$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer File: AvsF3jxUSp8cNEpj619s_dNIEVY.cer (raw, json) Hash identifier: NdBH5/giAi6zoQbAqUhYr+xTcVHStu9jceyZLRYZj2o= Subject key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BB4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:50:54 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.139.92.0/23 IP: 103.197.180.0/22 IP: 103.218.92.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47947 (0xbb4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:50:54 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:1b:57:25:fe:aa:6f:70:07:04:6d:fc:66:ad: 73:c2:5a:7d:17:48:66:9a:01:26:d5:e6:69:3a:55: 6a:ea:2c:fe:d9:e8:16:6d:44:c8:c1:49:12:0a:e4: e9:7c:db:1c:c1:42:2a:d3:e5:3a:47:39:52:08:2e: 84:7d:0a:dc:99:fe:95:69:bc:c2:ee:8c:b1:16:8d: 7f:f8:d8:f1:5f:bd:ae:2c:9a:65:7f:83:83:ce:2c: df:c3:c2:76:b7:c1:56:19:b8:b1:88:a9:a4:b6:6e: f9:2f:4c:24:34:e2:31:25:be:57:68:68:7e:63:ff: 84:32:f8:cc:3b:52:40:15:12:a3:71:5c:4a:68:17: 5b:2c:58:ef:10:0b:53:ca:ed:1e:41:81:f8:94:c4: a0:4b:0f:fc:3c:8f:1f:9e:f9:11:8b:87:0b:3e:8b: a7:6c:38:ff:25:ce:ed:59:b8:86:95:aa:b1:02:96: a5:f8:22:d5:ba:3b:05:c5:67:4a:0d:1b:0b:b1:85: 88:07:90:04:ab:c5:d3:42:db:c1:46:46:d5:1c:90: 5e:1c:39:8e:09:d8:0a:1d:53:ca:25:fc:4a:9b:53: 67:1f:6f:10:e2:d8:b7:6a:70:3c:52:47:c6:3f:9e: c0:6b:d5:1e:7d:e2:d6:48:e2:dd:a1:f9:cb:ca:21: e6:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.92.0/23 103.197.180.0/22 103.218.92.0/22 Signature Algorithm: sha256WithRSAEncryption 2a:46:15:ce:06:d9:6f:8e:c1:9e:f1:38:ab:ba:46:8b:de:24: 66:55:63:e3:d2:2d:cf:62:be:23:8b:c0:3a:7f:2e:c8:42:b1: 63:a5:41:8d:dd:e8:71:81:3f:3f:dd:e2:97:d1:1a:74:74:3c: c4:af:44:ce:50:5b:55:2d:fb:47:d2:a2:ca:1c:39:4a:8e:85: 25:11:57:6d:b3:6c:18:c0:c6:51:6d:cb:75:34:46:18:25:d2: 90:e8:03:85:78:bf:7a:a2:3b:96:08:e0:be:aa:98:2e:6c:20: d2:12:4f:18:33:11:be:a1:5d:5c:1f:6e:93:84:8a:6b:2a:9b: 94:85:64:d0:e7:dc:a5:5b:3c:6f:c1:fa:ce:0c:51:3f:f4:cf: 84:5c:78:7b:6c:82:8f:88:28:3f:53:6e:9d:a6:99:45:9e:0a: 85:60:54:52:40:ce:22:3e:2b:68:ae:54:8d:58:e9:11:3b:a9: bc:b5:d8:21:01:59:4a:97:71:90:c3:69:65:f7:d2:87:b6:b3: e6:26:40:a9:69:29:45:f4:a9:73:c7:8d:6e:5b:30:77:be:70: 1d:ff:c0:19:dc:26:5d:fd:71:99:1d:9b:c4:5b:44:4d:0f:43: 1e:d0:ac:bd:a6:b4:04:f9:50:4f:ce:b9:93:b6:e8:7c:07:35: 1c:51:b4:35 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIDALtLMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUwNTRaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDAyRkIwNURFM0M1NDRBOUYxQzM0NEE2M0VCNUY2Q0ZERDM0ODEx NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzG1cl/qpvcAcEbfxm rXPCWn0XSGaaASbV5mk6VWrqLP7Z6BZtRMjBSRIK5Ol82xzBQirT5TpHOVIILoR9 CtyZ/pVpvMLujLEWjX/42PFfva4smmV/g4POLN/Dwna3wVYZuLGIqaS2bvkvTCQ0 4jElvldoaH5j/4Qy+Mw7UkAVEqNxXEpoF1ssWO8QC1PK7R5BgfiUxKBLD/w8jx+e +RGLhws+i6dsOP8lzu1ZuIaVqrEClqX4ItW6OwXFZ0oNGwuxhYgHkASrxdNC28FG RtUckF4cOY4J2AodU8ol/EqbU2cfbxDi2LdqcDxSR8Y/nsBr1R594tZI4t2h+cvK IeZRAgMBAAGjggJhMIICXTAdBgNVHQ4EFgQUAvsF3jxUSp8cNEpj619s/dNIEVYw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMx NzEvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzE3MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBZ4tcAwQCZ8W0AwQCZ9pcMA0G CSqGSIb3DQEBCwUAA4IBAQAqRhXOBtlvjsGe8TirukaL3iRmVWPj0i3PYr4ji8A6 fy7IQrFjpUGN3ehxgT8/3eKX0Rp0dDzEr0TOUFtVLftH0qLKHDlKjoUlEVdts2wY wMZRbct1NEYYJdKQ6AOFeL96ojuWCOC+qpgubCDSEk8YMxG+oV1cH26ThIprKpuU hWTQ59ylWzxvwfrODFE/9M+EXHh7bIKPiCg/U26dpplFngqFYFRSQM4iPitorlSN WOkRO6m8tdghAVlKl3GQw2ll99KHtrPmJkCpaSlF9Klzx41uWzB3vnAd/8AZ3CZd /XGZHZvEW0RND0Me0Ky9prQE+VBPzrmTtuh8BzUcUbQ1 -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:37 2024 by rpki-client on console-ams.rpki-client.org