Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/94vx0ILraGpYQf5xsAL3zXu4b3U.cer
File: 94vx0ILraGpYQf5xsAL3zXu4b3U.cer (raw, json)
Hash identifier: yf0ufY5fN0CvA9toPSy+FhFnfR0kwrctd+8Zjt+i+1E=
Subject key identifier: F7:8B:F1:D0:82:EB:68:6A:58:41:FE:71:B0:02:F7:CD:7B:B8:6F:75
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: B1FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/94vx0ILraGpYQf5xsAL3zXu4b3U.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 26 Apr 2024 06:23:15 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 24403 -- 24404
AS: 37967
AS: 38339
AS: 38353
AS: 45099 -- 45100
IP: 42.51.0.0/16
IP: 49.4.132.0 -- 49.5.255.255
IP: 58.99.128.0/17
IP: 61.4.82.0/23
IP: 101.36.128.0/17
IP: 106.2.160.0 -- 106.2.255.255
IP: 106.3.32.0 -- 106.3.79.255
IP: 106.3.84.0/22
IP: 106.3.160.0/20
IP: 106.3.208.0 -- 106.3.255.255
IP: 110.173.0.0/21
IP: 110.232.32.0/19
IP: 114.64.0.0 -- 114.66.63.255
IP: 114.66.82.0 -- 114.66.127.255
IP: 114.112.6.0 -- 114.112.13.255
IP: 114.112.16.0/21
IP: 114.112.32.0 -- 114.112.95.255
IP: 114.112.108.0 -- 114.112.135.255
IP: 114.112.152.0 -- 114.112.199.255
IP: 114.112.224.0 -- 114.113.195.255
IP: 114.113.204.0/22
IP: 114.113.216.0/21
IP: 114.113.240.0/20
IP: 115.100.0.0/15
IP: 115.103.0.0/16
IP: 116.69.0.0/17
IP: 116.70.0.0/18
IP: 116.90.80.0/20
IP: 116.196.16.0 -- 116.196.63.255
IP: 116.255.128.0/17
IP: 119.40.0.0/18
IP: 119.57.0.0/16
IP: 119.63.32.0/19
IP: 121.52.208.0/20
IP: 121.58.144.0/20
IP: 121.79.128.0/18
IP: 121.101.208.0/20
IP: 121.201.0.0/17
IP: 122.14.192.0/18
IP: 122.49.0.0/18
IP: 122.102.0.0/20
IP: 122.112.0.0/19
IP: 122.112.64.0/18
IP: 122.115.16.0/20
IP: 122.115.64.0 -- 122.115.223.255
IP: 122.115.240.0/20
IP: 122.198.64.0/22
IP: 122.200.96.0/19
IP: 123.58.96.0/19
IP: 123.108.208.0/20
IP: 124.248.32.0/19
IP: 125.61.128.0/17
IP: 175.26.0.0/16
IP: 180.186.0.0/16
IP: 182.50.0.0/22
IP: 203.80.144.0/20
IP: 203.135.160.0/20
IP: 203.171.224.0/20
IP: 203.191.16.0/20
IP: 210.2.16.0/21
IP: 210.14.128.0/19
IP: 210.56.192.0/19
IP: 210.74.0.0/19
IP: 211.100.96.0/19
IP: 211.102.192.0/20
IP: 218.241.0.0/19
IP: 218.241.64.0/19
IP: 218.245.0.0 -- 218.245.47.255
IP: 219.232.224.0/19
IP: 223.252.128.0/18
IP: 223.252.224.0/19
IP: 2401:e00::/32
IP: 2401:ba00::/32
IP: 2401:be00::/32
IP: 2401:c200::/32
IP: 2401:c600::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 May 2024 00:56:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45565 (0xb1fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Apr 26 06:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F78BF1D082EB686A5841FE71B002F7CD7BB86F75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ad:2a:7b:62:3e:31:b1:5d:3f:c1:aa:f0:dc:
94:70:30:18:53:7d:55:31:d2:75:74:c6:f7:10:8a:
3a:35:6a:d1:a5:90:56:58:1e:45:6d:88:4c:80:79:
3e:7b:dd:86:89:36:b0:7f:76:b9:1f:61:1d:f7:b1:
dd:62:cd:04:66:7d:33:76:1d:61:df:b3:aa:f6:fe:
39:a5:0d:9b:db:ee:bd:a8:78:2a:bd:50:35:68:65:
ed:b0:2b:67:3d:27:91:02:b8:c0:fb:e3:25:e5:a9:
b6:5c:d1:be:e2:55:6e:fc:c3:58:20:6a:c2:59:5a:
c8:69:2b:a2:e8:16:d1:17:c9:4a:4f:d0:ff:a6:2a:
1e:41:7a:e5:d0:e0:e0:ef:f7:aa:02:d8:56:1b:96:
98:a9:c1:0b:5e:05:4f:fe:f2:5c:3f:e2:4c:a3:0f:
b5:20:08:3e:e0:c6:f4:f2:52:3b:e0:70:21:99:8e:
9e:14:f1:6c:e8:74:84:50:c5:8a:9e:15:c3:04:34:
ac:ba:d9:8e:8e:8f:c1:0e:d3:45:b1:57:62:6e:2e:
98:d9:68:ef:19:32:b4:a4:39:f2:ce:0d:0d:7e:9c:
27:f5:f8:e9:f0:91:cb:b2:e6:85:73:cf:97:2e:a8:
6a:41:a8:27:40:d4:f5:45:9e:13:ee:1d:51:89:e9:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8B:F1:D0:82:EB:68:6A:58:41:FE:71:B0:02:F7:CD:7B:B8:6F:75
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/94vx0ILraGpYQf5xsAL3zXu4b3U.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24403-24404
37967
38339
38353
45099-45100
sbgp-ipAddrBlock: critical
IPv4:
42.51.0.0/16
49.4.132.0-49.5.255.255
58.99.128.0/17
61.4.82.0/23
101.36.128.0/17
106.2.160.0-106.2.255.255
106.3.32.0-106.3.79.255
106.3.84.0/22
106.3.160.0/20
106.3.208.0-106.3.255.255
110.173.0.0/21
110.232.32.0/19
114.64.0.0-114.66.63.255
114.66.82.0-114.66.127.255
114.112.6.0-114.112.13.255
114.112.16.0/21
114.112.32.0-114.112.95.255
114.112.108.0-114.112.135.255
114.112.152.0-114.112.199.255
114.112.224.0-114.113.195.255
114.113.204.0/22
114.113.216.0/21
114.113.240.0/20
115.100.0.0/15
115.103.0.0/16
116.69.0.0/17
116.70.0.0/18
116.90.80.0/20
116.196.16.0-116.196.63.255
116.255.128.0/17
119.40.0.0/18
119.57.0.0/16
119.63.32.0/19
121.52.208.0/20
121.58.144.0/20
121.79.128.0/18
121.101.208.0/20
121.201.0.0/17
122.14.192.0/18
122.49.0.0/18
122.102.0.0/20
122.112.0.0/19
122.112.64.0/18
122.115.16.0/20
122.115.64.0-122.115.223.255
122.115.240.0/20
122.198.64.0/22
122.200.96.0/19
123.58.96.0/19
123.108.208.0/20
124.248.32.0/19
125.61.128.0/17
175.26.0.0/16
180.186.0.0/16
182.50.0.0/22
203.80.144.0/20
203.135.160.0/20
203.171.224.0/20
203.191.16.0/20
210.2.16.0/21
210.14.128.0/19
210.56.192.0/19
210.74.0.0/19
211.100.96.0/19
211.102.192.0/20
218.241.0.0/19
218.241.64.0/19
218.245.0.0-218.245.47.255
219.232.224.0/19
223.252.128.0/18
223.252.224.0/19
IPv6:
2401:e00::/32
2401:ba00::/32
2401:be00::/32
2401:c200::/32
2401:c600::/32
Signature Algorithm: sha256WithRSAEncryption
89:8a:31:ec:1b:4c:5c:fd:6f:bc:a1:8a:46:7a:24:64:d5:e4:
fa:79:07:b0:bd:ed:fb:a9:19:cb:ab:1a:74:9b:d9:bd:b6:82:
5a:20:46:c8:eb:d4:03:47:73:6a:ee:1d:55:56:01:7d:3e:fe:
64:d8:5c:c0:90:ca:8b:b3:f5:4b:c4:7c:a1:41:f1:16:01:fa:
77:53:a3:03:df:be:6b:34:d9:70:91:8f:72:5e:ab:bd:ae:f8:
8d:04:64:2b:7d:84:a7:64:d5:f5:68:09:75:29:88:b6:7d:c1:
90:2d:6e:48:89:e2:11:96:3d:77:a7:13:36:cf:4b:37:f6:8f:
10:c0:c1:a9:cf:54:7c:d1:eb:a9:9e:22:c7:d1:29:9b:25:96:
ca:bb:64:3a:96:81:76:41:18:1d:ef:64:e8:53:fe:c0:2c:9b:
c4:fd:50:ed:c1:5b:a4:f8:7e:2e:15:cb:31:4c:ce:fb:4b:ac:
3e:ee:b5:bc:02:7f:69:a1:7d:ad:8a:95:78:c5:52:30:49:23:
e4:06:20:ce:47:0f:f9:8b:8b:aa:95:9a:ad:dc:37:30:90:cd:
99:e6:cb:a0:a0:76:98:a4:d7:c9:25:23:3d:62:f2:8c:8d:56:
0c:33:f4:7b:c7:54:4a:cc:ea:54:4c:89:21:e5:51:c4:ef:ad:
cc:d4:3b:78
-----BEGIN CERTIFICATE-----
MIIHyTCCBrGgAwIBAgIDALH9MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA0MjYwNjIzMTVaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKEY3OEJGMUQwODJFQjY4NkE1ODQxRkU3MUIwMDJGN0NEN0JCODZG
NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDarSp7Yj4xsV0/warw
3JRwMBhTfVUx0nV0xvcQijo1atGlkFZYHkVtiEyAeT573YaJNrB/drkfYR33sd1i
zQRmfTN2HWHfs6r2/jmlDZvb7r2oeCq9UDVoZe2wK2c9J5ECuMD74yXlqbZc0b7i
VW78w1ggasJZWshpK6LoFtEXyUpP0P+mKh5BeuXQ4ODv96oC2FYblpipwQteBU/+
8lw/4kyjD7UgCD7gxvTyUjvgcCGZjp4U8WzodIRQxYqeFcMENKy62Y6Oj8EO00Wx
V2JuLpjZaO8ZMrSkOfLODQ1+nCf1+Onwkcuy5oVzz5cuqGpBqCdA1PVFnhPuHVGJ
6V69AgMBAAGjggTNMIIEyTAdBgNVHQ4EFgQU94vx0ILraGpYQf5xsAL3zXu4b3Uw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz
My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zMzMvOTR2eDBJTHJhR3BZUWY1eHNBTDN6WHU0YjNVLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA6
BggrBgEFBQcBCAEB/wQrMCmgJzAlMAgCAl9TAgJfVAIDAJRPAgMAlcMCAwCV0TAK
AgMAsCsCAwCwLDCCAlsGCCsGAQUFBwEHAQH/BIICSjCCAkYwggIXBAIAATCCAg8D
AwAqMzALAwQCMQSEAwMBMQQDBAc6Y4ADBAE9BFIDBAdlJIAwCwMEBWoCoAMDAGoC
MAwDBAVqAyADBARqA0ADBAJqA1QDBARqA6AwCwMEBGoD0AMDAmoAAwQDbq0AAwQF
buggMAsDAwZyQAMEBnJCADAMAwQBckJSAwQHckIAMAwDBAFycAYDBAFycAwDBANy
cBAwDAMEBXJwIAMEBXJwQDAMAwQCcnBsAwQDcnCAMAwDBANycJgDBANycMAwDAME
BXJw4AMEAnJxwAMEAnJxzAMEA3Jx2AMEBHJx8AMDAXNkAwMAc2cDBAd0RQADBAZ0
RgADBAR0WlAwDAMEBHTEEAMEBnTEAAMEB3T/gAMEBncoAAMDAHc5AwQFdz8gAwQE
eTTQAwQEeTqQAwQGeU+AAwQEeWXQAwQHeckAAwQGeg7AAwQGejEAAwQEemYAAwQF
enAAAwQGenBAAwQEenMQMAwDBAZ6c0ADBAV6c8ADBAR6c/ADBAJ6xkADBAV6yGAD
BAV7OmADBAR7bNADBAV8+CADBAd9PYADAwCvGgMDALS6AwQCtjIAAwQEy1CQAwQE
y4egAwQEy6vgAwQEy78QAwQD0gIQAwQF0g6AAwQF0jjAAwQF0koAAwQF02RgAwQE
02bAAwQF2vEAAwQF2vFAMAsDAwDa9QMEBNr1IAMEBdvo4AMEBt/8gAMEBd/84DAp
BAIAAjAjAwUAJAEOAAMFACQBugADBQAkAb4AAwUAJAHCAAMFACQBxgAwDQYJKoZI
hvcNAQELBQADggEBAImKMewbTFz9b7yhikZ6JGTV5Pp5B7C97fupGcurGnSb2b22
glogRsjr1ANHc2ruHVVWAX0+/mTYXMCQyouz9UvEfKFB8RYB+ndTowPfvms02XCR
j3Jeq72u+I0EZCt9hKdk1fVoCXUpiLZ9wZAtbkiJ4hGWPXenEzbPSzf2jxDAwanP
VHzR66meIsfRKZsllsq7ZDqWgXZBGB3vZOhT/sAsm8T9UO3BW6T4fi4VyzFMzvtL
rD7utbwCf2mhfa2KlXjFUjBJI+QGIM5HD/mLi6qVmq3cNzCQzZnmy6Cgdpik18kl
Iz1i8oyNVgwz9HvHVErM6lRMiSHlUcTvrczUO3g=
-----END CERTIFICATE-----
Generated at Sat May 18 19:21:09 2024 by rpki-client on console-fra.rpki-client.org