Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/94vx0ILraGpYQf5xsAL3zXu4b3U.cer
File: 94vx0ILraGpYQf5xsAL3zXu4b3U.cer (raw, json)
Hash identifier: OLv1OU1haVjGg8IpWAXyxKiGolYkUX8EN0kfcRjBWkQ=
Subject key identifier: F7:8B:F1:D0:82:EB:68:6A:58:41:FE:71:B0:02:F7:CD:7B:B8:6F:75
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CB6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/94vx0ILraGpYQf5xsAL3zXu4b3U.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 21 Mar 2025 03:13:16 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 24403 -- 24404
AS: 37967
AS: 38339
AS: 38353
AS: 45099 -- 45100
IP: 42.51.0.0/16
IP: 49.4.132.0 -- 49.5.255.255
IP: 58.99.128.0/17
IP: 61.4.82.0/23
IP: 101.36.128.0/17
IP: 106.2.160.0 -- 106.2.255.255
IP: 106.3.32.0 -- 106.3.79.255
IP: 106.3.84.0/22
IP: 106.3.160.0/20
IP: 106.3.208.0 -- 106.3.255.255
IP: 110.173.0.0/21
IP: 110.232.32.0/19
IP: 114.64.0.0 -- 114.66.63.255
IP: 114.66.82.0 -- 114.66.127.255
IP: 114.112.6.0 -- 114.112.13.255
IP: 114.112.16.0/21
IP: 114.112.32.0 -- 114.112.95.255
IP: 114.112.108.0 -- 114.112.135.255
IP: 114.112.152.0 -- 114.112.199.255
IP: 114.112.224.0 -- 114.113.195.255
IP: 114.113.204.0/22
IP: 114.113.216.0/21
IP: 114.113.240.0/20
IP: 115.100.0.0/15
IP: 115.103.0.0/16
IP: 116.69.0.0/17
IP: 116.70.0.0/18
IP: 116.90.80.0/20
IP: 116.196.16.0 -- 116.196.63.255
IP: 116.255.128.0/17
IP: 119.40.0.0/18
IP: 119.57.0.0/16
IP: 119.63.32.0/19
IP: 121.52.208.0/20
IP: 121.58.144.0/20
IP: 121.79.128.0/18
IP: 121.101.208.0/20
IP: 121.201.0.0/17
IP: 122.14.192.0/18
IP: 122.49.0.0/18
IP: 122.102.0.0/20
IP: 122.112.0.0/19
IP: 122.112.64.0/18
IP: 122.115.16.0/20
IP: 122.115.64.0 -- 122.115.223.255
IP: 122.115.240.0/20
IP: 122.198.64.0/22
IP: 122.200.96.0/19
IP: 123.58.96.0/19
IP: 123.108.208.0/20
IP: 124.248.32.0/19
IP: 125.61.128.0/17
IP: 175.26.0.0/16
IP: 180.186.0.0/16
IP: 182.50.0.0/22
IP: 203.80.144.0/20
IP: 203.135.160.0/20
IP: 203.171.224.0/20
IP: 203.191.16.0/20
IP: 210.2.16.0/21
IP: 210.14.128.0/19
IP: 210.56.192.0/19
IP: 210.74.0.0/19
IP: 211.100.96.0/19
IP: 211.102.192.0/20
IP: 218.241.0.0/19
IP: 218.241.64.0/19
IP: 218.245.0.0 -- 218.245.47.255
IP: 219.232.224.0/19
IP: 223.252.128.0/18
IP: 223.252.224.0/19
IP: 2401:e00::/32
IP: 2401:ba00::/32
IP: 2401:be00::/32
IP: 2401:c200::/32
IP: 2401:c600::/32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52079 (0xcb6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Mar 21 03:13:16 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F78BF1D082EB686A5841FE71B002F7CD7BB86F75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ad:2a:7b:62:3e:31:b1:5d:3f:c1:aa:f0:dc:
94:70:30:18:53:7d:55:31:d2:75:74:c6:f7:10:8a:
3a:35:6a:d1:a5:90:56:58:1e:45:6d:88:4c:80:79:
3e:7b:dd:86:89:36:b0:7f:76:b9:1f:61:1d:f7:b1:
dd:62:cd:04:66:7d:33:76:1d:61:df:b3:aa:f6:fe:
39:a5:0d:9b:db:ee:bd:a8:78:2a:bd:50:35:68:65:
ed:b0:2b:67:3d:27:91:02:b8:c0:fb:e3:25:e5:a9:
b6:5c:d1:be:e2:55:6e:fc:c3:58:20:6a:c2:59:5a:
c8:69:2b:a2:e8:16:d1:17:c9:4a:4f:d0:ff:a6:2a:
1e:41:7a:e5:d0:e0:e0:ef:f7:aa:02:d8:56:1b:96:
98:a9:c1:0b:5e:05:4f:fe:f2:5c:3f:e2:4c:a3:0f:
b5:20:08:3e:e0:c6:f4:f2:52:3b:e0:70:21:99:8e:
9e:14:f1:6c:e8:74:84:50:c5:8a:9e:15:c3:04:34:
ac:ba:d9:8e:8e:8f:c1:0e:d3:45:b1:57:62:6e:2e:
98:d9:68:ef:19:32:b4:a4:39:f2:ce:0d:0d:7e:9c:
27:f5:f8:e9:f0:91:cb:b2:e6:85:73:cf:97:2e:a8:
6a:41:a8:27:40:d4:f5:45:9e:13:ee:1d:51:89:e9:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8B:F1:D0:82:EB:68:6A:58:41:FE:71:B0:02:F7:CD:7B:B8:6F:75
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/94vx0ILraGpYQf5xsAL3zXu4b3U.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24403-24404
37967
38339
38353
45099-45100
sbgp-ipAddrBlock: critical
IPv4:
42.51.0.0/16
49.4.132.0-49.5.255.255
58.99.128.0/17
61.4.82.0/23
101.36.128.0/17
106.2.160.0-106.2.255.255
106.3.32.0-106.3.79.255
106.3.84.0/22
106.3.160.0/20
106.3.208.0-106.3.255.255
110.173.0.0/21
110.232.32.0/19
114.64.0.0-114.66.63.255
114.66.82.0-114.66.127.255
114.112.6.0-114.112.13.255
114.112.16.0/21
114.112.32.0-114.112.95.255
114.112.108.0-114.112.135.255
114.112.152.0-114.112.199.255
114.112.224.0-114.113.195.255
114.113.204.0/22
114.113.216.0/21
114.113.240.0/20
115.100.0.0/15
115.103.0.0/16
116.69.0.0/17
116.70.0.0/18
116.90.80.0/20
116.196.16.0-116.196.63.255
116.255.128.0/17
119.40.0.0/18
119.57.0.0/16
119.63.32.0/19
121.52.208.0/20
121.58.144.0/20
121.79.128.0/18
121.101.208.0/20
121.201.0.0/17
122.14.192.0/18
122.49.0.0/18
122.102.0.0/20
122.112.0.0/19
122.112.64.0/18
122.115.16.0/20
122.115.64.0-122.115.223.255
122.115.240.0/20
122.198.64.0/22
122.200.96.0/19
123.58.96.0/19
123.108.208.0/20
124.248.32.0/19
125.61.128.0/17
175.26.0.0/16
180.186.0.0/16
182.50.0.0/22
203.80.144.0/20
203.135.160.0/20
203.171.224.0/20
203.191.16.0/20
210.2.16.0/21
210.14.128.0/19
210.56.192.0/19
210.74.0.0/19
211.100.96.0/19
211.102.192.0/20
218.241.0.0/19
218.241.64.0/19
218.245.0.0-218.245.47.255
219.232.224.0/19
223.252.128.0/18
223.252.224.0/19
IPv6:
2401:e00::/32
2401:ba00::/32
2401:be00::/32
2401:c200::/32
2401:c600::/32
Signature Algorithm: sha256WithRSAEncryption
73:14:de:3e:46:c3:e6:59:3d:a8:51:4b:af:e7:a1:e6:58:c7:
bf:68:e2:8b:1a:fc:6c:d7:15:e5:53:67:4b:a3:b4:45:c8:de:
42:e6:b8:8a:da:ef:22:95:b8:53:c3:ca:bd:e7:a3:a3:a1:99:
ca:b1:f1:bc:14:b6:04:04:ef:f4:8d:e2:60:de:db:8f:4c:a1:
66:c8:90:3b:28:25:ee:f7:53:d1:4e:ae:10:01:db:d8:b3:56:
6f:fa:06:b7:d5:6c:01:c6:d7:a7:4a:9b:a6:99:ab:0e:52:27:
26:b0:b8:e2:af:22:d5:2f:f5:b5:f0:97:54:ad:48:bc:22:91:
c4:f6:09:a1:24:45:bb:f1:c7:81:09:ab:91:bc:a9:92:de:43:
9c:a4:bb:b9:f4:e0:5c:59:a5:2d:6c:7b:37:df:4e:8b:d9:4f:
ed:ee:73:fa:a4:2d:83:b9:91:da:9e:fd:ad:09:9d:11:9a:a0:
3e:e5:bc:78:b8:d0:8c:af:48:7f:28:9c:3f:39:2b:4f:ca:f1:
25:0a:87:90:ee:de:77:86:ef:d6:66:2a:29:9f:f8:93:09:cc:
6e:66:36:67:2f:ca:6f:a4:a3:13:5c:7c:06:82:b7:d9:8c:b5:
7d:82:f1:0e:c1:ef:8b:cd:b4:45:2e:72:1c:3a:02:73:e5:b9:
7c:22:16:27
-----BEGIN CERTIFICATE-----
MIIHyTCCBrGgAwIBAgIDAMtvMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTAzMjEwMzEzMTZaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEY3OEJGMUQwODJFQjY4NkE1ODQxRkU3MUIwMDJGN0NEN0JCODZG
NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDarSp7Yj4xsV0/warw
3JRwMBhTfVUx0nV0xvcQijo1atGlkFZYHkVtiEyAeT573YaJNrB/drkfYR33sd1i
zQRmfTN2HWHfs6r2/jmlDZvb7r2oeCq9UDVoZe2wK2c9J5ECuMD74yXlqbZc0b7i
VW78w1ggasJZWshpK6LoFtEXyUpP0P+mKh5BeuXQ4ODv96oC2FYblpipwQteBU/+
8lw/4kyjD7UgCD7gxvTyUjvgcCGZjp4U8WzodIRQxYqeFcMENKy62Y6Oj8EO00Wx
V2JuLpjZaO8ZMrSkOfLODQ1+nCf1+Onwkcuy5oVzz5cuqGpBqCdA1PVFnhPuHVGJ
6V69AgMBAAGjggTNMIIEyTAdBgNVHQ4EFgQU94vx0ILraGpYQf5xsAL3zXu4b3Uw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz
My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zMzMvOTR2eDBJTHJhR3BZUWY1eHNBTDN6WHU0YjNVLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA6
BggrBgEFBQcBCAEB/wQrMCmgJzAlMAgCAl9TAgJfVAIDAJRPAgMAlcMCAwCV0TAK
AgMAsCsCAwCwLDCCAlsGCCsGAQUFBwEHAQH/BIICSjCCAkYwggIXBAIAATCCAg8D
AwAqMzALAwQCMQSEAwMBMQQDBAc6Y4ADBAE9BFIDBAdlJIAwCwMEBWoCoAMDAGoC
MAwDBAVqAyADBARqA0ADBAJqA1QDBARqA6AwCwMEBGoD0AMDAmoAAwQDbq0AAwQF
buggMAsDAwZyQAMEBnJCADAMAwQBckJSAwQHckIAMAwDBAFycAYDBAFycAwDBANy
cBAwDAMEBXJwIAMEBXJwQDAMAwQCcnBsAwQDcnCAMAwDBANycJgDBANycMAwDAME
BXJw4AMEAnJxwAMEAnJxzAMEA3Jx2AMEBHJx8AMDAXNkAwMAc2cDBAd0RQADBAZ0
RgADBAR0WlAwDAMEBHTEEAMEBnTEAAMEB3T/gAMEBncoAAMDAHc5AwQFdz8gAwQE
eTTQAwQEeTqQAwQGeU+AAwQEeWXQAwQHeckAAwQGeg7AAwQGejEAAwQEemYAAwQF
enAAAwQGenBAAwQEenMQMAwDBAZ6c0ADBAV6c8ADBAR6c/ADBAJ6xkADBAV6yGAD
BAV7OmADBAR7bNADBAV8+CADBAd9PYADAwCvGgMDALS6AwQCtjIAAwQEy1CQAwQE
y4egAwQEy6vgAwQEy78QAwQD0gIQAwQF0g6AAwQF0jjAAwQF0koAAwQF02RgAwQE
02bAAwQF2vEAAwQF2vFAMAsDAwDa9QMEBNr1IAMEBdvo4AMEBt/8gAMEBd/84DAp
BAIAAjAjAwUAJAEOAAMFACQBugADBQAkAb4AAwUAJAHCAAMFACQBxgAwDQYJKoZI
hvcNAQELBQADggEBAHMU3j5Gw+ZZPahRS6/noeZYx79o4osa/GzXFeVTZ0ujtEXI
3kLmuIra7yKVuFPDyr3no6Ohmcqx8bwUtgQE7/SN4mDe249MoWbIkDsoJe73U9FO
rhAB29izVm/6BrfVbAHG16dKm6aZqw5SJyawuOKvItUv9bXwl1StSLwikcT2CaEk
Rbvxx4EJq5G8qZLeQ5yku7n04FxZpS1sezffTovZT+3uc/qkLYO5kdqe/a0JnRGa
oD7lvHi40IyvSH8onD85K0/K8SUKh5Du3neG79ZmKimf+JMJzG5mNmcvym+koxNc
fAaCt9mMtX2C8Q7B74vNtEUuchw6AnPluXwiFic=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:22:16 2025 by rpki-client