Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/pwGbBeIMn7wWKz0dz7EeunJlzIY.cer
File: pwGbBeIMn7wWKz0dz7EeunJlzIY.cer (raw, json)
Hash identifier: Tli9DEWkpoUyVHHL/POAf9u/yyrspx4mmYOKzvMYjec=
Subject key identifier: A7:01:9B:05:E2:0C:9F:BC:16:2B:3D:1D:CF:B1:1E:BA:72:65:CC:86
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 19AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/AVER/pwGbBeIMn7wWKz0dz7EeunJlzIY.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/AVER/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 29 Sep 2020 09:53:33 +0000
Certificate not after: Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources: IP: 103.129.172.0/22
IP: 2403:8240::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6570 (0x19aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 29 09:53:33 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A7019B05E20C9FBC162B3D1DCFB11EBA7265CC86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a9:85:ac:5f:cf:8a:96:bb:65:c7:bc:f5:cb:
28:d5:8a:c6:5c:a1:90:82:14:79:c9:cb:46:ee:7d:
7f:5d:f8:d8:5d:23:55:63:a1:07:9a:09:b1:06:4f:
ac:2a:a3:31:e5:5c:2b:f2:cb:02:b6:c0:c9:3e:b8:
65:21:2f:07:45:db:7a:d0:1b:ef:33:9b:14:c0:bb:
e4:40:2c:f9:77:22:fa:47:b0:42:c3:22:34:ac:d9:
fa:1f:a5:b1:6d:7c:83:1f:eb:b7:d1:28:13:ba:3f:
c4:f6:02:ad:76:b4:77:26:c7:79:63:0c:7f:94:46:
96:47:24:c6:96:8e:54:db:95:a7:64:1d:75:85:02:
2a:27:35:74:eb:9b:2e:21:2f:fe:2f:c1:ed:cf:af:
92:cf:f3:02:2e:6f:84:9f:9f:63:65:9b:0c:bd:58:
84:1f:34:32:5c:bd:63:ed:2d:3d:07:14:f0:62:69:
e8:cd:f3:6e:01:a2:6b:a3:07:90:26:ce:8b:65:4a:
69:48:57:e8:79:26:5f:d6:d3:53:a6:8a:8d:ed:86:
4f:69:78:3e:5b:5e:35:6f:db:9e:3a:7c:37:a0:cf:
fc:ed:17:02:55:90:39:b5:01:4f:3e:87:40:43:5d:
36:84:9d:3f:7c:6c:d5:f0:ca:be:18:9b:3c:19:99:
f8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:01:9B:05:E2:0C:9F:BC:16:2B:3D:1D:CF:B1:1E:BA:72:65:CC:86
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AVER/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AVER/pwGbBeIMn7wWKz0dz7EeunJlzIY.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.172.0/22
IPv6:
2403:8240::/32
Signature Algorithm: sha256WithRSAEncryption
31:4d:99:19:5b:48:77:25:7b:65:f5:e5:d0:13:be:88:db:ca:
f9:f0:2f:98:55:0a:0a:cf:9c:55:6a:c3:f3:d7:69:3b:82:87:
4a:0a:99:e9:d8:e2:58:d8:9b:bc:2c:fb:71:68:98:ae:04:39:
14:b2:b6:f3:e4:c9:d0:33:ea:a4:9c:81:ed:a3:62:da:58:b7:
46:26:a3:aa:60:fa:3c:04:83:39:a7:99:7f:c8:02:02:2a:b7:
ad:94:ef:75:8d:20:66:8c:2e:e0:70:fa:a3:8f:96:be:38:06:
98:c5:98:00:ee:61:7b:af:e3:3b:81:b4:95:f8:0b:e3:18:52:
d6:98:d5:a7:44:96:e3:4f:3f:d8:0d:2a:82:9a:b0:55:cf:c8:
ac:05:5d:90:14:f2:54:84:44:60:26:77:c3:a7:f3:25:83:ed:
65:36:3a:aa:c1:1e:69:46:15:91:fb:d9:00:d3:6e:7f:5e:1e:
38:5f:77:e3:c9:4a:b6:7a:92:e0:5c:7f:48:76:24:c9:c8:10:
38:1b:e7:f5:21:0e:50:39:02:09:2e:e8:17:ed:35:66:d7:63:
e5:04:83:76:5c:a1:fa:3a:91:de:17:2b:81:d7:0f:79:ac:b0:
d9:8b:73:89:b4:ea:87:bb:08:c7:38:2c:93:53:17:5e:79:cf:
5c:5a:1a:70
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgICGaowDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMzM1oXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoQTcwMTlCMDVFMjBDOUZCQzE2MkIzRDFEQ0ZCMTFFQkE3MjY1Q0M4
NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANKphaxfz4qWu2XHvPXL
KNWKxlyhkIIUecnLRu59f1342F0jVWOhB5oJsQZPrCqjMeVcK/LLArbAyT64ZSEv
B0XbetAb7zObFMC75EAs+Xci+kewQsMiNKzZ+h+lsW18gx/rt9EoE7o/xPYCrXa0
dybHeWMMf5RGlkckxpaOVNuVp2QddYUCKic1dOubLiEv/i/B7c+vks/zAi5vhJ+f
Y2WbDL1YhB80Mly9Y+0tPQcU8GJp6M3zbgGia6MHkCbOi2VKaUhX6HkmX9bTU6aK
je2GT2l4PlteNW/bnjp8N6DP/O0XAlWQObUBTz6HQENdNoSdP3xs1fDKvhibPBmZ
+MkCAwEAAaOCAlswggJXMB0GA1UdDgQWBBSnAZsF4gyfvBYrPR3PsR66cmXMhjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdIGCCsGAQUFBwELBIHFMIHCMDYGCCsGAQUFBzAF
hipyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVZFUi8wVQYI
KwYBBQUHMAqGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9B
VkVSL3B3R2JCZUlNbjd3V0t6MGR6N0VldW5KbHpJWS5tZnQwMQYIKwYBBQUHMA2G
JWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwLgYIKwYBBQUH
AQcBAf8EHzAdMAwEAgABMAYDBAJngawwDQQCAAIwBwMFACQDgkAwDQYJKoZIhvcN
AQELBQADggEBADFNmRlbSHcle2X15dATvojbyvnwL5hVCgrPnFVqw/PXaTuCh0oK
menY4ljYm7ws+3FomK4EORSytvPkydAz6qScge2jYtpYt0Ymo6pg+jwEgzmnmX/I
AgIqt62U73WNIGaMLuBw+qOPlr44BpjFmADuYXuv4zuBtJX4C+MYUtaY1adEluNP
P9gNKoKasFXPyKwFXZAU8lSERGAmd8On8yWD7WU2OqrBHmlGFZH72QDTbn9eHjhf
d+PJSrZ6kuBcf0h2JMnIEDgb5/UhDlA5Agku6BftNWbXY+UEg3Zcofo6kd4XK4HX
D3mssNmLc4m06oe7CMc4LJNTF155z1xaGnA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:55 2023 by rpki-client on console-fra.rpki-client.org