$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/406o9-mW0qoqsVi7lztBbAR30cw.cer File: 406o9-mW0qoqsVi7lztBbAR30cw.cer (raw, json) Hash identifier: O/wwcmIATndF56wCeADNVybrmP0aw4i3Znvxf3uaD6Y= Subject key identifier: E3:4E:A8:F7:E9:96:D2:AA:2A:B1:58:BB:97:3B:41:6C:04:77:D1:CC Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: C04D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/406o9-mW0qoqsVi7lztBbAR30cw.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 15 Nov 2024 11:27:11 +0000 Certificate not after: Sat 15 Nov 2025 07:00:21 +0000 Subordinate resources: AS: 146800 IP: 2401:d7e0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49229 (0xc04d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Nov 15 11:27:11 2024 GMT Not After : Nov 15 07:00:21 2025 GMT Subject: CN=E34EA8F7E996D2AA2AB158BB973B416C0477D1CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:34:9a:d4:a1:69:4a:41:1f:53:e8:0d:97:ba: ef:76:7b:a8:d3:cb:6e:53:c1:26:a0:c7:20:65:cb: 86:17:e0:05:07:04:86:cd:51:c6:ae:0d:9b:5f:7a: 6c:50:bf:85:c1:d0:8c:47:42:36:e5:b2:7c:f1:1f: 0d:51:37:6c:86:6e:9e:56:ac:8f:ae:e1:8b:e2:b4: fc:68:cb:da:79:ab:22:54:78:d9:dc:52:a7:bc:d4: 19:c9:cb:a2:a6:6d:9a:32:e4:5c:b2:7a:4b:38:f0: 07:aa:2b:16:ff:b5:c9:40:ff:e0:01:a9:3a:1e:7c: da:1c:2b:1a:e1:fd:ab:a0:b3:89:8e:2e:db:cb:c1: a8:b9:65:47:12:26:64:f3:b1:d3:63:84:1f:ee:98: 3c:a7:09:a4:6d:df:7b:7b:e7:28:30:88:d2:c8:b9: 0e:c8:5f:1c:33:b8:7c:8d:78:8b:fb:64:43:0e:f5: 0f:ee:e2:e9:ae:6d:e1:e9:4a:47:93:74:62:5e:26: 9b:f1:f9:95:4d:90:93:c1:8b:8f:9b:dd:95:74:c4: 42:b8:fc:8e:33:e3:b6:be:f6:32:d7:c2:df:91:60: d7:b9:29:9c:48:35:a3:21:d9:6d:c5:83:6d:0b:73: 57:95:b6:3a:01:1d:ff:a9:5a:1a:df:23:3a:5d:5e: 4c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:4E:A8:F7:E9:96:D2:AA:2A:B1:58:BB:97:3B:41:6C:04:77:D1:CC X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/406o9-mW0qoqsVi7lztBbAR30cw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 146800 sbgp-ipAddrBlock: critical IPv6: 2401:d7e0::/32 Signature Algorithm: sha256WithRSAEncryption 2d:d6:c0:b7:9b:d9:a1:76:0c:9b:5e:39:59:da:46:18:ec:e9: d5:45:bf:9f:4a:cc:5c:c2:3f:cc:28:06:fb:6c:8e:56:b1:d3: 5b:6c:6d:04:e6:6a:59:74:c6:9c:fd:cf:08:b4:32:8b:26:00: 21:f9:12:54:4a:39:9d:a0:0b:6b:cf:20:45:4c:fc:57:42:d0: 96:90:9e:76:d6:c0:ae:14:32:fd:cd:d5:6a:9c:14:24:20:df: df:31:01:7e:d5:04:71:a1:00:5b:1f:4d:1c:3a:01:e5:96:cd: 8d:22:68:16:fc:49:65:c1:2f:7f:aa:07:c2:6e:fc:17:e5:8c: e6:a9:e1:de:41:69:1d:76:a2:3f:b9:be:2c:8b:d0:9e:2d:78: 11:72:71:74:dc:a1:f6:6c:43:00:fb:5a:2d:18:7f:73:03:4d: c4:b1:e0:de:42:dd:d9:11:81:39:f6:87:d2:96:72:79:1e:a2: 02:14:66:21:5e:34:13:5e:63:87:cb:da:86:74:a8:f6:66:ea: bf:ac:93:79:77:bc:f3:b7:e9:0e:01:ac:9f:25:75:b2:5f:3b: 72:fc:a4:74:e7:35:71:a8:33:db:8b:e9:0d:33:01:48:c1:02: f3:8c:84:87:cc:a4:3c:8e:71:56:27:ac:64:b6:2a:b8:0f:1f: 23:68:8e:09 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAMBNMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDExMTUxMTI3MTFaFw0yNTExMTUwNzAwMjFaMDMx MTAvBgNVBAMTKEUzNEVBOEY3RTk5NkQyQUEyQUIxNThCQjk3M0I0MTZDMDQ3N0Qx Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRNJrUoWlKQR9T6A2X uu92e6jTy25TwSagxyBly4YX4AUHBIbNUcauDZtfemxQv4XB0IxHQjblsnzxHw1R N2yGbp5WrI+u4YvitPxoy9p5qyJUeNncUqe81BnJy6KmbZoy5Fyyeks48AeqKxb/ tclA/+ABqToefNocKxrh/augs4mOLtvLwai5ZUcSJmTzsdNjhB/umDynCaRt33t7 5ygwiNLIuQ7IXxwzuHyNeIv7ZEMO9Q/u4umubeHpSkeTdGJeJpvx+ZVNkJPBi4+b 3ZV0xEK4/I4z47a+9jLXwt+RYNe5KZxINaMh2W3Fg20Lc1eVtjoBHf+pWhrfIzpd XkwvAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQU406o9+mW0qoqsVi7lztBbAR30cww HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MjgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMyOC80MDZvOS1tVzBxb3FzVmk3bHp0QmJBUjMwY3cubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwI9cDAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQB1+AwDQYJKoZIhvcNAQELBQADggEBAC3WwLeb2aF2DJteOVna Rhjs6dVFv59KzFzCP8woBvtsjlax01tsbQTmall0xpz9zwi0MosmACH5ElRKOZ2g C2vPIEVM/FdC0JaQnnbWwK4UMv3N1WqcFCQg398xAX7VBHGhAFsfTRw6AeWWzY0i aBb8SWXBL3+qB8Ju/BfljOap4d5BaR12oj+5viyL0J4teBFycXTcofZsQwD7Wi0Y f3MDTcSx4N5C3dkRgTn2h9KWcnkeogIUZiFeNBNeY4fL2oZ0qPZm6r+sk3l3vPO3 6Q4BrJ8ldbJfO3L8pHTnNXGoM9uL6Q0zAUjBAvOMhIfMpDyOcVYnrGS2KrgPHyNo jgk= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:20 2024 by rpki-client on console-fra.rpki-client.org