$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6qQFnleNFIT5GmbjAiBd1KoVAA4.cer File: 6qQFnleNFIT5GmbjAiBd1KoVAA4.cer (raw, json) Hash identifier: lsWgEJjLmshWlGJxZIRQQroagrzWHhikxEjKessr7l8= Subject key identifier: EA:A4:05:9E:57:8D:14:84:F9:1A:66:E3:02:20:5D:D4:AA:15:00:0E Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BC29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3293/6qQFnleNFIT5GmbjAiBd1KoVAA4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3293/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:54:26 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 2401:a720::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48169 (0xbc29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:54:26 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EAA4059E578D1484F91A66E302205DD4AA15000E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:30:15:77:ae:30:da:c5:e9:22:79:5e:8f:78: 02:5f:0f:65:54:d6:91:e6:fb:57:a9:e8:6b:3f:51: 9b:9f:b4:c5:92:80:c4:0e:2a:8f:35:c5:b9:78:33: af:87:a7:18:ea:6c:03:79:b0:0d:9d:a4:5e:ac:05: d0:77:74:74:3f:10:de:7d:55:3e:7a:33:66:79:7d: 40:2b:73:a8:73:12:10:fa:34:4f:55:47:98:57:8d: 2a:e3:3e:38:fa:ae:51:9f:c0:9f:37:bf:8b:4a:be: a5:ba:ea:6b:db:88:0a:69:b6:81:5b:f7:f1:55:1a: 76:8c:61:8f:d9:e4:a0:39:c3:17:89:e4:63:c0:c7: 63:85:9a:93:0c:f7:4f:15:f8:35:03:5b:07:30:e5: e9:a9:b1:f6:46:03:c1:35:f6:59:50:88:e5:ae:c5: 72:97:4c:a7:93:0f:09:46:e8:74:b5:f0:22:0d:17: 4f:88:3f:b4:06:ee:d9:51:36:f3:71:97:86:35:02: 07:79:2e:71:3c:20:e9:0d:5e:2c:12:3b:2f:c3:d2: 8f:65:99:99:8b:f3:86:91:9f:68:77:fc:c3:d7:8b: 51:cd:48:ce:d0:3b:90:0c:b2:ce:26:14:fb:19:43: 04:d9:07:cc:81:63:52:36:32:f0:c6:e0:b4:be:65: 52:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:A4:05:9E:57:8D:14:84:F9:1A:66:E3:02:20:5D:D4:AA:15:00:0E X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3293/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3293/6qQFnleNFIT5GmbjAiBd1KoVAA4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:a720::/32 Signature Algorithm: sha256WithRSAEncryption 17:10:98:30:d7:ae:0e:f6:67:88:6b:81:c1:21:b2:a9:c9:d4: 93:7e:8c:09:60:61:70:14:62:21:c5:78:9d:f8:12:da:9d:ea: e6:04:fb:3f:88:b1:3b:c3:a2:38:9f:ee:68:1d:93:88:a5:f3: 0f:c2:90:aa:b2:65:11:cd:84:cb:2b:28:78:e1:de:07:03:84: cc:ab:d4:77:86:d0:81:f4:80:8b:fc:7a:cc:3c:3a:91:73:ad: 2a:66:56:f9:84:97:d3:9f:5c:2e:dc:90:42:b9:73:5d:b8:23: 6d:a9:65:f7:35:b1:49:a8:f2:ab:55:ae:eb:e3:68:2c:b4:a5: f2:57:81:f1:a0:bf:bd:32:e5:76:c5:35:e8:e1:37:b1:65:63: 26:0f:05:51:32:73:00:8d:2a:d8:59:c3:99:fb:47:11:74:c3: 40:00:d3:d4:e6:6d:e3:50:5a:ee:ac:99:14:33:ac:c0:9a:55: 1d:78:63:a7:2c:c4:93:e4:91:da:f9:e9:cb:4a:05:9e:e4:1e: 70:da:77:3c:ce:cf:12:b3:b0:13:ee:f2:33:d8:35:fd:57:02: bf:7e:30:95:64:3b:2b:e2:e4:1d:cc:49:dc:13:e9:e6:95:d5: ce:e4:06:6f:11:61:c1:1e:68:4c:59:af:a4:0e:ae:62:79:22: 3d:5a:89:32 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDALwpMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU0MjZaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKEVBQTQwNTlFNTc4RDE0ODRGOTFBNjZFMzAyMjA1REQ0QUExNTAw MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLMBV3rjDaxekieV6P eAJfD2VU1pHm+1ep6Gs/UZuftMWSgMQOKo81xbl4M6+HpxjqbAN5sA2dpF6sBdB3 dHQ/EN59VT56M2Z5fUArc6hzEhD6NE9VR5hXjSrjPjj6rlGfwJ83v4tKvqW66mvb iApptoFb9/FVGnaMYY/Z5KA5wxeJ5GPAx2OFmpMM908V+DUDWwcw5empsfZGA8E1 9llQiOWuxXKXTKeTDwlG6HS18CINF0+IP7QG7tlRNvNxl4Y1Agd5LnE8IOkNXiwS Oy/D0o9lmZmL84aRn2h3/MPXi1HNSM7QO5AMss4mFPsZQwTZB8yBY1I2MvDG4LS+ ZVKrAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQU6qQFnleNFIT5GmbjAiBd1KoVAA4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy OTMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI5My82cVFGbmxlTkZJVDVHbWJqQWlCZDFLb1ZBQTQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGnIDANBgkqhkiG9w0BAQsF AAOCAQEAFxCYMNeuDvZniGuBwSGyqcnUk36MCWBhcBRiIcV4nfgS2p3q5gT7P4ix O8OiOJ/uaB2TiKXzD8KQqrJlEc2EyysoeOHeBwOEzKvUd4bQgfSAi/x6zDw6kXOt KmZW+YSX059cLtyQQrlzXbgjball9zWxSajyq1Wu6+NoLLSl8leB8aC/vTLldsU1 6OE3sWVjJg8FUTJzAI0q2FnDmftHEXTDQADT1OZt41Ba7qyZFDOswJpVHXhjpyzE k+SR2vnpy0oFnuQecNp3PM7PErOwE+7yM9g1/VcCv34wlWQ7K+LkHcxJ3BPp5pXV zuQGbxFhwR5oTFmvpA6uYnkiPVqJMg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:23 2024 by rpki-client on console-fra.rpki-client.org