Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/D0BCGu_TepwoYqhQBOR57yH1tgg.cer
File: D0BCGu_TepwoYqhQBOR57yH1tgg.cer (raw, json)
Hash identifier: QQ9xHxFAFzZywR2EqZh9ZksrqHiLtkypg+0JRb/6SZw=
Subject key identifier: 0F:40:42:1A:EF:D3:7A:9C:28:62:A8:50:04:E4:79:EF:21:F5:B6:08
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CD75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:09:10 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: IP: 43.224.200.0/21
IP: 43.229.40.0/22
IP: 43.254.184.0/22
IP: 45.114.196.0/22
IP: 45.123.136.0/22
IP: 103.15.200.0/22
IP: 103.26.156.0/22
IP: 103.30.228.0/22
IP: 103.43.220.0 -- 103.43.227.255
IP: 103.54.160.0/22
IP: 103.199.164.0/22
IP: 103.200.64.0/21
IP: 103.228.176.0/22
IP: 137.59.88.0/22
IP: 150.242.116.0/22
IP: 210.7.56.0/21
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Apr 2025 10:07:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52597 (0xcd75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:09:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=0F40421AEFD37A9C2862A85004E479EF21F5B608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5a:d4:59:16:78:16:25:ff:65:bf:5f:3a:fe:
de:11:72:69:c4:4d:a4:c7:17:02:a7:ab:0c:b0:7b:
57:75:48:17:14:e5:5d:75:3f:98:3b:8a:e1:0f:76:
8c:40:38:12:e1:fc:63:99:a2:58:4d:59:9d:c5:ce:
f8:f2:97:bc:83:08:d2:53:d8:d5:31:e5:77:e9:67:
e3:a1:40:00:89:9e:83:e5:b0:5f:ea:99:a3:17:46:
69:3a:55:2b:73:d7:ce:40:4c:c7:3f:e4:a6:be:21:
8a:fa:6d:55:85:ee:44:c9:a1:72:08:58:b3:7e:32:
2b:3c:4b:40:8f:42:08:f3:8c:13:3b:e6:c8:ca:bc:
a0:64:1f:a2:89:3b:6e:b3:e8:33:ab:1d:04:44:17:
53:12:d6:1c:5b:0d:6a:e6:21:70:74:02:96:51:0d:
6b:66:7b:09:cc:43:d6:6c:bf:df:73:f1:39:b8:8c:
61:ab:52:fc:85:38:09:6a:85:32:72:b7:09:e7:59:
14:34:f2:6e:ca:95:82:9d:b8:04:a6:01:4a:18:17:
c7:ad:30:44:ce:7d:3a:3f:99:2b:f2:18:ac:d2:c3:
5e:a7:95:f5:24:5d:17:42:b2:06:4c:05:4f:d5:1b:
f0:14:dd:91:95:81:af:c9:ca:9f:ba:25:15:ad:7a:
b0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:40:42:1A:EF:D3:7A:9C:28:62:A8:50:04:E4:79:EF:21:F5:B6:08
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.200.0/21
43.229.40.0/22
43.254.184.0/22
45.114.196.0/22
45.123.136.0/22
103.15.200.0/22
103.26.156.0/22
103.30.228.0/22
103.43.220.0-103.43.227.255
103.54.160.0/22
103.199.164.0/22
103.200.64.0/21
103.228.176.0/22
137.59.88.0/22
150.242.116.0/22
210.7.56.0/21
Signature Algorithm: sha256WithRSAEncryption
13:19:5e:7c:d8:7a:65:0e:cd:2b:57:b5:10:a8:a7:b8:7c:2c:
be:9c:9b:4e:b5:5c:66:33:72:6c:47:36:b2:8c:e9:63:11:44:
3b:e7:78:f0:76:73:2b:a1:b0:55:f6:40:a9:85:51:e5:1e:07:
6a:cf:71:20:7c:1e:a3:d2:36:55:ab:e0:f3:6d:62:e5:aa:c4:
95:e9:0e:32:d9:77:8b:c2:3c:66:6d:f7:91:c1:6a:6c:d9:d0:
0a:30:87:76:f1:f3:5e:e8:08:04:a6:e4:95:e6:7d:c7:b5:75:
22:cd:76:41:5e:99:5f:ba:a4:fc:7e:32:62:4c:30:cf:f1:17:
98:28:e6:b0:ec:71:4d:9f:23:eb:78:7a:fd:1f:31:de:f6:a5:
fa:ef:be:5e:8a:ae:75:77:9f:4b:26:3e:00:87:f1:41:a4:38:
f9:7d:a4:4d:82:0d:6d:25:43:b8:0c:4b:5d:0d:85:66:3a:93:
22:df:76:c4:0a:a3:03:57:6d:ef:32:cf:05:94:a7:f9:63:c4:
f7:d7:2e:0e:06:2f:cb:dc:28:ad:c4:d3:d4:37:ec:ee:40:a7:
84:74:e0:a2:70:49:f9:d2:bb:55:d7:09:7b:7a:21:e6:b6:d4:
40:f1:52:35:b5:74:cb:79:ea:fa:0a:1f:65:60:ac:1f:eb:8e:
eb:05:b9:8d
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAM11MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA5MTBaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDBGNDA0MjFBRUZEMzdBOUMyODYyQTg1MDA0RTQ3OUVGMjFGNUI2
MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOWtRZFngWJf9lv186
/t4RcmnETaTHFwKnqwywe1d1SBcU5V11P5g7iuEPdoxAOBLh/GOZolhNWZ3Fzvjy
l7yDCNJT2NUx5XfpZ+OhQACJnoPlsF/qmaMXRmk6VStz185ATMc/5Ka+IYr6bVWF
7kTJoXIIWLN+Mis8S0CPQgjzjBM75sjKvKBkH6KJO26z6DOrHQREF1MS1hxbDWrm
IXB0ApZRDWtmewnMQ9Zsv99z8Tm4jGGrUvyFOAlqhTJytwnnWRQ08m7KlYKduASm
AUoYF8etMETOfTo/mSvyGKzSw16nlfUkXRdCsgZMBU/VG/AU3ZGVga/Jyp+6JRWt
erB/AgMBAAGjggK4MIICtDAdBgNVHQ4EFgQUD0BCGu/TepwoYqhQBOR57yH1tggw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEw
ODkvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTA4OS9EMEJDR3VfVGVwd29ZcWhRQk9SNTd5SDF0Z2cubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAyvgyAMEAivlKAMEAiv+uAME
Ai1yxAMEAi17iAMEAmcPyAMEAmcanAMEAmce5DAMAwQCZyvcAwQCZyvgAwQCZzag
AwQCZ8ekAwQDZ8hAAwQCZ+SwAwQCiTtYAwQClvJ0AwQD0gc4MA0GCSqGSIb3DQEB
CwUAA4IBAQATGV582HplDs0rV7UQqKe4fCy+nJtOtVxmM3JsRzayjOljEUQ753jw
dnMrobBV9kCphVHlHgdqz3EgfB6j0jZVq+DzbWLlqsSV6Q4y2XeLwjxmbfeRwWps
2dAKMId28fNe6AgEpuSV5n3HtXUizXZBXplfuqT8fjJiTDDP8ReYKOaw7HFNnyPr
eHr9HzHe9qX6775eiq51d59LJj4Ah/FBpDj5faRNgg1tJUO4DEtdDYVmOpMi33bE
CqMDV23vMs8FlKf5Y8T31y4OBi/L3CitxNPUN+zuQKeEdOCicEn50rtV1wl7eiHm
ttRA8VI1tXTLeer6Ch9lYKwf647rBbmN
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:08:14 2025 by rpki-client