Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/94vx0ILraGpYQf5xsAL3zXu4b3U.cer
File: 94vx0ILraGpYQf5xsAL3zXu4b3U.cer (raw, json)
Hash identifier: LjSpm2V3IgrQfBspIsA7Ow+VDFZosc0WOFA2Udfx77I=
Subject key identifier: F7:8B:F1:D0:82:EB:68:6A:58:41:FE:71:B0:02:F7:CD:7B:B8:6F:75
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BB1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/94vx0ILraGpYQf5xsAL3zXu4b3U.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:50:15 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 24403 -- 24404
AS: 37967
AS: 38339
AS: 38353
AS: 45099 -- 45100
IP: 42.51.0.0/16
IP: 49.4.132.0 -- 49.5.255.255
IP: 58.99.128.0/17
IP: 61.4.82.0/23
IP: 101.36.128.0/17
IP: 106.2.160.0 -- 106.2.255.255
IP: 106.3.32.0 -- 106.3.79.255
IP: 106.3.84.0/22
IP: 106.3.160.0/20
IP: 106.3.208.0 -- 106.3.255.255
IP: 110.173.0.0/21
IP: 110.232.32.0/19
IP: 114.64.0.0 -- 114.66.63.255
IP: 114.66.82.0 -- 114.66.127.255
IP: 114.112.6.0 -- 114.112.13.255
IP: 114.112.16.0/21
IP: 114.112.32.0 -- 114.112.95.255
IP: 114.112.108.0 -- 114.112.135.255
IP: 114.112.152.0 -- 114.112.199.255
IP: 114.112.224.0 -- 114.113.195.255
IP: 114.113.204.0/22
IP: 114.113.216.0/21
IP: 114.113.240.0/20
IP: 115.100.0.0/15
IP: 115.103.0.0/16
IP: 116.69.0.0/17
IP: 116.70.0.0/18
IP: 116.90.80.0/20
IP: 116.196.16.0 -- 116.196.63.255
IP: 116.255.128.0/17
IP: 119.40.0.0/18
IP: 119.57.0.0/16
IP: 119.63.32.0/19
IP: 121.52.208.0/20
IP: 121.58.144.0/20
IP: 121.79.128.0/18
IP: 121.101.208.0/20
IP: 121.201.0.0/17
IP: 122.14.192.0/18
IP: 122.49.0.0/18
IP: 122.102.0.0/20
IP: 122.112.0.0/19
IP: 122.112.64.0/18
IP: 122.115.16.0/20
IP: 122.115.64.0 -- 122.115.223.255
IP: 122.115.240.0/20
IP: 122.198.64.0/22
IP: 122.200.96.0/19
IP: 123.58.96.0/19
IP: 123.108.208.0/20
IP: 124.248.32.0/19
IP: 125.61.128.0/17
IP: 175.26.0.0/16
IP: 180.186.0.0/16
IP: 182.50.0.0/22
IP: 203.80.144.0/20
IP: 203.135.160.0/20
IP: 203.171.224.0/20
IP: 203.191.16.0/20
IP: 210.2.16.0/21
IP: 210.14.128.0/19
IP: 210.56.192.0/19
IP: 210.74.0.0/19
IP: 211.100.96.0/19
IP: 211.102.192.0/20
IP: 218.241.0.0/19
IP: 218.241.64.0/19
IP: 218.245.0.0 -- 218.245.47.255
IP: 219.232.224.0/19
IP: 223.252.128.0/18
IP: 223.252.224.0/19
IP: 2401:e00::/32
IP: 2401:ba00::/32
IP: 2401:be00::/32
IP: 2401:c200::/32
IP: 2401:c600::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47901 (0xbb1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:50:15 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F78BF1D082EB686A5841FE71B002F7CD7BB86F75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ad:2a:7b:62:3e:31:b1:5d:3f:c1:aa:f0:dc:
94:70:30:18:53:7d:55:31:d2:75:74:c6:f7:10:8a:
3a:35:6a:d1:a5:90:56:58:1e:45:6d:88:4c:80:79:
3e:7b:dd:86:89:36:b0:7f:76:b9:1f:61:1d:f7:b1:
dd:62:cd:04:66:7d:33:76:1d:61:df:b3:aa:f6:fe:
39:a5:0d:9b:db:ee:bd:a8:78:2a:bd:50:35:68:65:
ed:b0:2b:67:3d:27:91:02:b8:c0:fb:e3:25:e5:a9:
b6:5c:d1:be:e2:55:6e:fc:c3:58:20:6a:c2:59:5a:
c8:69:2b:a2:e8:16:d1:17:c9:4a:4f:d0:ff:a6:2a:
1e:41:7a:e5:d0:e0:e0:ef:f7:aa:02:d8:56:1b:96:
98:a9:c1:0b:5e:05:4f:fe:f2:5c:3f:e2:4c:a3:0f:
b5:20:08:3e:e0:c6:f4:f2:52:3b:e0:70:21:99:8e:
9e:14:f1:6c:e8:74:84:50:c5:8a:9e:15:c3:04:34:
ac:ba:d9:8e:8e:8f:c1:0e:d3:45:b1:57:62:6e:2e:
98:d9:68:ef:19:32:b4:a4:39:f2:ce:0d:0d:7e:9c:
27:f5:f8:e9:f0:91:cb:b2:e6:85:73:cf:97:2e:a8:
6a:41:a8:27:40:d4:f5:45:9e:13:ee:1d:51:89:e9:
5e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8B:F1:D0:82:EB:68:6A:58:41:FE:71:B0:02:F7:CD:7B:B8:6F:75
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/333/94vx0ILraGpYQf5xsAL3zXu4b3U.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24403-24404
37967
38339
38353
45099-45100
sbgp-ipAddrBlock: critical
IPv4:
42.51.0.0/16
49.4.132.0-49.5.255.255
58.99.128.0/17
61.4.82.0/23
101.36.128.0/17
106.2.160.0-106.2.255.255
106.3.32.0-106.3.79.255
106.3.84.0/22
106.3.160.0/20
106.3.208.0-106.3.255.255
110.173.0.0/21
110.232.32.0/19
114.64.0.0-114.66.63.255
114.66.82.0-114.66.127.255
114.112.6.0-114.112.13.255
114.112.16.0/21
114.112.32.0-114.112.95.255
114.112.108.0-114.112.135.255
114.112.152.0-114.112.199.255
114.112.224.0-114.113.195.255
114.113.204.0/22
114.113.216.0/21
114.113.240.0/20
115.100.0.0/15
115.103.0.0/16
116.69.0.0/17
116.70.0.0/18
116.90.80.0/20
116.196.16.0-116.196.63.255
116.255.128.0/17
119.40.0.0/18
119.57.0.0/16
119.63.32.0/19
121.52.208.0/20
121.58.144.0/20
121.79.128.0/18
121.101.208.0/20
121.201.0.0/17
122.14.192.0/18
122.49.0.0/18
122.102.0.0/20
122.112.0.0/19
122.112.64.0/18
122.115.16.0/20
122.115.64.0-122.115.223.255
122.115.240.0/20
122.198.64.0/22
122.200.96.0/19
123.58.96.0/19
123.108.208.0/20
124.248.32.0/19
125.61.128.0/17
175.26.0.0/16
180.186.0.0/16
182.50.0.0/22
203.80.144.0/20
203.135.160.0/20
203.171.224.0/20
203.191.16.0/20
210.2.16.0/21
210.14.128.0/19
210.56.192.0/19
210.74.0.0/19
211.100.96.0/19
211.102.192.0/20
218.241.0.0/19
218.241.64.0/19
218.245.0.0-218.245.47.255
219.232.224.0/19
223.252.128.0/18
223.252.224.0/19
IPv6:
2401:e00::/32
2401:ba00::/32
2401:be00::/32
2401:c200::/32
2401:c600::/32
Signature Algorithm: sha256WithRSAEncryption
8f:27:06:77:f6:ce:2f:60:68:1c:49:73:7d:01:14:b9:f5:90:
02:93:03:64:4d:33:dc:d8:cf:1b:fa:29:b9:e7:5c:f2:e6:0d:
6f:b3:c7:c0:60:16:69:dd:ae:88:13:16:fa:5b:36:52:8e:94:
ba:9d:8d:de:ca:2c:1e:e0:da:06:0d:b8:c8:78:b8:f4:5d:6f:
be:f2:db:2b:a6:9d:9f:8c:d2:e7:4d:6d:9f:0a:49:f9:bf:3d:
18:07:0d:ed:da:bc:b4:f7:93:05:27:e8:51:ab:1e:c9:c2:95:
fe:44:32:cc:fe:32:8c:e6:47:c8:9b:f5:17:05:08:76:6a:46:
b0:24:93:20:db:e1:a2:81:83:d0:f4:2b:11:fe:be:a6:0c:71:
e5:4d:07:bc:96:78:2c:05:4c:64:f2:49:9e:ac:53:fd:4a:9d:
29:5d:50:42:72:0e:30:51:e8:35:64:70:1d:a7:f5:4d:08:5a:
10:4c:7e:78:51:07:8e:82:09:81:04:75:46:57:f3:25:ab:29:
a0:f7:11:b8:31:f4:a9:cf:29:b5:d8:a7:24:31:5b:d5:1e:2d:
35:81:24:73:1c:1e:e7:5d:be:52:d2:84:f5:99:27:b7:0d:48:
a3:76:05:fb:05:c8:19:0c:24:f0:33:33:fe:85:5a:4e:cc:c8:
05:1d:f8:e0
-----BEGIN CERTIFICATE-----
MIIHyTCCBrGgAwIBAgIDALsdMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUwMTVaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEY3OEJGMUQwODJFQjY4NkE1ODQxRkU3MUIwMDJGN0NEN0JCODZG
NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDarSp7Yj4xsV0/warw
3JRwMBhTfVUx0nV0xvcQijo1atGlkFZYHkVtiEyAeT573YaJNrB/drkfYR33sd1i
zQRmfTN2HWHfs6r2/jmlDZvb7r2oeCq9UDVoZe2wK2c9J5ECuMD74yXlqbZc0b7i
VW78w1ggasJZWshpK6LoFtEXyUpP0P+mKh5BeuXQ4ODv96oC2FYblpipwQteBU/+
8lw/4kyjD7UgCD7gxvTyUjvgcCGZjp4U8WzodIRQxYqeFcMENKy62Y6Oj8EO00Wx
V2JuLpjZaO8ZMrSkOfLODQ1+nCf1+Onwkcuy5oVzz5cuqGpBqCdA1PVFnhPuHVGJ
6V69AgMBAAGjggTNMIIEyTAdBgNVHQ4EFgQU94vx0ILraGpYQf5xsAL3zXu4b3Uw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz
My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zMzMvOTR2eDBJTHJhR3BZUWY1eHNBTDN6WHU0YjNVLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA6
BggrBgEFBQcBCAEB/wQrMCmgJzAlMAgCAl9TAgJfVAIDAJRPAgMAlcMCAwCV0TAK
AgMAsCsCAwCwLDCCAlsGCCsGAQUFBwEHAQH/BIICSjCCAkYwggIXBAIAATCCAg8D
AwAqMzALAwQCMQSEAwMBMQQDBAc6Y4ADBAE9BFIDBAdlJIAwCwMEBWoCoAMDAGoC
MAwDBAVqAyADBARqA0ADBAJqA1QDBARqA6AwCwMEBGoD0AMDAmoAAwQDbq0AAwQF
buggMAsDAwZyQAMEBnJCADAMAwQBckJSAwQHckIAMAwDBAFycAYDBAFycAwDBANy
cBAwDAMEBXJwIAMEBXJwQDAMAwQCcnBsAwQDcnCAMAwDBANycJgDBANycMAwDAME
BXJw4AMEAnJxwAMEAnJxzAMEA3Jx2AMEBHJx8AMDAXNkAwMAc2cDBAd0RQADBAZ0
RgADBAR0WlAwDAMEBHTEEAMEBnTEAAMEB3T/gAMEBncoAAMDAHc5AwQFdz8gAwQE
eTTQAwQEeTqQAwQGeU+AAwQEeWXQAwQHeckAAwQGeg7AAwQGejEAAwQEemYAAwQF
enAAAwQGenBAAwQEenMQMAwDBAZ6c0ADBAV6c8ADBAR6c/ADBAJ6xkADBAV6yGAD
BAV7OmADBAR7bNADBAV8+CADBAd9PYADAwCvGgMDALS6AwQCtjIAAwQEy1CQAwQE
y4egAwQEy6vgAwQEy78QAwQD0gIQAwQF0g6AAwQF0jjAAwQF0koAAwQF02RgAwQE
02bAAwQF2vEAAwQF2vFAMAsDAwDa9QMEBNr1IAMEBdvo4AMEBt/8gAMEBd/84DAp
BAIAAjAjAwUAJAEOAAMFACQBugADBQAkAb4AAwUAJAHCAAMFACQBxgAwDQYJKoZI
hvcNAQELBQADggEBAI8nBnf2zi9gaBxJc30BFLn1kAKTA2RNM9zYzxv6KbnnXPLm
DW+zx8BgFmndrogTFvpbNlKOlLqdjd7KLB7g2gYNuMh4uPRdb77y2yumnZ+M0udN
bZ8KSfm/PRgHDe3avLT3kwUn6FGrHsnClf5EMsz+MozmR8ib9RcFCHZqRrAkkyDb
4aKBg9D0KxH+vqYMceVNB7yWeCwFTGTySZ6sU/1KnSldUEJyDjBR6DVkcB2n9U0I
WhBMfnhRB46CCYEEdUZX8yWrKaD3Ebgx9KnPKbXYpyQxW9UeLTWBJHMcHuddvlLS
hPWZJ7cNSKN2BfsFyBkMJPAzM/6FWk7MyAUd+OA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:24 2024 by rpki-client on console-fra.rpki-client.org