Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
File: MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer (raw, json)
Hash identifier: xhgVXHi4O1JdmQhJKreLkwFu2PtbuhyqNIB9gZG4mwU=
Subject key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CD2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:07:51 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 9813
AS: 24413
AS: 38340
AS: 45059
IP: 103.26.228.0/22
IP: 114.28.0.0 -- 114.28.67.255
IP: 114.28.80.0 -- 114.28.127.255
IP: 114.28.192.0/18
IP: 202.46.32.0/19
IP: 2400:3e00::/32
IP: 2402:33c0::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 02:40:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52523 (0xcd2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Apr 3 08:07:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:90:ea:2c:81:3c:c0:88:eb:d8:bc:96:49:9a:
74:15:24:c9:67:82:a0:1d:0b:d2:79:16:8f:93:1e:
e5:7b:09:41:c0:5e:e9:44:ed:f8:b3:53:83:25:df:
4f:ff:89:13:f1:b3:19:0b:85:b1:0e:a1:26:87:3b:
39:ae:90:ba:82:f4:81:78:00:65:cc:5d:2c:44:e8:
c4:6f:cf:61:15:63:03:2a:a9:74:fa:94:e4:37:50:
bb:bf:26:71:01:64:a8:87:17:c0:4a:d8:0f:09:46:
ee:dc:3a:4b:38:57:e4:01:17:9e:66:fa:1f:22:f3:
df:20:3e:a4:0d:20:b4:ea:bb:65:2b:97:dc:df:57:
d5:9c:b5:36:d6:e8:f7:ce:dd:a8:17:90:6a:91:2d:
7a:56:74:d9:59:01:76:2d:71:af:b7:71:3a:ec:51:
8b:d1:d5:8e:6e:0f:02:a4:8d:b8:01:35:e1:e9:48:
e3:f0:b8:d0:04:35:31:38:29:17:c0:39:3a:ca:8b:
33:35:f1:bd:86:08:0d:22:af:0f:5a:60:c9:9b:1e:
fe:d9:c2:95:6e:79:ec:30:12:59:df:4f:5e:fd:23:
3e:7d:5b:8a:87:9a:ca:5f:f9:49:07:a3:67:05:a0:
65:16:c0:29:3c:50:54:ea:06:e9:66:a1:1e:1b:ff:
84:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9813
24413
38340
45059
sbgp-ipAddrBlock: critical
IPv4:
103.26.228.0/22
114.28.0.0-114.28.67.255
114.28.80.0-114.28.127.255
114.28.192.0/18
202.46.32.0/19
IPv6:
2400:3e00::/32
2402:33c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:74:7c:ea:f6:3a:a7:8c:56:ca:6b:a0:2f:3e:09:aa:cd:9b:
ba:ad:e0:29:7a:59:9e:ca:87:55:2c:57:98:95:84:a7:73:fb:
45:a8:dc:52:62:34:26:71:f3:05:22:92:80:ae:e2:e4:3d:b9:
94:0f:d6:d5:ef:2a:b3:d1:70:13:0b:31:45:54:f6:95:98:66:
53:f8:da:41:2d:b5:81:cb:3d:9c:76:29:4f:72:f0:67:8d:e0:
3e:4c:d1:5b:cc:22:69:1b:80:8a:f6:07:e0:78:b2:79:32:44:
98:e8:f3:46:56:7e:78:ba:38:90:21:b8:19:36:7c:a1:8f:28:
d8:ab:0f:a3:96:32:92:14:73:0e:3a:ba:b5:92:e2:28:1a:f9:
66:0b:c6:08:8c:a0:8b:97:2a:89:a1:65:99:8a:d1:cf:ef:36:
e8:da:2c:bb:8b:57:36:81:6c:74:82:a9:0a:55:a2:59:b3:3b:
60:30:32:c7:9b:49:a6:2f:45:44:74:2f:fb:aa:1e:89:57:54:
5f:ea:6c:75:2f:cb:cd:ff:96:26:c7:27:9f:8e:ca:b9:22:6b:
f6:85:ea:b4:f6:8d:26:df:6b:28:21:ae:8e:bf:fc:1c:c5:94:
29:30:05:92:ee:30:62:f8:1a:5b:da:4e:f3:50:07:f2:44:c2:
75:a3:a7:02
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIDAM0rMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA3NTFaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDMwOUMyQTk0M0IyOERDMDg1OEMzOUI5MjA4QTE2MDlDMDk3M0U0
OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYkOosgTzAiOvYvJZJ
mnQVJMlngqAdC9J5Fo+THuV7CUHAXulE7fizU4Ml30//iRPxsxkLhbEOoSaHOzmu
kLqC9IF4AGXMXSxE6MRvz2EVYwMqqXT6lOQ3ULu/JnEBZKiHF8BK2A8JRu7cOks4
V+QBF55m+h8i898gPqQNILTqu2Url9zfV9WctTbW6PfO3agXkGqRLXpWdNlZAXYt
ca+3cTrsUYvR1Y5uDwKkjbgBNeHpSOPwuNAENTE4KRfAOTrKizM18b2GCA0irw9a
YMmbHv7ZwpVueewwElnfT179Iz59W4qHmspf+UkHo2cFoGUWwCk8UFTqBulmoR4b
/4RvAgMBAAGjggK5MIICtTAdBgNVHQ4EFgQUMJwqlDso3AhYw5uSCKFgnAlz5Jow
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYy
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC82MjAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAn
BggrBgEFBQcBCAEB/wQYMBagFDASAgImVQICX10CAwCVxAIDALADMFwGCCsGAQUF
BwEHAQH/BE0wSzAzBAIAATAtAwQCZxrkMAsDAwJyHAMEAnIcQDAMAwQEchxQAwQH
chwAAwQGchzAAwQFyi4gMBQEAgACMA4DBQAkAD4AAwUAJAIzwDANBgkqhkiG9w0B
AQsFAAOCAQEAr3R86vY6p4xWymugLz4Jqs2buq3gKXpZnsqHVSxXmJWEp3P7Rajc
UmI0JnHzBSKSgK7i5D25lA/W1e8qs9FwEwsxRVT2lZhmU/jaQS21gcs9nHYpT3Lw
Z43gPkzRW8wiaRuAivYH4HiyeTJEmOjzRlZ+eLo4kCG4GTZ8oY8o2KsPo5YykhRz
Djq6tZLiKBr5ZgvGCIygi5cqiaFlmYrRz+826Nosu4tXNoFsdIKpClWiWbM7YDAy
x5tJpi9FRHQv+6oeiVdUX+psdS/Lzf+WJscnn47KuSJr9oXqtPaNJt9rKCGujr/8
HMWUKTAFku4wYvgaW9pO81AH8kTCdaOnAg==
-----END CERTIFICATE-----
Generated at Wed Apr 23 00:18:32 2025 by rpki-client