1PlKaEjer6h0mwjmcIUl5C5P+jwWu39nlce6CGM9C2FpQG9z2K8
B5pGe7OQ/hUnYL0yXeEhiIZTKibPRPIja/ksldcqRo4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org