Certificate

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/yHaVxrSPE91Wp2spndVNjx6zadU.cer
File:                     yHaVxrSPE91Wp2spndVNjx6zadU.cer (raw, json)
Hash identifier:          E20LGONbKlO3Iw4kMiqKq4VfBxM6UZGCtxFQ+61jqoQ=
Subject key identifier:   C8:76:95:C6:B4:8F:13:DD:56:A7:6B:29:9D:D5:4D:8F:1E:B3:69:D5
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer:       /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial:       19F0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest:                 rsync://rpkica.twnic.tw/rpki/TWNICCA/META/yHaVxrSPE91Wp2spndVNjx6zadU.mft
caRepository:             rsync://rpkica.twnic.tw/rpki/TWNICCA/META/
Notify URL:               https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before:   Tue 29 Sep 2020 09:53:36 +0000
Certificate not after:    Wed 29 Sep 2021 09:51:23 +0000
Subordinate resources:    IP: 103.131.148.0/22
                          IP: 2403:ccc0::/32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6640 (0x19f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
        Validity
            Not Before: Sep 29 09:53:36 2020 GMT
            Not After : Sep 29 09:51:23 2021 GMT
        Subject: CN=C87695C6B48F13DD56A76B299DD54D8F1EB369D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e8:e5:67:b6:a3:ed:13:e4:ae:a4:80:40:a6:
                    23:35:f8:3a:5e:2a:38:f2:dd:b9:1c:1f:84:d0:63:
                    f0:8b:07:75:c5:d4:1a:dd:e7:af:28:95:88:10:17:
                    8c:55:d6:a2:c0:ee:f2:8f:50:c1:20:ac:16:28:e2:
                    af:f6:16:07:80:b3:63:67:80:90:50:49:60:52:03:
                    4c:8d:79:09:bc:d8:cd:e3:30:54:fd:e0:79:dc:d2:
                    96:73:d2:07:bc:fd:55:ce:b7:19:25:29:e8:09:e3:
                    09:21:8d:2a:56:ca:29:34:26:45:06:6e:0b:f4:33:
                    b4:48:fa:f6:ed:dd:b2:5f:30:07:34:89:3a:56:86:
                    c8:3f:1e:85:dd:87:81:5a:ca:ea:3a:7c:c4:c9:9b:
                    de:62:31:5f:fd:fd:70:e7:f2:4b:7a:d8:6f:ac:62:
                    f3:85:86:f6:75:ed:d6:96:63:02:e1:ce:fc:d4:07:
                    49:84:9c:f6:77:5d:d0:30:99:e0:af:d1:96:20:90:
                    41:66:14:fa:02:d9:55:43:09:0c:85:86:06:f8:6c:
                    ca:c7:f6:47:40:8a:b1:f4:9c:74:0d:68:43:f8:36:
                    a2:81:33:34:d7:43:9f:1a:28:93:45:7b:ba:7a:3d:
                    42:28:12:65:c6:21:58:11:8f:96:9d:1a:c0:cb:5f:
                    73:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:76:95:C6:B4:8F:13:DD:56:A7:6B:29:9D:D5:4D:8F:1E:B3:69:D5
            X509v3 Authority Key Identifier:
                keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/META/
                RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/META/yHaVxrSPE91Wp2spndVNjx6zadU.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.148.0/22
                IPv6:
                  2403:ccc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:f4:0e:73:a7:52:1e:5b:a2:e5:71:dc:06:e2:bf:b9:ab:56:
         1e:6f:d7:7c:36:d7:29:ef:61:7f:06:b7:ac:62:fc:ae:5a:64:
         71:d3:33:a1:bb:3e:db:e1:0a:8c:c2:41:65:e5:73:02:44:9e:
         04:4f:2c:bf:78:f9:ae:be:f3:d9:a5:ac:d7:21:56:dc:18:74:
         d0:2d:da:96:30:67:e1:7b:b8:66:66:e2:39:77:2f:8e:22:87:
         23:c8:bb:09:57:87:0e:e3:2c:f8:8a:d3:39:e0:7a:cc:60:a4:
         af:d9:2f:40:ce:10:ec:0d:a5:18:b0:85:a7:4e:59:51:f6:f4:
         87:2d:f1:f6:54:51:e7:3e:d2:29:9b:17:da:14:43:40:d0:fb:
         17:46:31:fb:66:d4:21:db:33:1c:71:ea:d8:04:93:3e:5c:48:
         eb:f0:a4:b7:84:25:7d:c1:32:ca:85:cd:3a:e1:07:8c:bb:4b:
         dc:0e:48:46:b0:4d:d1:e9:9a:54:1f:19:ef:67:cc:ce:1c:d5:
         1b:fe:57:06:ce:be:fb:9d:d6:db:97:9f:b8:0a:c4:3d:58:24:
         05:8d:f6:c9:c3:7f:86:a2:00:30:7d:a5:93:90:d3:d8:74:b8:
         e4:4a:87:30:36:2b:c2:85:ae:ae:54:ef:d4:83:a2:57:00:7e:
         89:90:08:30
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgICGfAwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIwMDkyOTA5NTMzNloXDTIxMDkyOTA5NTEyM1owMzEx
MC8GA1UEAxMoQzg3Njk1QzZCNDhGMTNERDU2QTc2QjI5OURENTREOEYxRUIzNjlE
NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMHo5We2o+0T5K6kgECm
IzX4Ol4qOPLduRwfhNBj8IsHdcXUGt3nryiViBAXjFXWosDu8o9QwSCsFijir/YW
B4CzY2eAkFBJYFIDTI15CbzYzeMwVP3gedzSlnPSB7z9Vc63GSUp6AnjCSGNKlbK
KTQmRQZuC/QztEj69u3dsl8wBzSJOlaGyD8ehd2HgVrK6jp8xMmb3mIxX/39cOfy
S3rYb6xi84WG9nXt1pZjAuHO/NQHSYSc9ndd0DCZ4K/RliCQQWYU+gLZVUMJDIWG
Bvhsysf2R0CKsfScdA1oQ/g2ooEzNNdDnxook0V7uno9QigSZcYhWBGPlp0awMtf
c5kCAwEAAaOCAlswggJXMB0GA1UdDgQWBBTIdpXGtI8T3Vanaymd1U2PHrNp1TAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdIGCCsGAQUFBwELBIHFMIHCMDYGCCsGAQUFBzAF
hipyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVUQS8wVQYI
KwYBBQUHMAqGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9N
RVRBL3lIYVZ4clNQRTkxV3Ayc3BuZFZOang2emFkVS5tZnQwMQYIKwYBBQUHMA2G
JWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwLgYIKwYBBQUH
AQcBAf8EHzAdMAwEAgABMAYDBAJng5QwDQQCAAIwBwMFACQDzMAwDQYJKoZIhvcN
AQELBQADggEBAEf0DnOnUh5bouVx3Abiv7mrVh5v13w21ynvYX8Gt6xi/K5aZHHT
M6G7PtvhCozCQWXlcwJEngRPLL94+a6+89mlrNchVtwYdNAt2pYwZ+F7uGZm4jl3
L44ihyPIuwlXhw7jLPiK0zngesxgpK/ZL0DOEOwNpRiwhadOWVH29Ict8fZUUec+
0imbF9oUQ0DQ+xdGMftm1CHbMxxx6tgEkz5cSOvwpLeEJX3BMsqFzTrhB4y7S9wO
SEawTdHpmlQfGe9nzM4c1Rv+VwbOvvud1tuXn7gKxD1YJAWN9snDf4aiADB9pZOQ
09h0uORKhzA2K8KFrq5U79SDolcAfomQCDA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:52 2024 by rpki-client on console-ams.rpki-client.org