Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer
File: -3g5E2fIrZfRqcIaNTKFrV5ojRw.cer (raw, json)
Hash identifier: 2tj/f33ZTbJ5dnS87/Mm8eq0ieInzU4IIW/bmUFEXK4=
Subject key identifier: FB:78:39:13:67:C8:AD:97:D1:A9:C2:1A:35:32:85:AD:5E:68:8D:1C
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: C0A2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 22 Nov 2024 04:21:50 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 55991
IP: 43.228.204.0/22
IP: 43.228.240.0/22
IP: 103.41.116.0/22
IP: 103.44.144.0/22
IP: 103.56.100.0 -- 103.56.107.255
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49314 (0xc0a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Nov 22 04:21:50 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FB78391367C8AD97D1A9C21A353285AD5E688D1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d6:ff:5b:36:43:33:e0:b4:b8:c3:c0:6c:35:
14:53:01:f6:e0:b6:42:43:2f:fb:60:1a:51:2f:14:
90:ff:e6:e1:41:ac:99:bf:af:d5:fb:96:95:40:a5:
cd:19:d9:9a:07:ea:38:47:0d:c2:22:fc:b6:c9:25:
8a:6a:0b:f4:37:44:0f:6f:6a:d9:8d:b2:81:6a:e8:
50:ef:38:3d:55:2a:77:f1:53:fc:7c:0d:a8:c6:7d:
d5:39:52:6e:a3:d2:60:84:a6:2c:4f:00:30:fa:cb:
ac:1d:a7:3e:dd:09:7e:eb:36:24:7e:96:7a:ca:0f:
48:1b:b6:05:68:19:e3:2f:02:a3:50:ec:b4:9a:d3:
08:7f:8f:2d:e7:74:b0:77:56:72:ce:f4:4f:a7:fe:
4c:2b:f4:20:0d:38:c5:f4:7f:0c:26:72:9a:64:49:
57:10:3e:9e:66:47:1d:50:fa:b4:bd:63:0d:5a:ef:
50:6b:d1:aa:d1:68:30:33:68:82:af:99:13:38:d5:
5e:af:5f:df:f2:cf:db:a8:59:f8:6f:ca:ed:fa:ab:
20:12:49:0f:0d:29:8a:4f:eb:39:77:05:8e:a9:31:
46:d0:db:a1:ca:d1:a2:92:f6:39:9b:2b:6d:ca:b8:
33:d3:07:68:1a:99:1b:a0:53:05:29:6e:43:91:9e:
d3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:78:39:13:67:C8:AD:97:D1:A9:C2:1A:35:32:85:AD:5E:68:8D:1C
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55991
sbgp-ipAddrBlock: critical
IPv4:
43.228.204.0/22
43.228.240.0/22
103.41.116.0/22
103.44.144.0/22
103.56.100.0-103.56.107.255
Signature Algorithm: sha256WithRSAEncryption
00:74:6a:0c:18:01:e1:f0:22:43:91:d2:1d:7a:a4:56:fb:d1:
9c:35:6d:49:6c:7f:ea:3e:ea:80:49:ce:1c:8e:62:fa:38:38:
4e:5d:5f:83:11:fd:43:1d:25:c8:ea:8d:25:4e:88:3d:e6:4e:
e5:d2:2f:98:78:92:0f:0d:f3:2e:38:c1:22:19:ee:c2:a0:34:
79:05:07:3a:a8:8f:ca:32:f0:30:4e:ca:be:8a:d0:ea:b7:0f:
6f:a1:2b:d9:bc:4f:ec:91:30:31:5f:59:bb:dc:72:0f:cb:b0:
21:20:b6:9e:2b:8c:91:5c:17:52:01:04:f5:0b:6b:e3:af:13:
eb:b9:d9:3e:d6:9d:bd:7d:eb:9d:46:a0:81:99:73:2f:ce:75:
33:37:0f:33:22:40:09:8e:51:4e:d4:89:13:f1:7e:18:8e:5a:
4d:6b:18:85:45:ea:ee:ba:47:18:c7:71:bc:f9:8c:8b:84:2b:
9d:65:37:d2:69:aa:b4:86:fd:49:aa:56:40:f1:b4:20:79:44:
06:c1:9a:e4:13:8f:f3:ce:32:21:41:93:63:0a:8f:c9:dc:8a:
3a:e8:59:4a:6a:80:b2:e2:88:21:b7:ab:2f:cc:aa:22:32:46:
9f:af:a8:38:24:67:74:e5:b2:ac:4e:04:a5:8d:78:33:dc:f1:
10:35:f5:15
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAMCiMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDExMjIwNDIxNTBaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEZCNzgzOTEzNjdDOEFEOTdEMUE5QzIxQTM1MzI4NUFENUU2ODhE
MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT1v9bNkMz4LS4w8Bs
NRRTAfbgtkJDL/tgGlEvFJD/5uFBrJm/r9X7lpVApc0Z2ZoH6jhHDcIi/LbJJYpq
C/Q3RA9vatmNsoFq6FDvOD1VKnfxU/x8DajGfdU5Um6j0mCEpixPADD6y6wdpz7d
CX7rNiR+lnrKD0gbtgVoGeMvAqNQ7LSa0wh/jy3ndLB3VnLO9E+n/kwr9CANOMX0
fwwmcppkSVcQPp5mRx1Q+rS9Yw1a71Br0arRaDAzaIKvmRM41V6vX9/yz9uoWfhv
yu36qyASSQ8NKYpP6zl3BY6pMUbQ26HK0aKS9jmbK23KuDPTB2gamRugUwUpbkOR
ntPFAgMBAAGjggKRMIICjTAdBgNVHQ4EFgQU+3g5E2fIrZfRqcIaNTKFrV5ojRww
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1
MDgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjUwOC8tM2c1RTJmSXJaZlJxY0lhTlRLRnJWNW9qUncubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDatzA/BggrBgEFBQcBBwEB/wQwMC4w
LAQCAAEwJgMEAivkzAMEAivk8AMEAmcpdAMEAmcskDAMAwQCZzhkAwQCZzhoMA0G
CSqGSIb3DQEBCwUAA4IBAQAAdGoMGAHh8CJDkdIdeqRW+9GcNW1JbH/qPuqASc4c
jmL6ODhOXV+DEf1DHSXI6o0lTog95k7l0i+YeJIPDfMuOMEiGe7CoDR5BQc6qI/K
MvAwTsq+itDqtw9voSvZvE/skTAxX1m73HIPy7AhILaeK4yRXBdSAQT1C2vjrxPr
udk+1p29feudRqCBmXMvznUzNw8zIkAJjlFO1IkT8X4YjlpNaxiFReruukcYx3G8
+YyLhCudZTfSaaq0hv1JqlZA8bQgeUQGwZrkE4/zzjIhQZNjCo/J3Io66FlKaoCy
4oght6svzKoiMkafr6g4JGd05bKsTgSljXgz3PEQNfUV
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:19 2024 by rpki-client on console-ams.rpki-client.org