$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer File: Al4teU5v-uKVus5JEQDj0YuccUE.cer (raw, json) Hash identifier: d6k5uvXUK7byeCcVtU2DIG4ULXQETl1rAHVAVXtT8YM= Subject key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: B2AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Tue 14 May 2024 02:15:43 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 60.247.128.0/17 IP: 211.149.128.0/17 IP: 2403:db00::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 May 2024 19:56:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45743 (0xb2af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: May 14 02:15:43 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:44:b4:bb:96:6f:6c:4d:08:ae:46:d0:82:23: 8b:91:0b:34:51:d9:8f:3c:ff:88:d7:7b:45:bd:24: ab:39:23:51:7c:a4:22:0a:e8:29:55:ce:66:d9:f0: 30:92:fd:aa:80:f3:48:50:d2:e5:cd:64:04:d5:93: 04:ec:04:ab:60:c9:d9:3f:fa:96:12:4e:9c:63:2b: 55:5d:4d:61:bf:87:09:8f:20:3e:a0:e6:53:1a:c0: 33:e6:69:2b:67:3b:46:bc:c9:3a:1e:50:76:28:0f: 2a:d8:e8:45:2d:fd:0b:6d:26:45:b9:2c:ed:fe:72: 97:3f:c2:74:9d:c8:ff:6a:88:7d:13:9d:33:ee:09: 19:b4:bf:d9:4f:ff:a5:1a:c5:c5:23:5c:6e:fb:1b: b5:fa:f8:19:a0:72:57:27:ad:10:01:57:1c:08:ee: c7:b5:56:3a:b6:7c:fe:51:e8:21:d4:4b:6f:a8:29: 89:a1:af:c8:b7:14:08:0b:91:3c:fe:c2:a4:86:77: 04:14:87:87:83:d4:f8:48:95:21:45:a7:64:ac:db: 2f:be:87:38:c7:ca:15:37:3b:a7:5f:83:ea:9f:ca: fa:7e:ad:2e:06:4b:cd:f8:4f:a6:49:d6:30:2c:81: 61:31:a0:7b:fc:a2:66:24:dc:b7:91:12:04:3f:cc: 4a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.247.128.0/17 211.149.128.0/17 IPv6: 2403:db00::/32 Signature Algorithm: sha256WithRSAEncryption 2d:9c:10:d5:f9:a7:6e:0b:b8:87:fd:8d:3b:bf:b5:7c:20:12: 62:6a:fc:19:65:93:22:ac:2a:74:91:ba:02:80:4a:56:28:18: c4:67:52:85:ea:9f:55:e0:27:c7:f4:da:79:04:09:ff:38:93: b9:2d:68:d4:83:a5:f5:eb:f8:e1:86:e3:54:a8:33:6e:62:5a: d3:71:b2:29:78:2b:60:bb:ca:6a:0a:17:22:ec:51:26:73:0b: 71:bc:41:cc:e7:31:6f:d1:85:28:a0:45:3d:b7:13:80:3a:d6: 26:f2:d5:22:e5:88:8c:0c:63:30:e9:fa:d9:a3:e3:a1:c7:2f: 10:d3:5b:3e:cf:34:ff:a6:86:73:58:9a:34:8a:98:24:ee:ec: 08:09:1b:fe:7e:57:1c:8b:5a:24:95:36:83:ba:af:f5:b0:f3: 9c:06:83:3b:93:84:96:0c:95:04:ac:64:25:9d:1a:4a:7e:3e: 6b:c6:94:aa:80:01:54:2e:2a:23:46:21:09:a6:42:ff:2b:0f: 5b:81:99:94:8a:a8:bd:c8:36:50:95:8d:fc:5f:4e:70:98:ca: e2:fb:c8:b5:be:ed:dc:b0:d8:61:e0:f6:6a:75:b3:33:02:dd: ae:96:30:9c:96:34:0c:2e:6b:09:94:13:6b:4f:98:8b:4d:32: bb:6a:5b:27 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgIDALKvMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA1MTQwMjE1NDNaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDAyNUUyRDc5NEU2RkZBRTI5NUJBQ0U0OTExMDBFM0QxOEI5Qzcx NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7RLS7lm9sTQiuRtCC I4uRCzRR2Y88/4jXe0W9JKs5I1F8pCIK6ClVzmbZ8DCS/aqA80hQ0uXNZATVkwTs BKtgydk/+pYSTpxjK1VdTWG/hwmPID6g5lMawDPmaStnO0a8yToeUHYoDyrY6EUt /QttJkW5LO3+cpc/wnSdyP9qiH0TnTPuCRm0v9lP/6UaxcUjXG77G7X6+Bmgclcn rRABVxwI7se1Vjq2fP5R6CHUS2+oKYmhr8i3FAgLkTz+wqSGdwQUh4eD1PhIlSFF p2Ss2y++hzjHyhU3O6dfg+qfyvp+rS4GS834T6ZJ1jAsgWExoHv8omYk3LeREgQ/ zEo5AgMBAAGjggJoMIICZDAdBgNVHQ4EFgQUAl4teU5v+uKVus5JEQDj0YuccUEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQ3 OS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC80NzkvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA0 BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBzz3gAMEB9OVgDANBAIAAjAHAwUA JAPbADANBgkqhkiG9w0BAQsFAAOCAQEALZwQ1fmnbgu4h/2NO7+1fCASYmr8GWWT IqwqdJG6AoBKVigYxGdSheqfVeAnx/TaeQQJ/ziTuS1o1IOl9ev44YbjVKgzbmJa 03GyKXgrYLvKagoXIuxRJnMLcbxBzOcxb9GFKKBFPbcTgDrWJvLVIuWIjAxjMOn6 2aPjoccvENNbPs80/6aGc1iaNIqYJO7sCAkb/n5XHItaJJU2g7qv9bDznAaDO5OE lgyVBKxkJZ0aSn4+a8aUqoABVC4qI0YhCaZC/ysPW4GZlIqovcg2UJWN/F9OcJjK 4vvItb7t3LDYYeD2anWzMwLdrpYwnJY0DC5rCZQTa0+Yi00yu2pbJw== -----END CERTIFICATE-----Generated at Sat May 18 16:16:49 2024 by rpki-client on console-ams.rpki-client.org