$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3rMZTsQ4n1H6jsKq0pzBMaQEcdk.cer File: 3rMZTsQ4n1H6jsKq0pzBMaQEcdk.cer (raw, json) Hash identifier: j97YjpLew6wdDOUshcYBrk7hfgBc2LtzCi2QUNmDlfI= Subject key identifier: DE:B3:19:4E:C4:38:9F:51:FA:8E:C2:AA:D2:9C:C1:31:A4:04:71:D9 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BB39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/3rMZTsQ4n1H6jsKq0pzBMaQEcdk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:50:40 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: AS: 151278 -- 151279 IP: 2401:bc60::/31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47929 (0xbb39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:50:40 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DEB3194EC4389F51FA8EC2AAD29CC131A40471D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:48:eb:f3:6c:68:51:9e:e9:d9:11:0d:05:38: d8:7a:bb:66:92:ed:b7:98:17:58:4e:93:c1:40:e1: d5:64:6c:a4:3b:ac:a2:b3:eb:f6:cd:42:ff:d4:b0: b7:fd:e4:2c:bc:00:fa:da:58:d7:29:4d:7f:5b:67: a9:b6:db:53:5b:14:6e:a2:08:c8:45:ca:b6:ac:4f: 1c:ca:af:cc:90:02:5f:61:d8:0d:2c:a8:33:fd:34: 5e:c3:da:58:e6:81:f6:34:28:a8:cd:63:d6:de:42: 37:2d:15:79:b2:1b:c3:f9:7f:4f:61:fa:db:04:ea: fe:61:95:1f:d9:cb:6c:da:81:fe:d0:9a:68:f8:25: 99:ad:ae:20:51:e0:7b:90:c5:12:19:00:3c:9a:ac: e6:43:ea:92:6e:42:97:89:c6:9c:40:d4:79:90:db: a7:6d:d3:f9:5e:0d:93:06:26:23:ae:3b:cb:7f:ea: 5c:5e:c1:bd:18:ad:ca:0e:10:6c:90:bc:79:a4:19: be:ce:93:8c:e5:4c:31:6d:74:74:4c:0e:e3:ee:29: 08:c0:32:d7:7f:b9:a7:81:ab:3c:39:b9:a7:65:a4: dd:c8:ce:a1:dd:27:60:24:b4:97:8a:ee:64:33:23: 39:33:2b:79:b8:1f:3e:42:24:92:10:2e:db:58:89: fb:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:B3:19:4E:C4:38:9F:51:FA:8E:C2:AA:D2:9C:C1:31:A4:04:71:D9 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3308/3rMZTsQ4n1H6jsKq0pzBMaQEcdk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151278-151279 sbgp-ipAddrBlock: critical IPv6: 2401:bc60::/31 Signature Algorithm: sha256WithRSAEncryption ad:55:87:68:27:c9:ca:08:d8:bf:be:b1:81:5c:7a:b5:5d:29: d2:52:5f:f7:06:cc:af:74:54:79:4f:ab:42:59:b0:91:a7:bf: ff:7b:eb:89:e8:f3:66:19:6c:a3:c3:f6:45:61:c9:b6:f6:89: 65:f3:0e:1f:2d:ef:2c:3d:49:66:4f:40:5b:69:15:f3:b9:bc: 52:db:2d:4c:36:08:f2:b1:2c:07:29:cf:e2:c6:5f:ab:9e:9a: 04:0b:c7:cc:e3:1d:ad:03:d7:fb:22:9a:82:2b:aa:37:29:07: 08:e9:db:17:2d:cc:3b:98:88:eb:8f:a5:01:9a:72:ae:3e:9e: 72:03:39:a6:b7:24:c7:6b:7a:55:cc:61:4c:31:41:1a:f4:30: 14:f5:60:94:29:72:e9:c9:a9:9b:42:4f:ac:d6:2b:3f:e5:0f: 6b:8f:34:60:8a:a2:d3:96:72:24:41:73:36:93:3c:70:38:d0: 18:7f:d9:b4:e9:ec:64:dc:eb:be:99:2f:62:a9:88:9b:79:06: 72:cc:d3:77:f3:90:85:4a:b0:0b:b1:8a:8f:cd:cd:ed:bf:28: a7:4d:33:17:d3:aa:e5:01:f5:e4:43:cf:40:28:10:67:6a:40: d3:90:d7:c4:1f:3b:53:1f:ea:6a:88:f6:95:57:44:fb:d3:f1: e4:fe:cf:8d -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgIDALs5MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUwNDBaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKERFQjMxOTRFQzQzODlGNTFGQThFQzJBQUQyOUNDMTMxQTQwNDcx RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRSOvzbGhRnunZEQ0F ONh6u2aS7beYF1hOk8FA4dVkbKQ7rKKz6/bNQv/UsLf95Cy8APraWNcpTX9bZ6m2 21NbFG6iCMhFyrasTxzKr8yQAl9h2A0sqDP9NF7D2ljmgfY0KKjNY9beQjctFXmy G8P5f09h+tsE6v5hlR/Zy2zagf7Qmmj4JZmtriBR4HuQxRIZADyarOZD6pJuQpeJ xpxA1HmQ26dt0/leDZMGJiOuO8t/6lxewb0YrcoOEGyQvHmkGb7Ok4zlTDFtdHRM DuPuKQjAMtd/uaeBqzw5uadlpN3IzqHdJ2AktJeK7mQzIzkzK3m4Hz5CJJIQLttY ifsjAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQU3rMZTsQ4n1H6jsKq0pzBMaQEcdkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MDgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMwOC8zck1aVHNRNG4xSDZqc0txMHB6Qk1hUUVjZGsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAk7uAgMCTu8wIAYIKwYBBQUHAQcB Af8EETAPMA0EAgACMAcDBQEkAbxgMA0GCSqGSIb3DQEBCwUAA4IBAQCtVYdoJ8nK CNi/vrGBXHq1XSnSUl/3BsyvdFR5T6tCWbCRp7//e+uJ6PNmGWyjw/ZFYcm29oll 8w4fLe8sPUlmT0BbaRXzubxS2y1MNgjysSwHKc/ixl+rnpoEC8fM4x2tA9f7IpqC K6o3KQcI6dsXLcw7mIjrj6UBmnKuPp5yAzmmtyTHa3pVzGFMMUEa9DAU9WCUKXLp yambQk+s1is/5Q9rjzRgiqLTlnIkQXM2kzxwONAYf9m06exk3Ou+mS9iqYibeQZy zNN385CFSrALsYqPzc3tvyinTTMX06rlAfXkQ89AKBBnakDTkNfEHztTH+pqiPaV V0T70/Hk/s+N -----END CERTIFICATE-----Generated at Fri Nov 22 09:42:24 2024 by rpki-client on console-ams.rpki-client.org