Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3rMZTsQ4n1H6jsKq0pzBMaQEcdk.cer
File: 3rMZTsQ4n1H6jsKq0pzBMaQEcdk.cer (raw, json)
Hash identifier: DBt0VdWgOS6vWQWM9L/hxXKdKym7dLIDZYNTkz8xd74=
Subject key identifier: DE:B3:19:4E:C4:38:9F:51:FA:8E:C2:AA:D2:9C:C1:31:A4:04:71:D9
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CB1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/3rMZTsQ4n1H6jsKq0pzBMaQEcdk.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 21 Mar 2025 03:11:45 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 151278 -- 151279
IP: 2401:bc60::/31
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51999 (0xcb1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Mar 21 03:11:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DEB3194EC4389F51FA8EC2AAD29CC131A40471D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:48:eb:f3:6c:68:51:9e:e9:d9:11:0d:05:38:
d8:7a:bb:66:92:ed:b7:98:17:58:4e:93:c1:40:e1:
d5:64:6c:a4:3b:ac:a2:b3:eb:f6:cd:42:ff:d4:b0:
b7:fd:e4:2c:bc:00:fa:da:58:d7:29:4d:7f:5b:67:
a9:b6:db:53:5b:14:6e:a2:08:c8:45:ca:b6:ac:4f:
1c:ca:af:cc:90:02:5f:61:d8:0d:2c:a8:33:fd:34:
5e:c3:da:58:e6:81:f6:34:28:a8:cd:63:d6:de:42:
37:2d:15:79:b2:1b:c3:f9:7f:4f:61:fa:db:04:ea:
fe:61:95:1f:d9:cb:6c:da:81:fe:d0:9a:68:f8:25:
99:ad:ae:20:51:e0:7b:90:c5:12:19:00:3c:9a:ac:
e6:43:ea:92:6e:42:97:89:c6:9c:40:d4:79:90:db:
a7:6d:d3:f9:5e:0d:93:06:26:23:ae:3b:cb:7f:ea:
5c:5e:c1:bd:18:ad:ca:0e:10:6c:90:bc:79:a4:19:
be:ce:93:8c:e5:4c:31:6d:74:74:4c:0e:e3:ee:29:
08:c0:32:d7:7f:b9:a7:81:ab:3c:39:b9:a7:65:a4:
dd:c8:ce:a1:dd:27:60:24:b4:97:8a:ee:64:33:23:
39:33:2b:79:b8:1f:3e:42:24:92:10:2e:db:58:89:
fb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B3:19:4E:C4:38:9F:51:FA:8E:C2:AA:D2:9C:C1:31:A4:04:71:D9
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/3rMZTsQ4n1H6jsKq0pzBMaQEcdk.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
151278-151279
sbgp-ipAddrBlock: critical
IPv6:
2401:bc60::/31
Signature Algorithm: sha256WithRSAEncryption
5b:f7:4d:43:9e:ac:3d:e1:20:73:b0:11:69:51:15:d6:73:60:
58:46:78:47:50:cf:c9:7c:8c:d9:95:df:76:35:fb:86:4d:2e:
87:b2:35:1a:45:84:da:67:e2:6a:2a:d4:33:68:2c:0a:e9:2c:
7b:21:55:3f:01:4e:fe:e8:cd:55:ee:4a:1e:9a:73:fd:92:74:
62:42:f7:a1:ea:98:a1:e7:b7:ce:07:65:8e:eb:aa:42:fe:7f:
be:8a:3e:e0:3b:31:cb:8c:59:03:64:cc:fc:eb:40:0f:b6:34:
f7:a1:18:96:96:35:35:82:86:a7:e2:ed:27:9e:c5:d9:b4:25:
f5:3e:a2:d1:23:9d:57:5c:2c:59:1a:5a:bc:23:f9:a4:5c:30:
aa:0b:db:d7:fc:e8:9f:c4:03:49:bc:92:22:77:6e:ea:4f:e9:
2b:ea:2b:2b:5a:eb:87:d3:cd:1d:8e:d3:a4:09:42:20:06:dc:
40:71:92:c4:38:09:12:07:64:d9:f9:50:fb:2d:6f:2f:d6:2a:
8b:d2:c7:97:92:c3:95:18:17:33:50:8b:b1:16:36:45:15:6e:
82:05:7e:96:3b:c2:0f:b1:35:0e:3e:e4:05:6c:fb:ae:18:4b:
3c:ea:7e:72:7b:01:1a:be:12:f4:08:6e:e4:f1:02:51:23:8c:
b5:f8:19:b4
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDAMsfMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTAzMjEwMzExNDVaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKERFQjMxOTRFQzQzODlGNTFGQThFQzJBQUQyOUNDMTMxQTQwNDcx
RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRSOvzbGhRnunZEQ0F
ONh6u2aS7beYF1hOk8FA4dVkbKQ7rKKz6/bNQv/UsLf95Cy8APraWNcpTX9bZ6m2
21NbFG6iCMhFyrasTxzKr8yQAl9h2A0sqDP9NF7D2ljmgfY0KKjNY9beQjctFXmy
G8P5f09h+tsE6v5hlR/Zy2zagf7Qmmj4JZmtriBR4HuQxRIZADyarOZD6pJuQpeJ
xpxA1HmQ26dt0/leDZMGJiOuO8t/6lxewb0YrcoOEGyQvHmkGb7Ok4zlTDFtdHRM
DuPuKQjAMtd/uaeBqzw5uadlpN3IzqHdJ2AktJeK7mQzIzkzK3m4Hz5CJJIQLttY
ifsjAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQU3rMZTsQ4n1H6jsKq0pzBMaQEcdkw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz
MDgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzMwOC8zck1aVHNRNG4xSDZqc0txMHB6Qk1hUUVjZGsubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAk7uAgMCTu8wIAYIKwYBBQUHAQcB
Af8EETAPMA0EAgACMAcDBQEkAbxgMA0GCSqGSIb3DQEBCwUAA4IBAQBb901Dnqw9
4SBzsBFpURXWc2BYRnhHUM/JfIzZld92NfuGTS6HsjUaRYTaZ+JqKtQzaCwK6Sx7
IVU/AU7+6M1V7koemnP9knRiQveh6pih57fOB2WO66pC/n++ij7gOzHLjFkDZMz8
60APtjT3oRiWljU1goan4u0nnsXZtCX1PqLRI51XXCxZGlq8I/mkXDCqC9vX/Oif
xANJvJIid27qT+kr6isrWuuH080djtOkCUIgBtxAcZLEOAkSB2TZ+VD7LW8v1iqL
0seXksOVGBczUIuxFjZFFW6CBX6WO8IPsTUOPuQFbPuuGEs86n5yewEavhL0CG7k
8QJRI4y1+Bm0
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:22:04 2025 by rpki-client