Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/l8qtyEOarOxsKM9DPsnYvgxpxLE.cer
File: l8qtyEOarOxsKM9DPsnYvgxpxLE.cer (raw, json)
Hash identifier: kwJbw3vEvqWGb0TWzyTOuzzhp59v7ofLodSOZ57SwzE=
Subject key identifier: 97:CA:AD:C8:43:9A:AC:EC:6C:28:CF:43:3E:C9:D8:BE:0C:69:C4:B1
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 2AB7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/YFCTELECOM/l8qtyEOarOxsKM9DPsnYvgxpxLE.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/YFCTELECOM/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 08 Dec 2023 08:51:23 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 2403:b740::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10935 (0x2ab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Dec 8 08:51:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=97CAADC8439AACEC6C28CF433EC9D8BE0C69C4B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:03:10:ca:08:ce:a4:83:4f:9b:68:c5:3e:43:
56:71:1a:87:1b:03:ec:b0:8b:e7:4c:14:c0:00:cc:
57:7a:03:fb:c9:41:48:b3:2a:19:4d:57:9c:dd:70:
ea:57:73:43:b6:47:16:ff:9a:f3:4b:27:32:fb:f9:
6c:cc:c1:43:87:99:a2:bb:b2:3b:ab:c8:8e:d4:3e:
a0:7c:f5:49:95:01:74:08:14:dc:cf:bd:c7:01:bb:
1c:9c:41:65:2c:d8:91:54:53:53:60:a5:b7:44:3e:
f0:91:b5:f8:b4:55:96:41:a6:91:cf:50:0a:11:cb:
ed:26:16:20:59:25:e7:36:13:4c:16:77:a4:5f:fa:
92:30:db:f4:91:1c:d3:4c:33:11:b9:d1:89:9e:1b:
e9:75:14:ba:db:59:d0:92:ac:5f:b7:dd:db:71:21:
ae:1b:6e:da:fb:6b:18:75:7d:f2:46:31:04:da:c6:
dc:9f:ac:03:eb:1d:03:52:0f:7f:90:91:0c:51:30:
74:6c:18:7c:4d:6d:f2:a2:80:96:47:19:83:46:5f:
16:6e:b0:7f:61:45:9d:ec:e2:f2:32:07:ab:60:56:
9c:81:72:1f:30:aa:53:c5:44:02:7c:50:8a:be:05:
b8:02:95:b9:99:42:5c:bd:0f:e6:1c:a7:68:65:0e:
ba:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CA:AD:C8:43:9A:AC:EC:6C:28:CF:43:3E:C9:D8:BE:0C:69:C4:B1
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YFCTELECOM/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YFCTELECOM/l8qtyEOarOxsKM9DPsnYvgxpxLE.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:b740::/32
Signature Algorithm: sha256WithRSAEncryption
28:b1:25:2b:73:57:1d:d4:f5:7b:3a:85:8b:6e:2f:4f:53:59:
c5:35:62:42:63:47:e3:cb:fc:8c:43:c7:d5:6c:3e:47:1e:d0:
a0:3d:b7:6f:25:4b:72:fb:88:0f:d6:70:d4:72:41:14:fc:aa:
4a:60:b1:a7:cc:10:b6:e4:de:09:94:51:69:2c:85:da:3c:31:
6b:61:d4:e9:c2:04:18:3c:89:2e:91:f4:95:6a:77:bf:74:1e:
e8:b8:b5:a8:5f:4b:4d:ad:e0:8c:ca:03:a0:15:26:4c:46:ed:
c9:1b:5f:fb:0e:03:74:d3:96:0e:b8:8d:7a:0b:26:d0:9e:02:
d6:c7:00:16:f5:95:0c:be:ad:81:40:b3:cd:6d:dd:fd:12:34:
f2:32:3d:7e:47:78:3f:4c:40:7e:df:32:83:6b:00:39:98:cb:
a2:46:0c:9e:b4:9b:59:e7:0b:a0:10:eb:60:9f:c1:18:d3:79:
d2:6a:5e:e1:f1:68:40:06:07:3d:ec:2f:5e:a4:e1:6e:86:5e:
fa:1e:7b:06:1e:2a:da:0f:f6:53:e1:2d:c9:f7:ea:db:46:8b:
9a:06:70:b7:2b:cd:3f:f2:ed:27:ef:e8:8d:b1:22:c1:8f:bd:
83:b0:4a:40:e4:09:65:bf:a0:85:0c:1c:9d:f6:ad:41:d5:31:
f0:47:1e:d7
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgICKrcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMTIwODA4NTEyM1oXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoOTdDQUFEQzg0MzlBQUNFQzZDMjhDRjQzM0VDOUQ4QkUwQzY5QzRC
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOkDEMoIzqSDT5toxT5D
VnEahxsD7LCL50wUwADMV3oD+8lBSLMqGU1XnN1w6ldzQ7ZHFv+a80snMvv5bMzB
Q4eZoruyO6vIjtQ+oHz1SZUBdAgU3M+9xwG7HJxBZSzYkVRTU2Clt0Q+8JG1+LRV
lkGmkc9QChHL7SYWIFkl5zYTTBZ3pF/6kjDb9JEc00wzEbnRiZ4b6XUUuttZ0JKs
X7fd23Ehrhtu2vtrGHV98kYxBNrG3J+sA+sdA1IPf5CRDFEwdGwYfE1t8qKAlkcZ
g0ZfFm6wf2FFnezi8jIHq2BWnIFyHzCqU8VEAnxQir4FuAKVuZlCXL0P5hynaGUO
uqUCAwEAAaOCAlkwggJVMB0GA1UdDgQWBBSXyq3IQ5qs7Gwoz0M+ydi+DGnEsTAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgd4GCCsGAQUFBwELBIHRMIHOMDwGCCsGAQUFBzAF
hjByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWUZDVEVMRUNP
TS8wWwYIKwYBBQUHMAqGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ZRkNURUxFQ09NL2w4cXR5RU9hck94c0tNOURQc25Zdmd4cHhMRS5tZnQw
MQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkA7dAMA0GCSqGSIb3DQEB
CwUAA4IBAQAosSUrc1cd1PV7OoWLbi9PU1nFNWJCY0fjy/yMQ8fVbD5HHtCgPbdv
JUty+4gP1nDUckEU/KpKYLGnzBC25N4JlFFpLIXaPDFrYdTpwgQYPIkukfSVane/
dB7ouLWoX0tNreCMygOgFSZMRu3JG1/7DgN005YOuI16CybQngLWxwAW9ZUMvq2B
QLPNbd39EjTyMj1+R3g/TEB+3zKDawA5mMuiRgyetJtZ5wugEOtgn8EY03nSal7h
8WhABgc97C9epOFuhl76HnsGHiraD/ZT4S3J9+rbRouaBnC3K80/8u0n7+iNsSLB
j72DsEpA5Allv6CFDByd9q1B1THwRx7X
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:52 2024 by rpki-client on console-ams.rpki-client.org