Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/YTwHypFfG8DxSmNbk9N3pSCHkXQ.cer
File: YTwHypFfG8DxSmNbk9N3pSCHkXQ.cer (raw, json)
Hash identifier: +9awK5kWedY3MA7QiZEUpXqJ86GTkLc4567qiMkVLdQ=
Subject key identifier: 61:3C:07:CA:91:5F:1B:C0:F1:4A:63:5B:93:D3:77:A5:20:87:91:74
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 28CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/CINSLIMITED/YTwHypFfG8DxSmNbk9N3pSCHkXQ.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/CINSLIMITED/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 01 Sep 2023 03:11:25 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 103.30.132.0/22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10446 (0x28ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 1 03:11:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=613C07CA915F1BC0F14A635B93D377A520879174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f5:fa:0b:ca:2e:da:1c:1f:c6:d6:ed:40:b3:
38:75:a9:10:25:1c:9d:9b:6d:57:f7:e1:8e:29:fd:
99:4e:29:22:ba:90:35:e8:c7:c0:fb:53:6a:f2:de:
5d:9c:ea:13:e9:65:b5:37:a1:07:be:eb:bc:8c:48:
96:98:30:24:6b:a7:8f:9a:1a:95:2b:d1:e1:0e:e3:
98:23:76:c8:c5:fd:6c:b0:40:ea:27:c4:19:91:56:
34:db:1b:71:0a:19:fa:cc:ac:57:bc:6a:e7:78:20:
b2:c1:63:ff:77:9b:3b:dd:11:28:8b:36:3f:7d:d4:
9c:3d:4d:e0:0d:4a:49:d7:54:8d:ec:04:bb:da:ee:
f0:b9:6b:0f:d0:c0:72:67:84:86:99:b5:13:1f:e8:
3c:f8:f3:49:20:99:3e:9e:48:8a:60:b9:6f:11:07:
a4:9a:06:99:65:d6:5a:d5:d2:eb:98:f4:47:cc:e4:
64:cf:1e:1a:04:c8:cb:41:a5:ec:bc:1c:46:a6:8b:
34:3a:4a:c7:65:13:42:12:dd:e9:75:3a:6a:29:ba:
6b:02:72:00:2b:0e:f4:22:25:93:ae:e0:5e:42:0a:
db:f1:5c:1a:94:e9:41:8a:40:b4:00:23:2d:88:97:
71:d2:b3:bf:97:39:d5:a7:1e:d7:cc:38:97:71:27:
00:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3C:07:CA:91:5F:1B:C0:F1:4A:63:5B:93:D3:77:A5:20:87:91:74
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CINSLIMITED/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CINSLIMITED/YTwHypFfG8DxSmNbk9N3pSCHkXQ.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.132.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:d0:e2:6d:f4:a1:ec:b1:6b:86:45:b4:94:da:42:e2:88:bc:
ba:7c:e8:50:00:e4:1b:6f:14:7b:23:02:ac:95:87:19:db:fa:
d1:0b:fa:ce:82:44:e5:a8:97:31:cf:22:a5:f9:11:55:90:4f:
61:d1:f2:80:2d:90:65:4a:91:6e:2a:79:a4:ab:73:d0:58:75:
d4:85:4e:2a:5a:04:56:9a:9c:ba:55:db:51:32:f2:05:1c:24:
ce:ef:75:26:af:83:bc:64:87:f3:9e:38:e9:9d:16:83:19:7f:
9e:ed:60:45:5b:ff:b7:be:8f:99:c3:9b:a5:20:97:95:25:e0:
75:42:b5:66:2c:03:d1:51:08:ca:28:33:b5:aa:69:28:2c:8e:
3f:74:f7:03:5a:71:12:e8:d4:bf:d6:87:f1:ee:48:fa:64:ab:
e7:88:3e:a5:73:6d:c9:2b:ed:7e:05:4d:31:f4:62:b5:21:ce:
22:b8:27:eb:79:61:f7:bb:f3:33:1b:9c:93:ad:2f:45:2a:94:
78:0b:b7:0f:0c:de:d9:1c:c2:c1:9a:ea:70:80:f1:5f:b6:a6:
0f:c6:9f:52:4f:ba:be:45:44:bb:61:04:a9:76:9d:19:f0:9e:
94:82:24:cc:77:a4:56:6d:3d:db:b2:48:00:43:61:d3:b6:24:
ac:4f:b8:04
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgICKM4wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMDkwMTAzMTEyNVoXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoNjEzQzA3Q0E5MTVGMUJDMEYxNEE2MzVCOTNEMzc3QTUyMDg3OTE3
NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKX1+gvKLtocH8bW7UCz
OHWpECUcnZttV/fhjin9mU4pIrqQNejHwPtTavLeXZzqE+lltTehB77rvIxIlpgw
JGunj5oalSvR4Q7jmCN2yMX9bLBA6ifEGZFWNNsbcQoZ+sysV7xq53ggssFj/3eb
O90RKIs2P33UnD1N4A1KSddUjewEu9ru8LlrD9DAcmeEhpm1Ex/oPPjzSSCZPp5I
imC5bxEHpJoGmWXWWtXS65j0R8zkZM8eGgTIy0Gl7LwcRqaLNDpKx2UTQhLd6XU6
aim6awJyACsO9CIlk67gXkIK2/FcGpTpQYpAtAAjLYiXcdKzv5c51ace18w4l3En
AIMCAwEAAaOCAlowggJWMB0GA1UdDgQWBBRhPAfKkV8bwPFKY1uT03elIIeRdDAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgeAGCCsGAQUFBwELBIHTMIHQMD0GCCsGAQUFBzAF
hjFyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0lOU0xJTUlU
RUQvMFwGCCsGAQUFBzAKhlByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvQ0lOU0xJTUlURUQvWVR3SHlwRmZHOER4U21OYms5TjNwU0NIa1hRLm1m
dDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5
LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcehDANBgkqhkiG9w0B
AQsFAAOCAQEAS9DibfSh7LFrhkW0lNpC4oi8unzoUADkG28UeyMCrJWHGdv60Qv6
zoJE5aiXMc8ipfkRVZBPYdHygC2QZUqRbip5pKtz0Fh11IVOKloEVpqculXbUTLy
BRwkzu91Jq+DvGSH85446Z0Wgxl/nu1gRVv/t76PmcObpSCXlSXgdUK1ZiwD0VEI
yigztappKCyOP3T3A1pxEujUv9aH8e5I+mSr54g+pXNtySvtfgVNMfRitSHOIrgn
63lh97vzMxuck60vRSqUeAu3Dwze2RzCwZrqcIDxX7amD8afUk+6vkVEu2EEqXad
GfCelIIkzHekVm0927JIAENh07YkrE+4BA==
Generated at Wed Dec 27 06:03:59 2023 by rpki-client on console-ams.rpki-client.org