Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer (raw, json)
Hash identifier: NRRWpbxzV2R37HXOcRQoR6vMaZokCDcKBSsVsj+CEqs=
Subject key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CE55
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:14:04 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 9812
AS: 23850
IP: 58.24.0.0/15
IP: 60.63.0.0/16
IP: 61.87.192.0/18
IP: 111.212.0.0/14
IP: 114.60.0.0/14
IP: 118.132.0.0/14
IP: 121.76.0.0/15
IP: 124.28.192.0/18
IP: 124.151.0.0/16
IP: 202.158.160.0/19
IP: 211.144.64.0/19
IP: 211.154.64.0/19
IP: 211.167.96.0/19
IP: 218.242.0.0/16
IP: 219.233.0.0/16
IP: 220.232.64.0/18
IP: 220.234.0.0/16
IP: 221.137.0.0/16
IP: 223.248.0.0/14
IP: 2400:6600::/32
IP: 2401:800::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52821 (0xce55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:14:04 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:52:8f:5f:ff:34:8c:db:a9:1c:83:0f:8c:
93:e3:34:9d:17:3a:f1:6a:36:2c:42:e3:92:44:50:
ed:58:4c:22:7b:d7:2d:f9:e5:d6:f9:d2:69:4c:0a:
99:81:5b:5e:7c:b3:58:3c:6d:2d:e0:b8:1e:dd:1a:
93:04:b0:4b:78:74:1f:95:cf:86:d1:d1:3d:32:dc:
11:39:12:b9:6f:6e:70:18:fc:9e:a3:01:1f:44:a8:
ab:27:1a:18:bb:b1:41:d7:8f:06:71:37:7f:9f:7c:
80:78:1f:7b:ee:28:85:0e:a3:47:a1:3c:8c:00:43:
b6:e4:0b:58:2e:ce:22:33:6a:a9:f5:25:dc:14:d8:
04:7b:8a:e3:90:36:b1:e6:bc:c8:9f:90:b0:09:c9:
e0:a5:98:d1:d8:37:9e:4c:80:6f:b6:08:0c:04:fb:
e9:82:82:41:05:b6:bf:60:bb:26:b4:b0:41:d5:25:
2c:30:8b:e8:fd:db:71:69:e2:9e:e2:cc:38:07:83:
cc:ee:ce:bc:92:74:8a:9f:5d:b1:a5:f6:5b:fe:c9:
4a:ee:a5:8b:66:47:69:47:77:96:7a:61:88:59:a0:
e3:d2:7a:3f:7d:81:9f:6e:a2:00:36:2a:58:2c:ca:
79:1e:ae:b5:1e:60:f6:55:90:e9:f4:57:6a:b2:dd:
c6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9812
23850
sbgp-ipAddrBlock: critical
IPv4:
58.24.0.0/15
60.63.0.0/16
61.87.192.0/18
111.212.0.0/14
114.60.0.0/14
118.132.0.0/14
121.76.0.0/15
124.28.192.0/18
124.151.0.0/16
202.158.160.0/19
211.144.64.0/19
211.154.64.0/19
211.167.96.0/19
218.242.0.0/16
219.233.0.0/16
220.232.64.0/18
220.234.0.0/16
221.137.0.0/16
223.248.0.0/14
IPv6:
2400:6600::/32
2401:800::/32
Signature Algorithm: sha256WithRSAEncryption
89:24:6d:7a:23:08:71:86:08:95:3e:82:d4:9f:cb:90:cf:58:
76:e9:61:f7:65:05:cf:d2:06:fa:32:ee:8c:a8:b9:84:c0:1f:
5f:00:63:68:5c:c6:2b:cf:05:40:ff:80:80:c4:ae:ea:d2:c8:
cb:c0:b6:5c:ec:8c:c6:f6:ec:58:cd:c0:4a:9c:ba:ae:f7:9c:
09:35:cb:1f:2c:f3:8e:f8:f4:4e:5c:e9:ca:fa:9e:47:51:8d:
a6:be:98:47:81:b4:a0:4d:90:b6:8b:90:3c:bc:0f:71:0c:81:
38:69:09:0e:9d:0a:e6:2e:37:0e:2f:d4:56:c6:66:e6:5d:28:
af:29:a4:36:c5:f4:ea:f1:b9:73:f8:fe:7f:b3:7d:15:6f:03:
71:93:95:35:1c:dd:4f:e3:f4:a6:d9:05:c3:f2:e4:8c:e7:4d:
dc:6c:36:7b:b7:eb:10:f7:25:b4:09:d2:b3:e0:95:20:00:9f:
ea:f7:2c:12:e5:0b:c7:1a:6b:81:f9:46:9a:c5:22:61:07:7c:
fd:d8:79:83:4d:da:2c:53:ff:8c:09:ec:73:d0:c4:60:e0:a5:
b0:27:3b:73:5d:44:58:62:8f:c8:f2:ac:18:22:63:0b:69:49:
3c:b9:05:64:49:0c:87:c2:ca:0c:b6:b1:7a:1f:ed:36:07:da:
d4:69:c1:45
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgIDAM5VMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE0MDRaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKERBMURBQkVDRjE5NDVERkY1M0I2MjBFMEI2QzQxMEU5MUU0NDcx
QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLFKPX/80jNupHIMP
jJPjNJ0XOvFqNixC45JEUO1YTCJ71y355db50mlMCpmBW158s1g8bS3guB7dGpME
sEt4dB+Vz4bR0T0y3BE5ErlvbnAY/J6jAR9EqKsnGhi7sUHXjwZxN3+ffIB4H3vu
KIUOo0ehPIwAQ7bkC1guziIzaqn1JdwU2AR7iuOQNrHmvMifkLAJyeClmNHYN55M
gG+2CAwE++mCgkEFtr9guya0sEHVJSwwi+j923Fp4p7izDgHg8zuzrySdIqfXbGl
9lv+yUrupYtmR2lHd5Z6YYhZoOPSej99gZ9uogA2KlgsynkerrUeYPZVkOn0V2qy
3cbLAgMBAAGjggLpMIIC5TAdBgNVHQ4EFgQU2h2r7PGUXf9TtiDgtsQQ6R5EcbEw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzUy
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzUyLzJoMnI3UEdVWGY5VHRpRGd0c1FRNlI1RWNiRS5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHQYI
KwYBBQUHAQgBAf8EDjAMoAowCAICJlQCAl0qMIGXBggrBgEFBQcBBwEB/wSBhzCB
hDBsBAIAATBmAwMBOhgDAwA8PwMEBj1XwAMDAm/UAwMCcjwDAwJ2hAMDAXlMAwQG
fBzAAwMAfJcDBAXKnqADBAXTkEADBAXTmkADBAXTp2ADAwDa8gMDANvpAwQG3OhA
AwMA3OoDAwDdiQMDAt/4MBQEAgACMA4DBQAkAGYAAwUAJAEIADANBgkqhkiG9w0B
AQsFAAOCAQEAiSRteiMIcYYIlT6C1J/LkM9Ydulh92UFz9IG+jLujKi5hMAfXwBj
aFzGK88FQP+AgMSu6tLIy8C2XOyMxvbsWM3ASpy6rvecCTXLHyzzjvj0Tlzpyvqe
R1GNpr6YR4G0oE2QtouQPLwPcQyBOGkJDp0K5i43Di/UVsZm5l0orymkNsX06vG5
c/j+f7N9FW8DcZOVNRzdT+P0ptkFw/LkjOdN3Gw2e7frEPcltAnSs+CVIACf6vcs
EuULxxprgflGmsUiYQd8/dh5g03aLFP/jAnsc9DEYOClsCc7c11EWGKPyPKsGCJj
C2lJPLkFZEkMh8LKDLaxeh/tNgfa1GnBRQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:11:43 2025 by rpki-client