Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/oTNzmX34FAIa-3uu9b2ooJIgo8g.cer
File: oTNzmX34FAIa-3uu9b2ooJIgo8g.cer (raw, json)
Hash identifier: IvwTi4rLXS4nMnMuL5vCnhlC3yJ5Wkow+M7AXksDLqI=
Subject key identifier: A1:33:73:99:7D:F8:14:02:1A:FB:7B:AE:F5:BD:A8:A0:92:20:A3:C8
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 281A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/HANSTRONG/oTNzmX34FAIa-3uu9b2ooJIgo8g.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/HANSTRONG/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 01 Sep 2023 03:11:15 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 103.122.208.0/22
IP: 2403:94c0::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10266 (0x281a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 1 03:11:15 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A13373997DF814021AFB7BAEF5BDA8A09220A3C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:48:7b:6d:05:f7:b1:09:44:aa:ba:3f:d2:
e9:f4:42:62:2d:b8:ec:56:57:ef:5b:5b:82:2a:42:
bb:b0:c2:61:a2:d3:26:94:e8:2a:55:cc:69:cb:04:
be:14:eb:41:83:43:73:ee:af:4a:70:85:fe:33:2d:
d1:0a:80:aa:ae:81:18:f8:f0:65:3d:5b:d2:97:97:
22:16:01:75:13:f8:84:44:f6:28:c4:bc:d6:44:a1:
94:4b:59:bf:50:c9:a5:93:20:fe:47:f6:39:de:a6:
3c:93:1b:25:6f:85:57:98:b6:21:17:50:8f:38:57:
9b:2c:c8:1f:d8:d4:83:f5:6d:99:99:9a:8f:98:3e:
bc:00:c0:a4:d2:c6:28:a6:25:fa:28:cd:b1:0c:c1:
2b:0e:cb:9a:33:04:45:e1:85:1d:66:3c:29:e1:a4:
b9:cf:c0:96:80:6c:c5:88:42:0a:16:91:77:c1:0d:
5d:5e:93:cb:69:96:df:58:42:72:16:26:45:94:aa:
46:df:8a:00:e6:1c:19:26:fd:27:9c:c7:b2:b5:ee:
50:9c:90:0d:74:4b:dc:7d:cc:28:63:43:f2:d4:22:
4e:a2:b1:ec:0f:27:3a:17:70:73:14:e0:97:53:8d:
dd:24:3a:15:5a:16:5e:2c:81:3b:9e:9f:7d:2a:02:
7f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:33:73:99:7D:F8:14:02:1A:FB:7B:AE:F5:BD:A8:A0:92:20:A3:C8
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HANSTRONG/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HANSTRONG/oTNzmX34FAIa-3uu9b2ooJIgo8g.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.208.0/22
IPv6:
2403:94c0::/32
Signature Algorithm: sha256WithRSAEncryption
46:56:2b:c9:85:d0:73:5a:67:b3:a5:53:10:1a:fa:1e:c8:23:
3a:13:db:a7:ea:ab:0d:d0:7e:41:83:e7:db:58:23:72:11:7e:
53:c0:c3:3e:2d:cc:9c:89:1d:7b:bf:1f:e2:ac:48:81:ba:15:
56:23:0c:c6:79:a5:cf:26:86:2a:98:cb:99:21:aa:f4:76:a5:
f4:66:e0:ff:ca:c3:0b:10:ba:c7:a9:7b:03:24:2a:60:7f:42:
88:ef:22:a2:44:7a:d6:5e:ef:c7:8b:ce:82:b8:48:b2:66:85:
09:39:f3:ba:13:bd:a9:f9:75:09:3a:91:11:dc:7d:bf:dd:27:
2d:4e:f5:7e:33:0e:da:86:18:f9:4e:33:e5:e2:69:21:4e:3f:
45:e0:62:b7:1e:64:9f:87:3d:0f:c2:71:d6:0a:e6:90:a6:b8:
94:15:e9:ce:ba:2d:76:a5:da:a3:d9:08:d3:1e:5e:5e:6d:bb:
88:6e:e5:85:0c:9e:50:a4:cf:a5:90:bc:b3:43:7e:89:df:72:
7e:64:e9:89:7d:9d:45:54:3f:77:da:8f:4c:a1:6f:1f:85:a1:
aa:6b:ce:b1:31:f3:c1:84:c9:48:47:57:ce:1c:10:69:95:72:
e3:b6:25:1f:6e:87:ab:7e:f2:15:0b:12:a4:de:9e:6c:ce:22:
f0:c5:cf:c0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgICKBowDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMDkwMTAzMTExNVoXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoQTEzMzczOTk3REY4MTQwMjFBRkI3QkFFRjVCREE4QTA5MjIwQTND
ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALIsSHttBfexCUSquj/S
6fRCYi247FZX71tbgipCu7DCYaLTJpToKlXMacsEvhTrQYNDc+6vSnCF/jMt0QqA
qq6BGPjwZT1b0peXIhYBdRP4hET2KMS81kShlEtZv1DJpZMg/kf2Od6mPJMbJW+F
V5i2IRdQjzhXmyzIH9jUg/VtmZmaj5g+vADApNLGKKYl+ijNsQzBKw7LmjMEReGF
HWY8KeGkuc/AloBsxYhCChaRd8ENXV6Ty2mW31hCchYmRZSqRt+KAOYcGSb9J5zH
srXuUJyQDXRL3H3MKGND8tQiTqKx7A8nOhdwcxTgl1ON3SQ6FVoWXiyBO56ffSoC
f60CAwEAAaOCAmUwggJhMB0GA1UdDgQWBBShM3OZffgUAhr7e671vaigkiCjyDAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdwGCCsGAQUFBwELBIHPMIHMMDsGCCsGAQUFBzAF
hi9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEFOU1RST05H
LzBaBggrBgEFBQcwCoZOcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0hBTlNUUk9ORy9vVE56bVgzNEZBSWEtM3V1OWIyb29KSWdvOGcubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1s
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ3rQMA0EAgACMAcDBQAkA5TA
MA0GCSqGSIb3DQEBCwUAA4IBAQBGVivJhdBzWmezpVMQGvoeyCM6E9un6qsN0H5B
g+fbWCNyEX5TwMM+LcyciR17vx/irEiBuhVWIwzGeaXPJoYqmMuZIar0dqX0ZuD/
ysMLELrHqXsDJCpgf0KI7yKiRHrWXu/Hi86CuEiyZoUJOfO6E72p+XUJOpER3H2/
3SctTvV+Mw7ahhj5TjPl4mkhTj9F4GK3HmSfhz0PwnHWCuaQpriUFenOui12pdqj
2QjTHl5ebbuIbuWFDJ5QpM+lkLyzQ36J33J+ZOmJfZ1FVD932o9MoW8fhaGqa86x
MfPBhMlIR1fOHBBplXLjtiUfboerfvIVCxKk3p5sziLwxc/A
-----END CERTIFICATE-----
Generated at Fri Apr 19 06:46:08 2024 by rpki-client on console-ams.rpki-client.org