Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1Aagr27HSbr6GwP2X_fsggUMAHo.cer
File: 1Aagr27HSbr6GwP2X_fsggUMAHo.cer (raw, json)
Hash identifier: c+anw8xpcofXR8Ktud85Ae9tr3IHJAO4F39G7aDvd8A=
Subject key identifier: D4:06:A0:AF:6E:C7:49:BA:FA:1B:03:F6:5F:F7:EC:82:05:0C:00:7A
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: A0BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/1Aagr27HSbr6GwP2X_fsggUMAHo.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Tue 08 Aug 2023 05:01:13 +0000
Certificate not after: Fri 07 Jun 2024 02:16:11 +0000
Subordinate resources: IP: 43.247.68.0/22
IP: 43.254.156.0/22
IP: 45.248.128.0/22
IP: 45.248.208.0 -- 45.248.235.255
IP: 45.248.240.0 -- 45.249.7.255
IP: 103.24.176.0/22
IP: 103.61.140.0/22
IP: 103.65.60.0 -- 103.65.75.255
IP: 103.198.156.0/22
IP: 103.207.188.0 -- 103.207.215.255
IP: 103.217.0.0/18
IP: 103.238.188.0/22
IP: 124.150.137.0/24
IP: 137.59.59.0/24
IP: 175.111.144.0 -- 175.111.175.255
IP: 202.153.7.0/24
IP: 202.158.242.0/24
IP: 202.171.232.0/24
IP: 202.172.7.0/24
IP: 202.173.6.0/24
IP: 203.16.63.0/24
IP: 203.17.249.0/24
IP: 203.19.1.0/24
IP: 203.100.60.0/24
IP: 203.142.219.0/24
IP: 203.174.6.0/24
IP: 203.191.2.0/24
IP: 203.191.7.0/24
IP: 203.201.181.0/24
IP: 2406:9380::/32
IP: 2406:9480::/32
IP: 2406:9d80::/32
IP: 2406:9e80::/32
IP: 2406:9f80::/32
IP: 2406:a080::/32
IP: 2406:a180::/32
IP: 2406:a280::/32
IP: 2406:a380::/32
IP: 2406:a480::/32
IP: 2406:a580::/32
IP: 2406:a680::/32
IP: 2406:a780::/32
IP: 2406:a880::/32
IP: 2406:a980::/32
IP: 2406:aa80::/32
IP: 2406:ab80::/32
IP: 2406:ac80::/32
IP: 2406:ad80::/32
IP: 2406:ae80::/32
IP: 2406:af80::/32
IP: 2406:b080::/32
IP: 2406:b880::/32
IP: 2406:b980::/32
IP: 2406:ba80::/32
IP: 2406:bb80::/32
IP: 2406:bc80::/32
IP: 2406:bd80::/32
IP: 2406:be80::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 05:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41147 (0xa0bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Aug 8 05:01:13 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=D406A0AF6EC749BAFA1B03F65FF7EC82050C007A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:66:73:43:9c:1d:bb:fd:c8:4b:e7:d3:52:
29:70:33:7a:5b:7f:88:c7:48:75:ca:54:98:83:7a:
fd:58:6e:37:23:01:de:2f:02:21:c1:34:c7:b1:34:
e5:81:97:08:8a:6e:73:61:d3:86:47:f7:8e:7e:2a:
aa:c8:24:eb:ef:db:e0:b9:d3:91:3c:63:a9:b3:f6:
7c:81:8e:4c:88:7a:a1:ce:af:4f:a4:f4:63:a2:93:
ca:c0:6b:d3:61:c7:7d:77:49:b8:97:df:58:db:6d:
3e:c8:66:89:df:94:ed:64:ca:30:0c:fd:74:26:fe:
b0:63:9f:e0:02:fc:e2:b8:2e:b3:71:ac:5e:19:12:
02:ba:9d:6c:5b:49:a6:9d:28:38:4e:af:74:7d:e6:
06:74:6d:30:58:68:49:91:a8:bc:0e:26:9b:c1:29:
05:eb:83:7f:44:f4:b8:1d:94:e8:be:f7:67:77:14:
95:23:51:02:70:d8:1e:05:56:1d:7b:86:f1:d0:26:
80:8c:54:d9:60:66:b1:ad:d6:26:b6:42:a3:2f:be:
45:a6:fa:8e:6d:ed:cb:b1:31:fd:23:aa:6c:aa:9c:
e9:b9:c0:53:88:ad:1f:99:5c:7d:fe:43:19:c0:6a:
3a:c1:79:e3:e0:81:f4:3f:81:6e:29:83:13:aa:f2:
06:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:06:A0:AF:6E:C7:49:BA:FA:1B:03:F6:5F:F7:EC:82:05:0C:00:7A
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/580/1Aagr27HSbr6GwP2X_fsggUMAHo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.68.0/22
43.254.156.0/22
45.248.128.0/22
45.248.208.0-45.248.235.255
45.248.240.0-45.249.7.255
103.24.176.0/22
103.61.140.0/22
103.65.60.0-103.65.75.255
103.198.156.0/22
103.207.188.0-103.207.215.255
103.217.0.0/18
103.238.188.0/22
124.150.137.0/24
137.59.59.0/24
175.111.144.0-175.111.175.255
202.153.7.0/24
202.158.242.0/24
202.171.232.0/24
202.172.7.0/24
202.173.6.0/24
203.16.63.0/24
203.17.249.0/24
203.19.1.0/24
203.100.60.0/24
203.142.219.0/24
203.174.6.0/24
203.191.2.0/24
203.191.7.0/24
203.201.181.0/24
IPv6:
2406:9380::/32
2406:9480::/32
2406:9d80::/32
2406:9e80::/32
2406:9f80::/32
2406:a080::/32
2406:a180::/32
2406:a280::/32
2406:a380::/32
2406:a480::/32
2406:a580::/32
2406:a680::/32
2406:a780::/32
2406:a880::/32
2406:a980::/32
2406:aa80::/32
2406:ab80::/32
2406:ac80::/32
2406:ad80::/32
2406:ae80::/32
2406:af80::/32
2406:b080::/32
2406:b880::/32
2406:b980::/32
2406:ba80::/32
2406:bb80::/32
2406:bc80::/32
2406:bd80::/32
2406:be80::/32
Signature Algorithm: sha256WithRSAEncryption
49:70:03:df:c0:de:05:9e:a3:e2:27:5e:e6:b7:c0:c2:5d:a1:
9b:3d:2e:e8:72:87:fa:47:ca:0e:4d:24:50:ae:5d:45:a3:63:
b2:62:17:c7:73:0d:23:28:33:fa:a2:43:d9:c4:27:fa:0d:68:
82:89:dc:73:8d:77:e8:7a:e6:4d:e2:64:40:c6:fb:17:6d:00:
e2:37:7f:ec:8e:91:3d:c8:0a:c9:6d:92:2c:78:cc:ae:8b:c0:
9c:7e:5d:23:bd:d4:09:40:cd:c6:da:7c:eb:82:e9:f0:b6:02:
25:2b:85:1f:92:31:4c:bd:41:dc:9e:e6:8b:6f:8d:9e:4b:02:
99:de:15:16:bc:2b:7b:ce:4c:aa:98:bc:58:67:47:b1:c8:68:
a8:9e:57:95:8e:49:64:53:17:24:ce:45:56:fb:37:72:9e:50:
0c:71:ca:21:97:02:77:71:fb:d0:b2:20:48:b1:16:88:7e:18:
48:32:dd:01:6f:1e:ae:fd:9a:2b:3f:ee:75:b6:38:af:a1:1c:
fb:a6:11:72:f1:d9:06:71:e7:ac:4d:3a:fe:e1:4f:18:f3:f1:
a4:fa:d2:b7:58:31:b5:47:65:7d:f6:ca:e0:28:e6:e0:6d:f9:
d6:1f:bf:bf:65:81:75:58:fe:50:0a:db:ae:ab:ff:06:df:0e:
87:96:c0:5c
-----BEGIN CERTIFICATE-----
MIIG/DCCBeSgAwIBAgIDAKC7MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yMzA4MDgwNTAxMTNaFw0yNDA2MDcwMjE2MTFaMDMx
MTAvBgNVBAMTKEQ0MDZBMEFGNkVDNzQ5QkFGQTFCMDNGNjVGRjdFQzgyMDUwQzAw
N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0WmZzQ5wdu/3IS+fT
UilwM3pbf4jHSHXKVJiDev1YbjcjAd4vAiHBNMexNOWBlwiKbnNh04ZH945+KqrI
JOvv2+C505E8Y6mz9nyBjkyIeqHOr0+k9GOik8rAa9Nhx313SbiX31jbbT7IZonf
lO1kyjAM/XQm/rBjn+AC/OK4LrNxrF4ZEgK6nWxbSaadKDhOr3R95gZ0bTBYaEmR
qLwOJpvBKQXrg39E9LgdlOi+92d3FJUjUQJw2B4FVh17hvHQJoCMVNlgZrGt1ia2
QqMvvkWm+o5t7cuxMf0jqmyqnOm5wFOIrR+ZXH3+QxnAajrBeePggfQ/gW4pgxOq
8gaPAgMBAAGjggQAMIID/DAdBgNVHQ4EFgQU1Aagr27HSbr6GwP2X/fsggUMAHow
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU4
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81ODAvMUFhZ3IyN0hTYnI2R3dQMlhfZnNnZ1VNQUhvLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDCC
AcoGCCsGAQUFBwEHAQH/BIIBuTCCAbUwgd0EAgABMIHWAwQCK/dEAwQCK/6cAwQC
LfiAMAwDBAQt+NADBAIt+OgwDAMEBC348AMEAy35AAMEAmcYsAMEAmc9jDAMAwQC
Z0E8AwQCZ0FIAwQCZ8acMAwDBAJnz7wDBANnz9ADBAZn2QADBAJn7rwDBAB8lokD
BACJOzswDAMEBK9vkAMEBK9voAMEAMqZBwMEAMqe8gMEAMqr6AMEAMqsBwMEAMqt
BgMEAMsQPwMEAMsR+QMEAMsTAQMEAMtkPAMEAMuO2wMEAMuuBgMEAMu/AgMEAMu/
BwMEAMvJtTCB0gQCAAIwgcsDBQAkBpOAAwUAJAaUgAMFACQGnYADBQAkBp6AAwUA
JAafgAMFACQGoIADBQAkBqGAAwUAJAaigAMFACQGo4ADBQAkBqSAAwUAJAalgAMF
ACQGpoADBQAkBqeAAwUAJAaogAMFACQGqYADBQAkBqqAAwUAJAargAMFACQGrIAD
BQAkBq2AAwUAJAaugAMFACQGr4ADBQAkBrCAAwUAJAa4gAMFACQGuYADBQAkBrqA
AwUAJAa7gAMFACQGvIADBQAkBr2AAwUAJAa+gDANBgkqhkiG9w0BAQsFAAOCAQEA
SXAD38DeBZ6j4ide5rfAwl2hmz0u6HKH+kfKDk0kUK5dRaNjsmIXx3MNIygz+qJD
2cQn+g1ogoncc4136HrmTeJkQMb7F20A4jd/7I6RPcgKyW2SLHjMrovAnH5dI73U
CUDNxtp864Lp8LYCJSuFH5IxTL1B3J7mi2+NnksCmd4VFrwre85Mqpi8WGdHscho
qJ5XlY5JZFMXJM5FVvs3cp5QDHHKIZcCd3H70LIgSLEWiH4YSDLdAW8erv2aKz/u
dbY4r6Ec+6YRcvHZBnHnrE06/uFPGPPxpPrSt1gxtUdlffbK4Cjm4G351h+/v2WB
dVj+UArbrqv/Bt8Oh5bAXA==
-----END CERTIFICATE-----
Generated at Mon May 20 00:52:43 2024 by rpki-client on console-ams.rpki-client.org