Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1Aagr27HSbr6GwP2X_fsggUMAHo.cer
File: 1Aagr27HSbr6GwP2X_fsggUMAHo.cer (raw, json)
Hash identifier: gcsQXZs18i7Fm88PrnW6FXv33SlVKn20OH4CPwDhcYs=
Subject key identifier: D4:06:A0:AF:6E:C7:49:BA:FA:1B:03:F6:5F:F7:EC:82:05:0C:00:7A
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CE97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/1Aagr27HSbr6GwP2X_fsggUMAHo.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:15:22 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 59072
IP: 43.247.68.0/22
IP: 43.254.156.0/22
IP: 45.248.128.0/22
IP: 45.248.208.0 -- 45.248.235.255
IP: 45.248.240.0 -- 45.249.7.255
IP: 103.24.176.0/22
IP: 103.61.140.0/22
IP: 103.65.60.0 -- 103.65.75.255
IP: 103.198.156.0/22
IP: 103.207.188.0 -- 103.207.215.255
IP: 103.217.0.0/18
IP: 103.238.188.0/22
IP: 124.150.137.0/24
IP: 137.59.59.0/24
IP: 175.111.144.0 -- 175.111.175.255
IP: 202.153.7.0/24
IP: 202.158.242.0/24
IP: 202.171.232.0/24
IP: 202.172.7.0/24
IP: 202.173.6.0/24
IP: 203.16.63.0/24
IP: 203.17.249.0/24
IP: 203.19.1.0/24
IP: 203.100.60.0/24
IP: 203.142.219.0/24
IP: 203.174.6.0/24
IP: 203.191.2.0/24
IP: 203.191.7.0/24
IP: 203.201.181.0/24
IP: 2406:9380::/32
IP: 2406:9480::/32
IP: 2406:9d80::/32
IP: 2406:9e80::/32
IP: 2406:9f80::/32
IP: 2406:a080::/32
IP: 2406:a180::/32
IP: 2406:a280::/32
IP: 2406:a380::/32
IP: 2406:a480::/32
IP: 2406:a580::/32
IP: 2406:a680::/32
IP: 2406:a780::/32
IP: 2406:a880::/32
IP: 2406:a980::/32
IP: 2406:aa80::/32
IP: 2406:ab80::/32
IP: 2406:ac80::/32
IP: 2406:ad80::/32
IP: 2406:ae80::/32
IP: 2406:af80::/32
IP: 2406:b080::/32
IP: 2406:b880::/32
IP: 2406:b980::/32
IP: 2406:ba80::/32
IP: 2406:bb80::/32
IP: 2406:bc80::/32
IP: 2406:bd80::/32
IP: 2406:be80::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52887 (0xce97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:15:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D406A0AF6EC749BAFA1B03F65FF7EC82050C007A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:66:73:43:9c:1d:bb:fd:c8:4b:e7:d3:52:
29:70:33:7a:5b:7f:88:c7:48:75:ca:54:98:83:7a:
fd:58:6e:37:23:01:de:2f:02:21:c1:34:c7:b1:34:
e5:81:97:08:8a:6e:73:61:d3:86:47:f7:8e:7e:2a:
aa:c8:24:eb:ef:db:e0:b9:d3:91:3c:63:a9:b3:f6:
7c:81:8e:4c:88:7a:a1:ce:af:4f:a4:f4:63:a2:93:
ca:c0:6b:d3:61:c7:7d:77:49:b8:97:df:58:db:6d:
3e:c8:66:89:df:94:ed:64:ca:30:0c:fd:74:26:fe:
b0:63:9f:e0:02:fc:e2:b8:2e:b3:71:ac:5e:19:12:
02:ba:9d:6c:5b:49:a6:9d:28:38:4e:af:74:7d:e6:
06:74:6d:30:58:68:49:91:a8:bc:0e:26:9b:c1:29:
05:eb:83:7f:44:f4:b8:1d:94:e8:be:f7:67:77:14:
95:23:51:02:70:d8:1e:05:56:1d:7b:86:f1:d0:26:
80:8c:54:d9:60:66:b1:ad:d6:26:b6:42:a3:2f:be:
45:a6:fa:8e:6d:ed:cb:b1:31:fd:23:aa:6c:aa:9c:
e9:b9:c0:53:88:ad:1f:99:5c:7d:fe:43:19:c0:6a:
3a:c1:79:e3:e0:81:f4:3f:81:6e:29:83:13:aa:f2:
06:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:06:A0:AF:6E:C7:49:BA:FA:1B:03:F6:5F:F7:EC:82:05:0C:00:7A
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/1Aagr27HSbr6GwP2X_fsggUMAHo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59072
sbgp-ipAddrBlock: critical
IPv4:
43.247.68.0/22
43.254.156.0/22
45.248.128.0/22
45.248.208.0-45.248.235.255
45.248.240.0-45.249.7.255
103.24.176.0/22
103.61.140.0/22
103.65.60.0-103.65.75.255
103.198.156.0/22
103.207.188.0-103.207.215.255
103.217.0.0/18
103.238.188.0/22
124.150.137.0/24
137.59.59.0/24
175.111.144.0-175.111.175.255
202.153.7.0/24
202.158.242.0/24
202.171.232.0/24
202.172.7.0/24
202.173.6.0/24
203.16.63.0/24
203.17.249.0/24
203.19.1.0/24
203.100.60.0/24
203.142.219.0/24
203.174.6.0/24
203.191.2.0/24
203.191.7.0/24
203.201.181.0/24
IPv6:
2406:9380::/32
2406:9480::/32
2406:9d80::/32
2406:9e80::/32
2406:9f80::/32
2406:a080::/32
2406:a180::/32
2406:a280::/32
2406:a380::/32
2406:a480::/32
2406:a580::/32
2406:a680::/32
2406:a780::/32
2406:a880::/32
2406:a980::/32
2406:aa80::/32
2406:ab80::/32
2406:ac80::/32
2406:ad80::/32
2406:ae80::/32
2406:af80::/32
2406:b080::/32
2406:b880::/32
2406:b980::/32
2406:ba80::/32
2406:bb80::/32
2406:bc80::/32
2406:bd80::/32
2406:be80::/32
Signature Algorithm: sha256WithRSAEncryption
5e:30:49:5a:80:e4:64:34:fc:1a:9a:b1:5b:6e:40:24:7e:78:
d1:e3:e7:99:56:95:66:a1:2a:75:37:16:df:5b:6e:3f:ee:96:
ce:df:2c:0c:d1:61:9f:16:5d:de:a1:b1:e8:9c:ed:38:02:9e:
cf:ab:45:e3:7a:bd:77:39:8f:be:c3:50:a8:3b:73:77:c6:fb:
cb:68:84:1b:97:3c:3e:62:11:63:fa:c7:a1:a8:6b:b6:b3:c7:
17:53:32:1f:a9:44:71:d9:34:2d:48:f8:b9:ac:14:9a:e7:97:
ad:fe:5b:2b:b8:f9:a7:8f:f8:05:48:8a:03:b4:28:e7:95:a9:
db:b8:f1:57:e4:ab:e6:9d:81:cd:f1:f5:bd:17:8a:71:ed:65:
03:b7:6d:11:73:3b:4a:f3:0c:e1:b9:1b:05:83:cb:ee:da:4f:
c8:54:1c:b8:90:9c:c2:7f:19:2a:0b:89:24:3b:9e:27:aa:08:
02:fb:1f:9f:b9:57:75:fe:0e:57:15:6a:01:05:21:6e:71:23:
2c:ac:8c:d2:ae:7a:ba:85:d7:ed:db:ea:b8:0b:e0:0e:5c:fa:
3c:38:ac:fc:d8:61:c2:ed:82:ab:b1:92:57:1b:1d:a2:a3:9e:
23:88:f4:41:fc:f2:38:f6:22:a4:6c:6d:e1:db:6d:22:24:d7:
c7:47:dc:e2
-----BEGIN CERTIFICATE-----
MIIHGDCCBgCgAwIBAgIDAM6XMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE1MjJaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKEQ0MDZBMEFGNkVDNzQ5QkFGQTFCMDNGNjVGRjdFQzgyMDUwQzAw
N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0WmZzQ5wdu/3IS+fT
UilwM3pbf4jHSHXKVJiDev1YbjcjAd4vAiHBNMexNOWBlwiKbnNh04ZH945+KqrI
JOvv2+C505E8Y6mz9nyBjkyIeqHOr0+k9GOik8rAa9Nhx313SbiX31jbbT7IZonf
lO1kyjAM/XQm/rBjn+AC/OK4LrNxrF4ZEgK6nWxbSaadKDhOr3R95gZ0bTBYaEmR
qLwOJpvBKQXrg39E9LgdlOi+92d3FJUjUQJw2B4FVh17hvHQJoCMVNlgZrGt1ia2
QqMvvkWm+o5t7cuxMf0jqmyqnOm5wFOIrR+ZXH3+QxnAajrBeePggfQ/gW4pgxOq
8gaPAgMBAAGjggQcMIIEGDAdBgNVHQ4EFgQU1Aagr27HSbr6GwP2X/fsggUMAHow
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU4
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81ODAvMUFhZ3IyN0hTYnI2R3dQMlhfZnNnZ1VNQUhvLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA5sAwggHKBggrBgEFBQcBBwEB/wSCAbkw
ggG1MIHdBAIAATCB1gMEAiv3RAMEAiv+nAMEAi34gDAMAwQELfjQAwQCLfjoMAwD
BAQt+PADBAMt+QADBAJnGLADBAJnPYwwDAMEAmdBPAMEAmdBSAMEAmfGnDAMAwQC
Z8+8AwQDZ8/QAwQGZ9kAAwQCZ+68AwQAfJaJAwQAiTs7MAwDBASvb5ADBASvb6AD
BADKmQcDBADKnvIDBADKq+gDBADKrAcDBADKrQYDBADLED8DBADLEfkDBADLEwED
BADLZDwDBADLjtsDBADLrgYDBADLvwIDBADLvwcDBADLybUwgdIEAgACMIHLAwUA
JAaTgAMFACQGlIADBQAkBp2AAwUAJAaegAMFACQGn4ADBQAkBqCAAwUAJAahgAMF
ACQGooADBQAkBqOAAwUAJAakgAMFACQGpYADBQAkBqaAAwUAJAangAMFACQGqIAD
BQAkBqmAAwUAJAaqgAMFACQGq4ADBQAkBqyAAwUAJAatgAMFACQGroADBQAkBq+A
AwUAJAawgAMFACQGuIADBQAkBrmAAwUAJAa6gAMFACQGu4ADBQAkBryAAwUAJAa9
gAMFACQGvoAwDQYJKoZIhvcNAQELBQADggEBAF4wSVqA5GQ0/BqasVtuQCR+eNHj
55lWlWahKnU3Ft9bbj/uls7fLAzRYZ8WXd6hseic7TgCns+rReN6vXc5j77DUKg7
c3fG+8tohBuXPD5iEWP6x6Goa7azxxdTMh+pRHHZNC1I+LmsFJrnl63+Wyu4+aeP
+AVIigO0KOeVqdu48Vfkq+adgc3x9b0XinHtZQO3bRFzO0rzDOG5GwWDy+7aT8hU
HLiQnMJ/GSoLiSQ7nieqCAL7H5+5V3X+DlcVagEFIW5xIyysjNKuerqF1+3b6rgL
4A5c+jw4rPzYYcLtgquxklcbHaKjniOI9EH88jj2IqRsbeHbbSIk18dH3OI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:18:51 2025 by rpki-client