Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer
File: 7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer (raw, json)
Hash identifier: WnLVelhHTH/IBEWne4J1vYC5ECEjE9NeaV0SEbHre3I=
Subject key identifier: EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CE5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:14:14 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 17969
AS: 38355
IP: 27.144.0.0/16
IP: 42.50.0.0/16
IP: 42.123.128.0/17
IP: 117.59.0.0/16
IP: 125.62.0.0/18
IP: 203.161.192.0/19
IP: 218.244.0.0/19
IP: 2401:7e00::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52831 (0xce5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:14:14 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ee:9f:fd:da:10:f7:6d:27:21:df:15:34:f2:
de:c3:b8:e0:8a:89:52:b1:b3:aa:ba:0b:81:9b:98:
c6:2c:62:de:05:67:72:19:48:f1:10:37:0f:7a:ce:
69:62:72:4a:f2:18:7d:b0:f1:f9:39:53:22:59:6f:
31:97:ce:72:e5:7a:36:5c:53:0c:d1:95:f9:0a:f0:
dc:b1:d2:d5:b0:43:b1:fb:e2:6f:92:6e:a4:fd:5c:
7b:80:e4:5e:89:d2:b6:a1:93:d1:5b:56:f3:99:ee:
98:2f:f4:db:55:1d:39:f8:10:57:9f:8b:74:a8:e0:
66:45:c3:3a:ff:a4:79:b5:68:77:17:c5:4a:77:8a:
92:69:f3:f5:71:47:c3:88:50:c6:26:66:04:1f:4a:
4a:c0:43:06:3e:f0:73:af:9a:af:39:e0:c2:b4:64:
75:46:db:f5:21:10:a3:62:4a:c1:d3:2b:b1:67:e7:
f2:69:da:dd:fd:cf:bf:ec:82:cc:9b:fd:77:1e:0a:
60:ba:7e:ec:c1:5e:52:65:5f:78:67:cb:82:0c:7e:
b8:5b:95:10:b3:fa:c8:4f:68:6d:44:da:6e:9c:d3:
fe:37:2b:52:05:d4:dc:2d:1b:fd:83:ee:dd:f2:7c:
43:8b:94:87:3b:ca:b1:bd:88:30:2c:35:c3:0e:68:
62:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17969
38355
sbgp-ipAddrBlock: critical
IPv4:
27.144.0.0/16
42.50.0.0/16
42.123.128.0/17
117.59.0.0/16
125.62.0.0/18
203.161.192.0/19
218.244.0.0/19
IPv6:
2401:7e00::/32
Signature Algorithm: sha256WithRSAEncryption
95:f1:58:41:cb:f1:dd:b9:14:19:a4:2b:23:bf:30:10:df:86:
e6:c3:75:5e:b9:f0:3e:a9:69:af:4f:31:ae:cf:13:40:9d:a4:
82:64:72:ef:4c:c7:23:56:8a:08:7a:14:22:46:7d:d0:25:6c:
5a:d5:20:51:8b:21:6c:bc:68:41:e0:9f:5f:39:4e:2d:95:ac:
4f:14:96:51:8a:9f:61:e8:69:d5:7a:85:64:2d:85:81:b4:dd:
44:ac:ee:78:e5:d0:bb:76:b1:c5:55:db:ee:d0:c4:23:9d:92:
8f:02:7e:d5:b3:a9:42:6a:62:eb:fc:32:d5:3c:e3:c5:6e:d2:
eb:55:7b:43:6d:4f:f5:65:0c:d0:a3:41:9b:16:e3:81:98:b3:
b5:b4:ff:9f:e3:6a:7a:4a:88:e5:e7:98:9f:db:69:c4:81:46:
8e:7f:d5:10:19:a5:f5:08:d4:32:cf:93:ae:d1:65:20:3a:d6:
6c:71:f3:f1:36:48:a3:0b:ef:99:4e:54:ca:cb:d2:68:ae:d6:
95:55:eb:23:af:93:c3:49:e7:48:9e:36:c3:db:99:14:ea:b1:
59:ba:fd:59:76:a3:12:e2:e6:13:49:d6:bb:53:30:ca:bb:d0:
c5:f7:12:2d:dc:85:dc:ac:4a:dc:63:88:9e:03:60:73:e2:8e:
69:aa:11:18
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAM5fMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE0MTRaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKEVDQjI3M0IwOTc5OTdDMDJCNEY1MkU1QzFCQjRGRUZFNjY3OTc4
NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS7p/92hD3bSch3xU0
8t7DuOCKiVKxs6q6C4GbmMYsYt4FZ3IZSPEQNw96zmlickryGH2w8fk5UyJZbzGX
znLlejZcUwzRlfkK8Nyx0tWwQ7H74m+SbqT9XHuA5F6J0rahk9FbVvOZ7pgv9NtV
HTn4EFefi3So4GZFwzr/pHm1aHcXxUp3ipJp8/VxR8OIUMYmZgQfSkrAQwY+8HOv
mq854MK0ZHVG2/UhEKNiSsHTK7Fn5/Jp2t39z7/sgsyb/XceCmC6fuzBXlJlX3hn
y4IMfrhblRCz+shPaG1E2m6c0/43K1IF1NwtG/2D7t3yfEOLlIc7yrG9iDAsNcMO
aGLxAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQU7LJzsJeZfAK09S5cG7T+/mZ5eFAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIy
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzIyLzdMSnpzSmVaZkFLMDlTNWNHN1QtX21aNWVGQS5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHgYI
KwYBBQUHAQgBAf8EDzANoAswCQICRjECAwCV0zBPBggrBgEFBQcBBwEB/wRAMD4w
LQQCAAEwJwMDABuQAwMAKjIDBAcqe4ADAwB1OwMEBn0+AAMEBcuhwAMEBdr0ADAN
BAIAAjAHAwUAJAF+ADANBgkqhkiG9w0BAQsFAAOCAQEAlfFYQcvx3bkUGaQrI78w
EN+G5sN1XrnwPqlpr08xrs8TQJ2kgmRy70zHI1aKCHoUIkZ90CVsWtUgUYshbLxo
QeCfXzlOLZWsTxSWUYqfYehp1XqFZC2FgbTdRKzueOXQu3axxVXb7tDEI52SjwJ+
1bOpQmpi6/wy1TzjxW7S61V7Q21P9WUM0KNBmxbjgZiztbT/n+NqekqI5eeYn9tp
xIFGjn/VEBml9QjUMs+TrtFlIDrWbHHz8TZIowvvmU5UysvSaK7WlVXrI6+Tw0nn
SJ42w9uZFOqxWbr9WXajEuLmE0nWu1MwyrvQxfcSLdyF3KxK3GOIngNgc+KOaaoR
GA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:14:45 2025 by rpki-client