Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/D0BCGu_TepwoYqhQBOR57yH1tgg.cer
File: D0BCGu_TepwoYqhQBOR57yH1tgg.cer (raw, json)
Hash identifier: dzJARigy3KVCLbO82RZAWJ7ol++iHP+H3BFa6njF2Gs=
Subject key identifier: 0F:40:42:1A:EF:D3:7A:9C:28:62:A8:50:04:E4:79:EF:21:F5:B6:08
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AF27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:22:35 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: IP: 43.224.200.0/22
IP: 43.229.40.0/22
IP: 43.254.184.0/22
IP: 45.114.196.0/22
IP: 45.123.136.0/22
IP: 103.15.200.0/22
IP: 103.26.156.0/22
IP: 103.30.228.0/22
IP: 103.43.220.0 -- 103.43.227.255
IP: 103.54.160.0/22
IP: 103.199.164.0/22
IP: 103.200.64.0/21
IP: 103.228.176.0/22
IP: 137.59.88.0/22
IP: 150.242.116.0/22
IP: 210.7.56.0/21
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 17 May 2024 11:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44839 (0xaf27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:22:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0F40421AEFD37A9C2862A85004E479EF21F5B608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5a:d4:59:16:78:16:25:ff:65:bf:5f:3a:fe:
de:11:72:69:c4:4d:a4:c7:17:02:a7:ab:0c:b0:7b:
57:75:48:17:14:e5:5d:75:3f:98:3b:8a:e1:0f:76:
8c:40:38:12:e1:fc:63:99:a2:58:4d:59:9d:c5:ce:
f8:f2:97:bc:83:08:d2:53:d8:d5:31:e5:77:e9:67:
e3:a1:40:00:89:9e:83:e5:b0:5f:ea:99:a3:17:46:
69:3a:55:2b:73:d7:ce:40:4c:c7:3f:e4:a6:be:21:
8a:fa:6d:55:85:ee:44:c9:a1:72:08:58:b3:7e:32:
2b:3c:4b:40:8f:42:08:f3:8c:13:3b:e6:c8:ca:bc:
a0:64:1f:a2:89:3b:6e:b3:e8:33:ab:1d:04:44:17:
53:12:d6:1c:5b:0d:6a:e6:21:70:74:02:96:51:0d:
6b:66:7b:09:cc:43:d6:6c:bf:df:73:f1:39:b8:8c:
61:ab:52:fc:85:38:09:6a:85:32:72:b7:09:e7:59:
14:34:f2:6e:ca:95:82:9d:b8:04:a6:01:4a:18:17:
c7:ad:30:44:ce:7d:3a:3f:99:2b:f2:18:ac:d2:c3:
5e:a7:95:f5:24:5d:17:42:b2:06:4c:05:4f:d5:1b:
f0:14:dd:91:95:81:af:c9:ca:9f:ba:25:15:ad:7a:
b0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:40:42:1A:EF:D3:7A:9C:28:62:A8:50:04:E4:79:EF:21:F5:B6:08
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.200.0/22
43.229.40.0/22
43.254.184.0/22
45.114.196.0/22
45.123.136.0/22
103.15.200.0/22
103.26.156.0/22
103.30.228.0/22
103.43.220.0-103.43.227.255
103.54.160.0/22
103.199.164.0/22
103.200.64.0/21
103.228.176.0/22
137.59.88.0/22
150.242.116.0/22
210.7.56.0/21
Signature Algorithm: sha256WithRSAEncryption
37:19:26:2b:df:1e:8c:26:ff:6c:d3:ac:14:80:38:0f:8e:60:
01:6a:d9:31:b4:dc:0c:88:aa:dc:7e:a6:8b:11:e9:be:21:ef:
1a:60:b7:76:cc:34:42:29:da:75:d1:8e:f2:aa:0d:fa:d0:17:
40:f9:82:bc:70:33:ae:92:01:50:05:98:d2:90:c0:a7:d3:00:
0e:89:6a:d6:b8:c3:8f:ca:4a:15:ae:26:29:8e:3c:04:53:ca:
9c:df:2a:5b:4b:47:ca:de:2c:27:7b:66:93:af:ac:22:56:16:
46:34:5d:ee:65:d1:c0:2b:c8:74:ec:e5:e3:0c:61:4d:55:f2:
f8:13:ab:32:b9:a4:b5:97:1a:e0:27:6b:7b:d1:af:2e:c7:9e:
2f:ea:9d:75:8f:c7:07:5b:c7:6d:c4:31:7c:5f:f2:22:16:74:
99:2f:09:d6:03:66:9c:92:55:86:5c:53:6c:f4:ff:b2:87:d5:
6f:29:dc:ee:79:73:05:cf:ee:0c:e4:81:46:c8:5a:95:be:7b:
ea:cd:34:08:d8:9f:08:77:cd:85:b0:7e:44:bc:18:fd:ec:17:
cb:ca:92:79:b1:a2:7c:47:f0:a9:eb:20:d0:ff:51:c2:cf:93:
1e:f0:f1:7c:22:09:43:fc:0f:54:f4:25:68:e2:06:80:49:9f:
07:26:0c:ff
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAK8nMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIyMzVaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDBGNDA0MjFBRUZEMzdBOUMyODYyQTg1MDA0RTQ3OUVGMjFGNUI2
MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOWtRZFngWJf9lv186
/t4RcmnETaTHFwKnqwywe1d1SBcU5V11P5g7iuEPdoxAOBLh/GOZolhNWZ3Fzvjy
l7yDCNJT2NUx5XfpZ+OhQACJnoPlsF/qmaMXRmk6VStz185ATMc/5Ka+IYr6bVWF
7kTJoXIIWLN+Mis8S0CPQgjzjBM75sjKvKBkH6KJO26z6DOrHQREF1MS1hxbDWrm
IXB0ApZRDWtmewnMQ9Zsv99z8Tm4jGGrUvyFOAlqhTJytwnnWRQ08m7KlYKduASm
AUoYF8etMETOfTo/mSvyGKzSw16nlfUkXRdCsgZMBU/VG/AU3ZGVga/Jyp+6JRWt
erB/AgMBAAGjggK4MIICtDAdBgNVHQ4EFgQUD0BCGu/TepwoYqhQBOR57yH1tggw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEw
ODkvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTA4OS9EMEJDR3VfVGVwd29ZcWhRQk9SNTd5SDF0Z2cubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAivgyAMEAivlKAMEAiv+uAME
Ai1yxAMEAi17iAMEAmcPyAMEAmcanAMEAmce5DAMAwQCZyvcAwQCZyvgAwQCZzag
AwQCZ8ekAwQDZ8hAAwQCZ+SwAwQCiTtYAwQClvJ0AwQD0gc4MA0GCSqGSIb3DQEB
CwUAA4IBAQA3GSYr3x6MJv9s06wUgDgPjmABatkxtNwMiKrcfqaLEem+Ie8aYLd2
zDRCKdp10Y7yqg360BdA+YK8cDOukgFQBZjSkMCn0wAOiWrWuMOPykoVriYpjjwE
U8qc3ypbS0fK3iwne2aTr6wiVhZGNF3uZdHAK8h07OXjDGFNVfL4E6syuaS1lxrg
J2t70a8ux54v6p11j8cHW8dtxDF8X/IiFnSZLwnWA2acklWGXFNs9P+yh9VvKdzu
eXMFz+4M5IFGyFqVvnvqzTQI2J8Id82FsH5EvBj97BfLypJ5saJ8R/Cp6yDQ/1HC
z5Me8PF8IglD/A9U9CVo4gaASZ8HJgz/
-----END CERTIFICATE-----
Generated at Fri May 17 06:49:35 2024 by rpki-client on console-ams.rpki-client.org