Certificate

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/XoVoGrbNuDA2MjRYAy0SBaWxqgw.cer
File:                     XoVoGrbNuDA2MjRYAy0SBaWxqgw.cer (raw, json)
Hash identifier:          ECEwvLw6PN4aMRdp7J2P0WfWAMWeIA1iY0qWWr5yfmk=
Subject key identifier:   5E:85:68:1A:B6:CD:B8:30:36:32:34:58:03:2D:12:05:A5:B1:AA:0C
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer:       /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial:       2AB4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest:                 rsync://rpkica.twnic.tw/rpki/TWNICCA/SUNHO/XoVoGrbNuDA2MjRYAy0SBaWxqgw.mft
caRepository:             rsync://rpkica.twnic.tw/rpki/TWNICCA/SUNHO/
Notify URL:               https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before:   Fri 08 Dec 2023 08:50:45 +0000
Certificate not after:    Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources:    IP: 2403:b6c0::/32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10932 (0x2ab4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
        Validity
            Not Before: Dec  8 08:50:45 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=5E85681AB6CDB83036323458032D1205A5B1AA0C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:31:2b:82:87:cd:2e:44:b4:68:b2:36:5d:0a:
                    f0:c4:46:eb:21:87:3c:22:c2:64:29:19:da:96:f8:
                    79:8b:80:39:62:1b:09:63:d8:42:5f:24:38:fb:dd:
                    72:6c:c1:d3:3b:b9:5c:23:aa:89:85:e5:c4:01:5d:
                    0e:6a:b8:97:ba:04:d8:77:e7:6e:16:a6:b0:dd:bd:
                    f4:56:51:65:a8:c0:bf:3a:d5:fe:ca:67:f0:04:27:
                    fb:96:18:4c:81:f7:fa:a2:8a:44:48:c5:74:b2:36:
                    c4:6f:73:2a:38:a2:cc:f7:5c:0c:fe:24:0c:b6:6f:
                    c6:62:60:dd:85:2d:5a:04:9a:24:26:aa:91:e2:c7:
                    d6:f0:6c:b5:81:51:ff:af:57:f4:d0:03:0a:be:64:
                    e8:bf:91:b8:06:26:6c:e4:ab:1c:05:c7:f5:42:e4:
                    a1:66:43:96:47:eb:19:5d:a6:23:0b:7b:93:47:84:
                    8c:16:d2:64:bd:42:d5:b0:59:ca:24:a7:f3:10:51:
                    1c:d4:d8:28:16:c0:07:e9:74:b5:20:07:43:40:30:
                    5c:a1:9a:71:ee:41:2a:28:90:10:78:7d:b1:ab:41:
                    92:46:9e:4d:f1:7e:f3:f5:e7:a3:2a:c2:e8:17:d5:
                    72:cc:54:80:64:8d:24:9f:9a:47:ff:29:92:51:89:
                    cc:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:85:68:1A:B6:CD:B8:30:36:32:34:58:03:2D:12:05:A5:B1:AA:0C
            X509v3 Authority Key Identifier:
                keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SUNHO/
                RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SUNHO/XoVoGrbNuDA2MjRYAy0SBaWxqgw.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:b6c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:5c:06:47:49:ce:e1:cd:eb:57:78:72:c9:59:c4:91:74:a8:
         e9:33:21:f5:17:ce:be:81:4d:84:d5:85:1a:da:3e:7b:ae:b5:
         2b:d7:55:cf:43:06:e6:52:60:ef:2e:7c:cd:a8:7a:16:75:92:
         ac:2e:11:22:b5:ed:03:88:e2:29:a0:1a:ac:0a:30:a2:f5:8e:
         ee:64:a6:3a:f3:c5:d9:e7:91:af:8a:15:33:ab:f1:90:b6:09:
         f8:13:de:e3:55:eb:11:e8:ee:28:7f:ca:dc:82:2f:a8:99:05:
         fa:58:f7:23:2a:6f:d0:51:43:02:80:35:97:aa:d4:fa:a2:e9:
         9f:b8:6b:47:3e:8f:64:92:e8:0f:0c:70:3f:ad:c0:fc:c4:4d:
         56:2c:cf:76:2d:d1:b5:07:0a:4a:d3:82:71:ea:43:31:b1:11:
         35:2f:31:29:50:da:cf:b0:d0:79:38:7e:76:86:d4:b6:bf:fd:
         fa:6c:9a:a4:c2:f1:f9:e2:e2:77:07:ab:69:93:85:36:2a:ba:
         8b:ab:4c:07:49:38:3f:bd:03:78:cd:59:d0:36:e0:9d:53:e8:
         83:9d:3d:ec:b0:5e:0c:ae:96:7e:ae:74:69:fd:10:e3:4e:90:
         2f:b8:8b:42:9a:ed:b2:10:1e:0a:16:6f:6e:10:53:dd:83:ad:
         37:15:f9:8f
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgICKrQwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMTIwODA4NTA0NVoXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoNUU4NTY4MUFCNkNEQjgzMDM2MzIzNDU4MDMyRDEyMDVBNUIxQUEw
QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKUxK4KHzS5EtGiyNl0K
8MRG6yGHPCLCZCkZ2pb4eYuAOWIbCWPYQl8kOPvdcmzB0zu5XCOqiYXlxAFdDmq4
l7oE2HfnbhamsN299FZRZajAvzrV/spn8AQn+5YYTIH3+qKKREjFdLI2xG9zKjii
zPdcDP4kDLZvxmJg3YUtWgSaJCaqkeLH1vBstYFR/69X9NADCr5k6L+RuAYmbOSr
HAXH9ULkoWZDlkfrGV2mIwt7k0eEjBbSZL1C1bBZyiSn8xBRHNTYKBbAB+l0tSAH
Q0AwXKGace5BKiiQEHh9satBkkaeTfF+8/XnoyrC6BfVcsxUgGSNJJ+aR/8pklGJ
zKECAwEAAaOCAk8wggJLMB0GA1UdDgQWBBRehWgats24MDYyNFgDLRIFpbGqDDAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1VOSE8vMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
U1VOSE8vWG9Wb0dyYk51REEyTWpSWUF5MFNCYVd4cWd3Lm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEF
BQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDtsAwDQYJKoZIhvcNAQELBQADggEBADtc
BkdJzuHN61d4cslZxJF0qOkzIfUXzr6BTYTVhRraPnuutSvXVc9DBuZSYO8ufM2o
ehZ1kqwuESK17QOI4imgGqwKMKL1ju5kpjrzxdnnka+KFTOr8ZC2CfgT3uNV6xHo
7ih/ytyCL6iZBfpY9yMqb9BRQwKANZeq1Pqi6Z+4a0c+j2SS6A8McD+twPzETVYs
z3Yt0bUHCkrTgnHqQzGxETUvMSlQ2s+w0Hk4fnaG1La//fpsmqTC8fni4ncHq2mT
hTYquourTAdJOD+9A3jNWdA24J1T6IOdPeywXgyuln6udGn9EONOkC+4i0Ka7bIQ
HgoWb24QU92DrTcV+Y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:52 2024 by rpki-client on console-ams.rpki-client.org