Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer
File: Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer (raw, json)
Hash identifier: soJBY6n+hUgPjA3rU5m9eWDvmY3p0Wg0FlqEYsEw8BM=
Subject key identifier: 43:EB:D3:9F:B5:18:B5:5D:A0:07:42:AE:EC:7B:0D:A6:AA:BA:61:F7
Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43
Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743
Certificate serial: 1D9F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 22 Aug 2025 08:14:39 +0000
Certificate not after: Sat 22 Aug 2026 08:14:28 +0000
Subordinate resources: IP: 160.19.90.0/23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7583 (0x1d9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743
Validity
Not Before: Aug 22 08:14:39 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=43EBD39FB518B55DA00742AEEC7B0DA6AABA61F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:02:d8:e6:8d:21:6c:ec:ac:b9:bd:8f:92:
9f:fe:16:0f:35:1a:6b:91:ac:3e:8e:91:0e:03:88:
80:2d:31:32:f6:67:b7:fd:8a:ff:63:a9:33:04:99:
8f:21:e4:fc:8a:cf:28:8f:15:01:fe:7f:88:0b:18:
67:6e:1e:46:a5:00:13:9d:a4:67:36:28:d9:e2:be:
57:89:0c:1b:33:76:42:3c:e0:ab:80:0d:ee:cd:44:
d2:9e:a7:69:7b:fe:a7:38:82:9f:e9:a7:e5:56:e1:
09:9f:bb:f0:a3:da:df:f5:04:02:bf:0c:f0:0d:57:
46:14:74:bb:50:1e:cc:50:32:8f:8f:40:8e:44:5d:
a1:de:86:9d:5d:49:8e:d2:63:81:66:cb:5d:c8:23:
89:cb:8e:56:fb:61:8d:67:f9:6c:8b:96:da:60:3d:
22:1e:3c:2e:e7:d7:12:ca:00:88:24:a4:21:35:0c:
bb:17:47:6c:52:48:5d:dc:ae:7a:c1:bf:35:70:ae:
51:21:30:6f:3b:44:49:78:2d:bb:6b:25:24:42:43:
1e:2e:4d:44:47:37:58:6a:84:15:71:fb:ed:44:a8:
94:67:a0:8a:2b:f7:9e:e4:b2:86:0e:0e:df:0f:b2:
a4:49:3c:05:88:11:97:3c:59:52:8d:57:5c:25:d2:
d5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EB:D3:9F:B5:18:B5:5D:A0:07:42:AE:EC:7B:0D:A6:AA:BA:61:F7
X509v3 Authority Key Identifier:
keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
160.19.90.0/23
Signature Algorithm: sha256WithRSAEncryption
87:38:af:cf:1b:f8:33:2f:82:3c:be:c5:98:85:25:89:cb:38:
c7:84:ac:b5:35:d1:19:2e:f1:ec:0b:6b:3a:1a:87:ed:59:84:
c6:4c:c2:b1:f3:60:cc:08:8a:e5:85:a4:7a:a0:5d:de:8c:17:
4c:04:96:54:b3:87:fe:9e:73:63:f6:97:2b:79:7c:8e:43:74:
1f:b5:1f:09:84:b2:c4:0f:de:bb:98:41:70:24:75:d4:73:98:
57:9a:9c:0b:38:b6:8c:83:cf:b5:09:33:32:ee:b0:0d:20:d1:
7a:23:ef:9d:c1:34:92:2a:ae:dd:89:77:ea:a3:c3:28:99:3f:
79:40:a0:7e:6d:cc:4e:46:7c:02:c2:bd:3e:91:21:92:eb:d7:
33:d6:cb:70:06:16:82:7f:a3:b2:25:41:01:db:b4:52:e0:31:
12:94:f3:5b:02:31:04:36:d0:3f:c4:f8:c7:dd:69:48:80:ae:
36:28:52:9d:b1:0d:f3:cb:28:8b:d7:e4:f8:d1:74:89:d4:25:
c6:f2:fc:95:8a:28:9b:50:ed:6c:19:bd:af:9c:a0:89:d5:de:
12:0b:15:2e:91:8a:27:de:b8:73:35:8d:4a:60:70:69:9d:b9:
a2:2d:28:e5:da:01:e8:f4:5a:73:e3:57:a2:f6:d2:7d:3b:11:
6b:73:bf:46
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgICHZ8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF
RUExNzgxODYxNzQzMB4XDTI1MDgyMjA4MTQzOVoXDTI2MDgyMjA4MTQyOFowMzEx
MC8GA1UEAxMoNDNFQkQzOUZCNTE4QjU1REEwMDc0MkFFRUM3QjBEQTZBQUJBNjFG
NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMeKAtjmjSFs7Ky5vY+S
n/4WDzUaa5GsPo6RDgOIgC0xMvZnt/2K/2OpMwSZjyHk/IrPKI8VAf5/iAsYZ24e
RqUAE52kZzYo2eK+V4kMGzN2Qjzgq4AN7s1E0p6naXv+pziCn+mn5VbhCZ+78KPa
3/UEAr8M8A1XRhR0u1AezFAyj49AjkRdod6GnV1JjtJjgWbLXcgjicuOVvthjWf5
bIuW2mA9Ih48LufXEsoAiCSkITUMuxdHbFJIXdyuesG/NXCuUSEwbztESXgtu2sl
JEJDHi5NREc3WGqEFXH77USolGegiiv3nuSyhg4O3w+ypEk8BYgRlzxZUo1XXCXS
1X0CAwEAAaOCAk4wggJKMB0GA1UdDgQWBBRD69OftRi1XaAHQq7sew2mqrph9zAf
BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy
L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF
hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FFTFcvMFYG
CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
U0FFTFcvUS12VG43VVl0VjJnQjBLdTdIc05wcXE2WWZjLm1mdDAxBggrBgEFBQcw
DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAaATWjANBgkqhkiG9w0BAQsFAAOCAQEAhziv
zxv4My+CPL7FmIUlics4x4SstTXRGS7x7AtrOhqH7VmExkzCsfNgzAiK5YWkeqBd
3owXTASWVLOH/p5zY/aXK3l8jkN0H7UfCYSyxA/eu5hBcCR11HOYV5qcCzi2jIPP
tQkzMu6wDSDReiPvncE0kiqu3Yl36qPDKJk/eUCgfm3MTkZ8AsK9PpEhkuvXM9bL
cAYWgn+jsiVBAdu0UuAxEpTzWwIxBDbQP8T4x91pSICuNihSnbEN88soi9fk+NF0
idQlxvL8lYoom1DtbBm9r5ygidXeEgsVLpGKJ964czWNSmBwaZ25oi0o5doB6PRa
c+NXovbSfTsRa3O/Rg==
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:56:44 2025 by rpki-client