Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer
File: xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer (raw, json)
Hash identifier: 0+dmN6oreFM1P0YrU5JB1Xyy3f/Z1xB93bUqz1sdH4U=
Subject key identifier: C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 2A46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/xGZW-MnXJUe8p5hI3Gouaw_D4rI.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Tue 31 Oct 2023 07:09:07 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 2403:b240::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10822 (0x2a46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Oct 31 07:09:07 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4f:8c:af:01:a5:23:20:27:8a:57:62:8f:04:
59:1b:3b:5a:ed:b2:01:8a:37:8f:d8:90:cc:b4:64:
65:31:c2:4a:a6:59:15:4c:26:50:45:de:33:23:db:
fd:37:04:14:08:a0:fd:86:4b:54:fa:8c:fc:d6:4b:
75:f5:9a:e2:b9:26:15:6f:82:df:18:ce:0d:c8:06:
39:c2:8d:29:ae:ba:4d:68:05:ef:80:1e:25:58:55:
db:22:74:e0:47:5f:00:37:56:7d:b3:f1:dc:bc:7a:
9d:67:15:85:18:b8:21:15:93:48:31:35:ac:f6:f7:
b2:f7:6e:f5:74:13:68:8b:ec:cc:01:c2:01:0c:b4:
77:33:02:d9:ac:74:1d:ca:53:81:f6:91:70:f7:99:
78:cf:5d:4e:c5:93:b8:08:ea:66:13:98:e0:d7:12:
d6:4b:a5:23:d6:5f:ff:a9:31:bf:1c:d9:76:e8:a9:
e9:10:f5:81:a7:ff:3b:39:c8:6b:45:5e:60:97:7d:
57:7f:c0:91:c0:67:17:24:90:2d:c6:bd:0c:e1:a7:
4a:d9:19:38:f0:b3:e6:5e:c0:99:88:59:c1:2b:11:
c5:7f:e9:02:85:69:f1:5a:9f:b5:a3:fa:fe:c0:53:
9f:0e:94:a9:50:6a:d3:1e:78:f1:98:3f:78:a2:58:
7e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/xGZW-MnXJUe8p5hI3Gouaw_D4rI.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:b240::/32
Signature Algorithm: sha256WithRSAEncryption
7b:a1:47:1b:2b:fd:10:ce:85:d0:e3:87:c1:81:38:d8:87:f3:
0c:44:ed:96:72:3c:aa:d3:a3:06:a0:00:23:f7:aa:c2:34:29:
0c:b9:18:3b:71:86:e4:80:ed:88:ac:f5:10:b7:b3:b1:14:d9:
49:31:1d:03:1e:b5:3a:c5:67:40:af:1c:e7:eb:69:ac:da:97:
77:f2:96:81:bb:75:b6:43:5a:bc:63:97:98:7d:b1:1c:4d:5f:
c1:37:a2:f3:1a:61:40:24:c2:04:20:ff:94:aa:36:88:b2:db:
1f:aa:0c:90:d9:5c:7e:39:12:b5:ba:19:39:a3:4e:d7:7d:18:
cc:db:90:76:6d:55:c3:8d:8e:22:e8:aa:1e:6c:67:8e:99:be:
5f:5d:92:9b:80:e3:db:28:77:12:b7:1a:17:7f:47:6b:6a:53:
26:e3:d2:8c:17:83:41:bd:2d:a6:89:b5:65:2c:f6:df:9f:fd:
80:a6:c0:b0:eb:8d:a5:88:c0:12:c1:b8:fc:ee:d4:cb:df:88:
fe:db:01:ec:fc:0a:02:49:66:1b:4b:90:ad:05:f0:51:a0:9e:
1f:c2:bf:28:08:8c:83:12:39:bf:3f:1b:12:05:4c:f5:a7:81:
e1:9f:3c:e4:a2:50:0d:e0:a8:bd:10:37:98:04:c4:80:31:aa:
12:b2:5e:ca
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgICKkYwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMTAzMTA3MDkwN1oXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoQzQ2NjU2RjhDOUQ3MjU0N0JDQTc5ODQ4REM2QTJFNkIwRkMzRTJC
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANZPjK8BpSMgJ4pXYo8E
WRs7Wu2yAYo3j9iQzLRkZTHCSqZZFUwmUEXeMyPb/TcEFAig/YZLVPqM/NZLdfWa
4rkmFW+C3xjODcgGOcKNKa66TWgF74AeJVhV2yJ04EdfADdWfbPx3Lx6nWcVhRi4
IRWTSDE1rPb3svdu9XQTaIvszAHCAQy0dzMC2ax0HcpTgfaRcPeZeM9dTsWTuAjq
ZhOY4NcS1kulI9Zf/6kxvxzZduip6RD1gaf/OznIa0VeYJd9V3/AkcBnFySQLca9
DOGnStkZOPCz5l7AmYhZwSsRxX/pAoVp8VqftaP6/sBTnw6UqVBq0x548Zg/eKJY
fh0CAwEAAaOCAkswggJHMB0GA1UdDgQWBBTEZlb4ydclR7ynmEjcai5rD8PisjAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdAGCCsGAQUFBwELBIHDMIHAMDUGCCsGAQUFBzAF
hilyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJLzBUBggr
BgEFBQcwCoZIcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FM
SS94R1pXLU1uWEpVZThwNWhJM0dvdWF3X0Q0ckkubWZ0MDEGCCsGAQUFBzANhiVo
dHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAJAOyQDANBgkqhkiG9w0BAQsFAAOCAQEAe6FHGyv9
EM6F0OOHwYE42IfzDETtlnI8qtOjBqAAI/eqwjQpDLkYO3GG5IDtiKz1ELezsRTZ
STEdAx61OsVnQK8c5+tprNqXd/KWgbt1tkNavGOXmH2xHE1fwTei8xphQCTCBCD/
lKo2iLLbH6oMkNlcfjkStboZOaNO130YzNuQdm1Vw42OIuiqHmxnjpm+X12Sm4Dj
2yh3ErcaF39Ha2pTJuPSjBeDQb0tpom1ZSz235/9gKbAsOuNpYjAEsG4/O7Uy9+I
/tsB7PwKAklmG0uQrQXwUaCeH8K/KAiMgxI5vz8bEgVM9aeB4Z885KJQDeCovRA3
mATEgDGqErJeyg==
-----END CERTIFICATE-----
Generated at Mon Nov 13 06:53:16 2023 by rpki-client on console-ams.rpki-client.org