Certificate

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/toY22h9BjWmbRHwhcvxbveLEszc.cer
File:                     toY22h9BjWmbRHwhcvxbveLEszc.cer (raw, json)
Hash identifier:          tXqR16cJc48I/OzI+SpnfUegCd20sGEfwzLW840LGro=
Subject key identifier:   B6:86:36:DA:1F:41:8D:69:9B:44:7C:21:72:FC:5B:BD:E2:C4:B3:37
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer:       /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial:       18E2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest:                 rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/toY22h9BjWmbRHwhcvxbveLEszc.mft
caRepository:             rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/
Notify URL:               https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before:   Tue 29 Sep 2020 09:53:23 +0000
Certificate not after:    Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources:    IP: 103.136.212.0/23
                          IP: 2404:9d40::/32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6370 (0x18e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
        Validity
            Not Before: Sep 29 09:53:23 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=B68636DA1F418D699B447C2172FC5BBDE2C4B337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:58:91:ef:e9:22:3f:e5:76:1c:82:b8:c5:be:
                    27:8f:5f:c5:11:6b:dd:e7:4e:4e:da:a8:b7:2f:2a:
                    50:c6:c8:9c:c8:95:79:1d:72:c1:a2:90:a6:01:74:
                    d1:4f:a7:15:a2:d6:25:3e:37:09:c3:59:d7:8f:1d:
                    e2:12:71:03:b9:73:9b:96:35:ce:b2:a4:11:20:66:
                    ed:c0:c2:60:71:a3:a2:e4:41:ad:48:39:aa:e9:10:
                    97:0b:90:0b:e5:21:29:a6:75:12:cc:c8:32:d7:94:
                    30:2a:81:44:c3:01:69:9d:45:cf:15:aa:c0:16:33:
                    4c:1c:4a:3c:6c:5a:4d:e5:0b:01:08:da:32:2a:e2:
                    b6:6c:13:9e:33:b6:9a:4c:b4:3f:d3:1c:a2:f2:c9:
                    7e:bf:8e:53:e0:cf:f6:db:35:08:13:68:f5:fd:8b:
                    25:95:f8:0a:25:29:1d:24:1d:9d:c0:5a:5f:88:b3:
                    94:78:ab:bd:f2:66:31:a0:53:f4:28:61:19:27:86:
                    61:f3:70:73:a5:10:2b:fc:9f:98:a1:7a:4f:eb:97:
                    27:81:14:d6:83:04:60:00:01:c2:a1:2b:57:86:6a:
                    0c:1e:f6:b6:f6:d7:1d:a5:83:a9:97:cb:93:0c:a4:
                    98:6d:00:98:2c:fc:a0:1e:19:45:56:3b:d5:28:0a:
                    05:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:86:36:DA:1F:41:8D:69:9B:44:7C:21:72:FC:5B:BD:E2:C4:B3:37
            X509v3 Authority Key Identifier:
                keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/
                RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XMNET/toY22h9BjWmbRHwhcvxbveLEszc.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.212.0/23
                IPv6:
                  2404:9d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:c9:91:8d:da:7b:48:45:ef:88:50:cb:d3:24:c4:e2:f7:75:
         92:b6:60:f7:be:7c:6b:ad:00:c9:4f:d5:3b:f0:c9:6f:8f:08:
         c8:a2:96:79:f5:44:85:4f:72:a6:6f:e0:b5:07:ea:04:3a:99:
         ba:94:b6:32:f6:ee:6a:7a:e3:de:ed:59:d0:59:e5:96:e0:d2:
         50:d3:cf:f4:c4:1d:73:73:ad:02:c6:34:23:bb:82:cc:5d:79:
         0d:43:ac:47:52:1e:b9:00:cd:e8:46:0f:cb:ac:90:ac:7f:c8:
         d8:66:da:69:09:ce:e0:f7:56:44:c9:6f:48:07:e2:20:20:a5:
         f1:0c:b8:12:0e:40:ef:06:9c:d0:ac:61:b9:32:85:f8:e4:6e:
         2b:14:ee:b5:65:54:16:84:67:50:54:0d:79:50:e1:7a:d5:5a:
         b0:f3:0d:96:c9:e7:9f:d4:88:05:c7:bd:98:a9:d1:8c:48:96:
         fd:22:aa:4c:05:6f:7b:b4:d9:d1:2c:70:4f:6c:be:ac:71:c2:
         09:a8:78:f6:27:e5:6e:25:0d:5d:ed:3a:b9:11:25:8d:58:8e:
         9e:39:e8:f6:6d:d3:1c:21:19:56:d1:85:f9:72:94:62:93:47:
         e0:f1:db:81:10:89:b8:ae:39:9f:35:58:af:13:97:5e:04:f6:
         d1:b0:9b:9a
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgICGOIwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMyM1oXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoQjY4NjM2REExRjQxOEQ2OTlCNDQ3QzIxNzJGQzVCQkRFMkM0QjMz
NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMdYke/pIj/ldhyCuMW+
J49fxRFr3edOTtqoty8qUMbInMiVeR1ywaKQpgF00U+nFaLWJT43CcNZ148d4hJx
A7lzm5Y1zrKkESBm7cDCYHGjouRBrUg5qukQlwuQC+UhKaZ1EszIMteUMCqBRMMB
aZ1FzxWqwBYzTBxKPGxaTeULAQjaMiritmwTnjO2mky0P9McovLJfr+OU+DP9ts1
CBNo9f2LJZX4CiUpHSQdncBaX4izlHirvfJmMaBT9ChhGSeGYfNwc6UQK/yfmKF6
T+uXJ4EU1oMEYAABwqErV4ZqDB72tvbXHaWDqZfLkwykmG0AmCz8oB4ZRVY71SgK
Be0CAwEAAaOCAl0wggJZMB0GA1UdDgQWBBS2hjbaH0GNaZtEfCFy/Fu94sSzNzAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWE1ORVQvMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
WE1ORVQvdG9ZMjJoOUJqV21iUkh3aGN2eGJ2ZUxFc3pjLm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAuBggrBgEF
BQcBBwEB/wQfMB0wDAQCAAEwBgMEAWeI1DANBAIAAjAHAwUAJASdQDANBgkqhkiG
9w0BAQsFAAOCAQEAUcmRjdp7SEXviFDL0yTE4vd1krZg9758a60AyU/VO/DJb48I
yKKWefVEhU9ypm/gtQfqBDqZupS2Mvbuanrj3u1Z0FnlluDSUNPP9MQdc3OtAsY0
I7uCzF15DUOsR1IeuQDN6EYPy6yQrH/I2GbaaQnO4PdWRMlvSAfiICCl8Qy4Eg5A
7wac0KxhuTKF+ORuKxTutWVUFoRnUFQNeVDhetVasPMNlsnnn9SIBce9mKnRjEiW
/SKqTAVve7TZ0SxwT2y+rHHCCah49iflbiUNXe06uREljViOnjno9m3THCEZVtGF
+XKUYpNH4PHbgRCJuK45nzVYrxOXXgT20bCbmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org