Certificate

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/84pea_ZDuBi-PK4UMuYyux0XY_o.cer
File:                     84pea_ZDuBi-PK4UMuYyux0XY_o.cer (raw, json)
Hash identifier:          qiN77ceK47qpsX+lV5gVBC4Ds9aCZ1M7k3r45PgFfB0=
Subject key identifier:   F3:8A:5E:6B:F6:43:B8:18:BE:3C:AE:14:32:E6:32:BB:1D:17:63:FA
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer:       /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial:       3D1C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest:                 rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/84pea_ZDuBi-PK4UMuYyux0XY_o.mft
caRepository:             rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/
Notify URL:               https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before:   Fri 22 Aug 2025 08:42:09 +0000
Certificate not after:    Sat 22 Aug 2026 08:14:28 +0000
Subordinate resources:    AS: 17413
                          IP: 2401:dae0::/32
Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Aug 2025 13:14:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15644 (0x3d1c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
        Validity
            Not Before: Aug 22 08:42:09 2025 GMT
            Not After : Aug 22 08:14:28 2026 GMT
        Subject: CN=F38A5E6BF643B818BE3CAE1432E632BB1D1763FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a3:dd:2c:19:13:2f:d5:30:b5:b0:73:6a:fe:
                    66:cd:62:a6:4c:e5:87:6b:4c:cb:11:f7:04:94:b2:
                    65:54:d9:8c:a1:b6:c3:ae:c3:33:7a:43:a0:fe:74:
                    eb:19:9d:42:29:18:3d:7c:fa:3d:80:48:cb:30:3b:
                    c9:54:c3:9b:43:d1:87:eb:ca:f2:22:7f:cb:45:7f:
                    a1:16:16:94:71:05:4b:82:52:44:93:69:5a:eb:66:
                    c3:7f:32:b2:3d:e2:67:c5:42:5c:be:94:b3:b8:b4:
                    dc:0c:83:ef:64:e0:2f:c1:a7:4d:50:b0:d1:10:d9:
                    2f:b6:0e:b4:19:eb:24:d6:02:28:7f:a8:81:6d:bd:
                    48:ff:90:b0:cb:fa:6f:aa:50:ff:f4:da:47:49:0d:
                    c8:2b:05:03:03:a8:c0:51:e2:71:7e:7c:7b:6e:5c:
                    51:b0:71:de:09:05:7e:35:57:57:c6:00:80:c7:13:
                    c4:e0:23:17:da:ad:96:49:2b:70:44:dd:86:dc:6e:
                    91:93:8d:81:78:87:81:ac:47:5b:08:cb:eb:61:f3:
                    60:0b:20:d4:59:c0:95:c8:67:f4:03:f5:7a:4c:b0:
                    f0:cf:0d:1c:e6:b3:5e:00:d9:8e:08:70:cf:b3:ba:
                    fc:0f:74:a2:e1:48:6e:a8:6d:f7:1d:9d:a5:87:6a:
                    cc:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:8A:5E:6B:F6:43:B8:18:BE:3C:AE:14:32:E6:32:BB:1D:17:63:FA
            X509v3 Authority Key Identifier:
                keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Subject Information Access:
                CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/
                RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/84pea_ZDuBi-PK4UMuYyux0XY_o.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17413

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:dae0::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:29:83:74:25:82:04:e5:18:c8:f4:03:18:1c:68:e6:f5:25:
         60:32:ba:ef:dd:d2:80:1e:d8:7e:1c:5f:9d:03:58:ba:d6:77:
         8b:4b:01:06:cb:fd:b4:84:53:83:ed:ce:91:84:8d:ad:4f:6e:
         25:47:45:75:37:f8:05:95:72:97:19:18:11:fa:b0:ae:9c:1d:
         af:68:fd:f5:2e:53:47:fb:2b:5f:23:76:cc:b6:41:6d:9d:ce:
         54:8f:45:29:a5:53:67:6a:60:28:04:87:f6:a6:75:a3:94:79:
         16:e2:f7:5e:8e:3b:97:23:1b:2c:c8:f5:97:72:35:fb:8b:a3:
         81:68:fa:97:9c:71:09:81:a1:f3:70:4c:60:39:32:04:bd:03:
         9a:5d:31:9a:5e:5c:cd:c5:7c:de:f2:81:e9:40:3f:d6:c3:84:
         a2:62:a3:34:82:1e:02:ef:91:50:ce:de:11:b4:05:0a:43:e9:
         0e:1f:a9:4b:fa:0f:fb:49:5f:73:c4:10:96:34:78:4a:6c:48:
         2f:5f:85:9b:db:15:c8:aa:8c:b3:f2:eb:87:98:09:95:2b:db:
         7d:c9:6c:9b:74:75:24:00:c5:e1:80:79:9a:00:79:ca:b2:10:
         9e:82:b9:78:0c:cf:19:81:ec:16:ba:2c:53:a6:bc:d9:3e:a7:
         24:c0:19:36
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICPRwwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTI1MDgyMjA4NDIwOVoXDTI2MDgyMjA4MTQyOFowMzEx
MC8GA1UEAxMoRjM4QTVFNkJGNjQzQjgxOEJFM0NBRTE0MzJFNjMyQkIxRDE3NjNG
QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJij3SwZEy/VMLWwc2r+
Zs1ipkzlh2tMyxH3BJSyZVTZjKG2w67DM3pDoP506xmdQikYPXz6PYBIyzA7yVTD
m0PRh+vK8iJ/y0V/oRYWlHEFS4JSRJNpWutmw38ysj3iZ8VCXL6Us7i03AyD72Tg
L8GnTVCw0RDZL7YOtBnrJNYCKH+ogW29SP+QsMv6b6pQ//TaR0kNyCsFAwOowFHi
cX58e25cUbBx3gkFfjVXV8YAgMcTxOAjF9qtlkkrcETdhtxukZONgXiHgaxHWwjL
62HzYAsg1FnAlchn9AP1ekyw8M8NHOazXgDZjghwz7O6/A90ouFIbqht9x2dpYdq
zA8CAwEAAaOCAm4wggJqMB0GA1UdDgQWBBTzil5r9kO4GL48rhQy5jK7HRdj+jAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUFBzAF
hi1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9ET0xURC8w
WAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9ET0RPTFRELzg0cGVhX1pEdUJpLVBLNFVNdVl5dXgwWFlfby5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwGQYI
KwYBBQUHAQgBAf8ECjAIoAYwBAICRAUwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAkAdrgMA0GCSqGSIb3DQEBCwUAA4IBAQATKYN0JYIE5RjI9AMYHGjm9SVg
Mrrv3dKAHth+HF+dA1i61neLSwEGy/20hFOD7c6RhI2tT24lR0V1N/gFlXKXGRgR
+rCunB2vaP31LlNH+ytfI3bMtkFtnc5Uj0UppVNnamAoBIf2pnWjlHkW4vdejjuX
IxssyPWXcjX7i6OBaPqXnHEJgaHzcExgOTIEvQOaXTGaXlzNxXze8oHpQD/Ww4Si
YqM0gh4C75FQzt4RtAUKQ+kOH6lL+g/7SV9zxBCWNHhKbEgvX4Wb2xXIqoyz8uuH
mAmVK9t9yWybdHUkAMXhgHmaAHnKshCegrl4DM8ZgewWuixTprzZPqckwBk2
-----END CERTIFICATE-----
Generated at Sun Aug 24 09:42:01 2025 by rpki-client