Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/0zC8ThN7FRLi5FBoBrhwpOqoYNc.cer
File: 0zC8ThN7FRLi5FBoBrhwpOqoYNc.cer (raw, json)
Hash identifier: 5BOr1OdFHKdqRslFzamhk7BnM2fmCs9fHH0AkhVckwk=
Subject key identifier: D3:30:BC:4E:13:7B:15:12:E2:E4:50:68:06:B8:70:A4:EA:A8:60:D7
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 3AD8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 22 Aug 2025 08:14:41 +0000
Certificate not after: Sat 22 Aug 2026 08:14:28 +0000
Subordinate resources: IP: 103.6.126.0/23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15064 (0x3ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Aug 22 08:14:41 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=D330BC4E137B1512E2E4506806B870A4EAA860D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:df:f4:83:59:a8:83:62:12:d3:03:46:58:89:
56:4c:01:a7:fe:33:31:2d:d9:fd:ea:13:d3:ff:3f:
19:42:84:7c:46:e4:a3:5b:79:9e:2f:d6:09:f5:54:
1c:8f:8a:29:d2:23:c0:31:99:d0:c9:88:27:42:a9:
aa:ab:c3:1e:7e:b9:b7:9b:b6:cc:9a:83:bc:44:cb:
87:8a:39:15:a9:49:a7:94:8e:f6:26:bc:0b:07:b3:
83:12:58:82:c5:d7:49:b5:e6:e6:f5:9e:39:6a:4d:
31:cb:07:58:66:40:d0:d8:cf:68:98:7d:04:62:83:
e8:b4:e3:b9:44:e8:4b:c3:e5:f1:a8:f9:d7:82:65:
fc:ce:99:ce:c6:7b:ad:73:b8:ac:33:45:1a:96:3d:
ee:8e:e4:26:f0:99:44:98:dc:46:e6:6b:c8:b4:a3:
36:32:77:2e:cf:b7:c8:61:1f:c4:fd:e7:f8:a4:00:
b3:90:54:6b:d5:f2:54:88:e6:99:30:70:56:5a:2e:
6f:14:52:31:83:bd:6c:69:ed:3c:96:5d:1f:38:32:
ac:08:77:94:58:ea:13:13:73:84:9b:46:21:7a:c1:
28:54:d6:4b:bc:e2:1a:b3:a4:b2:d9:1b:dd:ab:3b:
8e:59:ec:05:88:5a:eb:75:74:e8:7d:40:5d:6a:3a:
d8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:30:BC:4E:13:7B:15:12:E2:E4:50:68:06:B8:70:A4:EA:A8:60:D7
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.126.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:d4:11:ed:4d:70:1e:27:1d:a9:23:ce:27:bd:ec:ac:b9:48:
5b:2f:6e:98:08:98:cd:16:aa:11:bb:28:2e:37:98:a5:9b:ed:
c4:fc:ae:f7:57:f8:bf:b2:b7:ed:64:2e:93:4a:fa:7a:22:de:
ca:d9:5e:fd:51:f7:2a:d7:a8:89:4e:a2:0a:4d:b8:42:95:69:
e9:d6:dd:b0:66:b1:f5:a9:c3:1f:61:f1:33:27:65:9b:4b:a9:
fd:17:9b:08:ec:c2:38:a9:3c:68:ad:88:a4:e9:4b:f8:27:9a:
7c:fe:de:b6:7f:83:37:ed:78:a8:47:e5:ef:25:be:53:ef:d8:
9e:ef:96:19:16:7d:94:86:a3:71:fa:55:c4:a4:b5:0b:1b:b2:
4e:0f:0d:4c:de:b9:14:2c:40:95:ec:f5:f8:03:4a:cd:2b:80:
b7:93:0c:2a:a9:33:ee:9a:d1:b7:bb:4d:e3:2b:26:c8:49:f2:
ad:f4:43:0e:5d:3d:c2:7a:8a:d3:ff:c4:3c:f3:bf:54:8a:b2:
dc:7c:b5:5c:3f:8a:1d:30:0f:09:bf:64:71:a4:50:36:1d:75:
5e:2e:9a:14:cd:87:82:e3:e7:97:58:69:bb:a4:aa:46:01:d2:
56:c4:b7:b6:6c:0e:cc:98:05:3c:f7:e3:f9:c7:75:91:f0:a1:
85:d1:b6:ef
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICOtgwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTI1MDgyMjA4MTQ0MVoXDTI2MDgyMjA4MTQyOFowMzEx
MC8GA1UEAxMoRDMzMEJDNEUxMzdCMTUxMkUyRTQ1MDY4MDZCODcwQTRFQUE4NjBE
NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN3f9INZqINiEtMDRliJ
VkwBp/4zMS3Z/eoT0/8/GUKEfEbko1t5ni/WCfVUHI+KKdIjwDGZ0MmIJ0KpqqvD
Hn65t5u2zJqDvETLh4o5FalJp5SO9ia8CwezgxJYgsXXSbXm5vWeOWpNMcsHWGZA
0NjPaJh9BGKD6LTjuUToS8Pl8aj514Jl/M6ZzsZ7rXO4rDNFGpY97o7kJvCZRJjc
RuZryLSjNjJ3Ls+3yGEfxP3n+KQAs5BUa9XyVIjmmTBwVloubxRSMYO9bGntPJZd
HzgyrAh3lFjqExNzhJtGIXrBKFTWS7ziGrOkstkb3as7jlnsBYha63V06H1AXWo6
2K8CAwEAAaOCAlYwggJSMB0GA1UdDgQWBBTTMLxOE3sVEuLkUGgGuHCk6qhg1zAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdwGCCsGAQUFBwELBIHPMIHMMDsGCCsGAQUFBzAF
hi9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQkVTVEJBU0lT
LzBaBggrBgEFBQcwCoZOcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0JFU1RCQVNJUy8wekM4VGhON0ZSTGk1RkJvQnJod3BPcW9ZTmMubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZwZ+MA0GCSqGSIb3DQEBCwUA
A4IBAQAq1BHtTXAeJx2pI84nveysuUhbL26YCJjNFqoRuyguN5ilm+3E/K73V/i/
srftZC6TSvp6It7K2V79Ufcq16iJTqIKTbhClWnp1t2wZrH1qcMfYfEzJ2WbS6n9
F5sI7MI4qTxorYik6Uv4J5p8/t62f4M37XioR+XvJb5T79ie75YZFn2UhqNx+lXE
pLULG7JODw1M3rkULECV7PX4A0rNK4C3kwwqqTPumtG3u03jKybISfKt9EMOXT3C
eorT/8Q8879UirLcfLVcP4odMA8Jv2RxpFA2HXVeLpoUzYeC4+eXWGm7pKpGAdJW
xLe2bA7MmAU89+P5x3WR8KGF0bbv
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:57:44 2025 by rpki-client