Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
File: 27TF-pa4dBv2i0i_AE29b9ljb60.cer (raw, json)
Hash identifier: nm1asG3Gfhl4arEmeaYl9x9Pi1nbafi6kGpOdSORLEk=
Subject key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CF2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Wed 09 Apr 2025 06:48:11 +0000
Certificate not after: Thu 09 Apr 2026 06:41:00 +0000
Subordinate resources: AS: 63567
IP: 43.226.96.0/20
IP: 43.240.0.0/22
IP: 43.241.48.0/22
IP: 43.247.92.0/22
IP: 43.248.80.0/20
IP: 43.248.176.0 -- 43.248.207.255
IP: 103.37.44.0/22
IP: 103.40.12.0/22
IP: 103.45.160.0/22
IP: 103.83.72.0/22
IP: 103.87.180.0/22
IP: 103.98.140.0 -- 103.98.147.255
IP: 103.205.252.0/22
IP: 103.239.244.0/22
IP: 111.223.12.0/22
IP: 2403:3380::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 02:40:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53039 (0xcf2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Apr 9 06:48:11 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:10:36:99:e7:de:e4:de:0e:b9:37:c2:c7:
ec:76:32:81:d2:ef:3b:6a:81:8e:2e:8e:2f:6b:ee:
95:bf:e6:70:8b:55:92:f7:b0:ae:74:17:52:d5:77:
83:ec:66:64:d9:48:08:bb:89:6e:af:91:df:86:1f:
e1:4c:6b:f5:ce:ad:1b:8f:89:cd:55:ad:19:46:2a:
80:13:88:15:8c:d9:7e:04:d0:f2:7e:4b:25:e5:1c:
5c:cc:a1:00:b6:ed:94:af:8c:37:6d:dd:37:23:91:
d8:2a:72:5c:fe:98:b6:5e:a0:20:ae:22:64:ec:ae:
b1:08:d8:0a:25:fa:c5:bd:60:51:f3:84:bd:fb:c5:
46:d1:05:93:1c:68:f0:6f:e4:f5:4d:b5:ef:54:c5:
86:82:7c:b0:3b:f4:46:fd:9b:52:27:bf:81:89:72:
2c:e7:e8:84:e4:2a:6c:20:0a:5f:dd:88:ca:ac:88:
03:02:37:54:ee:3a:d5:5a:f2:aa:ed:5c:a7:ab:79:
8e:70:6b:07:73:f7:c6:c4:6b:09:17:a5:c7:18:41:
ae:02:07:11:a0:75:a2:7f:fc:f3:a7:e6:67:1e:cb:
23:41:bb:a7:f8:03:0a:78:26:de:98:87:06:6e:51:
93:be:25:87:b6:7f:84:79:ab:fd:76:b8:15:8f:77:
a3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63567
sbgp-ipAddrBlock: critical
IPv4:
43.226.96.0/20
43.240.0.0/22
43.241.48.0/22
43.247.92.0/22
43.248.80.0/20
43.248.176.0-43.248.207.255
103.37.44.0/22
103.40.12.0/22
103.45.160.0/22
103.83.72.0/22
103.87.180.0/22
103.98.140.0-103.98.147.255
103.205.252.0/22
103.239.244.0/22
111.223.12.0/22
IPv6:
2403:3380::/32
Signature Algorithm: sha256WithRSAEncryption
6f:3b:10:54:19:eb:3c:88:25:15:ed:b6:7a:ac:fc:bf:c4:26:
a4:2e:bf:18:96:ca:92:cc:53:e0:5e:a2:9b:78:32:65:09:96:
08:2d:2f:09:67:16:ff:64:9a:63:2d:8b:49:9e:f1:a4:cc:d0:
f1:a5:60:93:14:41:c3:88:e8:45:14:93:33:bd:09:52:9f:f9:
12:fd:00:81:9a:a3:db:04:69:4f:5f:91:79:eb:52:bb:7b:d5:
c0:d0:ec:25:86:72:b6:a7:b6:d4:80:5e:b2:23:9c:f5:78:2b:
e8:e6:9f:0f:b7:f1:b7:3f:57:ec:a8:1f:5c:14:a1:a6:01:f6:
e1:30:ed:89:5a:e2:0c:52:6c:6b:2a:7b:b4:29:b2:9a:8f:8d:
63:6e:01:45:0e:23:d9:ba:9a:e2:b9:47:17:bd:c0:64:9a:9b:
21:57:04:67:3b:6c:8a:b3:61:bd:38:da:27:42:42:ad:21:ba:
77:d6:1f:c5:42:00:b0:9f:69:32:de:63:7b:57:a1:6a:e8:54:
09:78:e1:c3:3a:db:58:28:89:ff:97:5f:84:e2:0a:0b:3a:db:
00:1c:50:cb:45:57:48:62:d5:4c:53:8f:0a:b6:ab:14:c5:5f:
22:af:fe:92:db:bc:94:aa:6f:89:d2:44:46:46:23:b4:eb:5d:
97:75:a8:72
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgIDAM8vMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDkwNjQ4MTFaFw0yNjA0MDkwNjQxMDBaMDMx
MTAvBgNVBAMTKERCQjRDNUZBOTZCODc0MUJGNjhCNDhCRjAwNERCRDZGRDk2MzZG
QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDnRA2mefe5N4OuTfC
x+x2MoHS7ztqgY4uji9r7pW/5nCLVZL3sK50F1LVd4PsZmTZSAi7iW6vkd+GH+FM
a/XOrRuPic1VrRlGKoATiBWM2X4E0PJ+SyXlHFzMoQC27ZSvjDdt3Tcjkdgqclz+
mLZeoCCuImTsrrEI2Aol+sW9YFHzhL37xUbRBZMcaPBv5PVNte9UxYaCfLA79Eb9
m1Inv4GJcizn6ITkKmwgCl/diMqsiAMCN1TuOtVa8qrtXKereY5wawdz98bEawkX
pccYQa4CBxGgdaJ//POn5mceyyNBu6f4Awp4Jt6YhwZuUZO+JYe2f4R5q/12uBWP
d6NLAgMBAAGjggLlMIIC4TAdBgNVHQ4EFgQU27TF+pa4dBv2i0i/AE29b9ljb60w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzg5
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC84OTAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA+E8wgZQGCCsGAQUFBwEHAQH/BIGEMIGB
MHAEAgABMGoDBAQr4mADBAIr8AADBAIr8TADBAIr91wDBAQr+FAwDAMEBCv4sAME
BCv4wAMEAmclLAMEAmcoDAMEAmctoAMEAmdTSAMEAmdXtDAMAwQCZ2KMAwQCZ2KQ
AwQCZ838AwQCZ+/0AwQCb98MMA0EAgACMAcDBQAkAzOAMA0GCSqGSIb3DQEBCwUA
A4IBAQBvOxBUGes8iCUV7bZ6rPy/xCakLr8YlsqSzFPgXqKbeDJlCZYILS8JZxb/
ZJpjLYtJnvGkzNDxpWCTFEHDiOhFFJMzvQlSn/kS/QCBmqPbBGlPX5F561K7e9XA
0OwlhnK2p7bUgF6yI5z1eCvo5p8Pt/G3P1fsqB9cFKGmAfbhMO2JWuIMUmxrKnu0
KbKaj41jbgFFDiPZupriuUcXvcBkmpshVwRnO2yKs2G9ONonQkKtIbp31h/FQgCw
n2ky3mN7V6Fq6FQJeOHDOttYKIn/l1+E4goLOtsAHFDLRVdIYtVMU48KtqsUxV8i
r/6S27yUqm+J0kRGRiO0612Xdahy
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:21:40 2025 by rpki-client