$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/DCU6cZ6KRPwY4QW5WqI0i13O1ZU.cer File: DCU6cZ6KRPwY4QW5WqI0i13O1ZU.cer (raw, json) Hash identifier: FLU7OpgCPNLzm+XuA90YU+flSJiMm8KO6Fkf9DALyQY= Subject key identifier: 0C:25:3A:71:9E:8A:44:FC:18:E1:05:B9:5A:A2:34:8B:5D:CE:D5:95 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AE6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/DCU6cZ6KRPwY4QW5WqI0i13O1ZU.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:20:22 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 103.41.140.0/22 IP: 103.49.76.0/22 IP: 103.52.72.0 -- 103.52.87.255 IP: 2403:28c0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 15:26:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44651 (0xae6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:20:22 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0C253A719E8A44FC18E105B95AA2348B5DCED595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ea:e7:31:36:4d:a2:1c:d3:10:8e:53:51:eb: 1f:ce:f7:db:aa:2a:2c:44:b7:8c:1a:04:44:76:f6: 17:6d:27:39:f9:34:6c:94:21:b7:a5:33:2e:51:9a: 78:3f:89:7b:44:ae:68:6a:16:29:b9:23:2f:55:e8: e6:2e:d5:ff:9c:3a:e1:f8:5f:94:d4:74:7b:9c:7f: 95:7a:cd:cb:e3:7c:26:b3:1e:23:ef:8c:d1:95:f1: d0:ed:2e:7c:7f:cf:75:4d:9f:99:9f:3c:5a:c5:be: bb:c1:d6:89:eb:a8:f7:e8:18:31:b1:6a:4b:38:16: 23:9b:c9:4c:7e:10:7d:0b:e7:0c:f8:f1:8c:be:ec: fd:39:18:6b:95:a7:f7:ae:76:22:9b:aa:29:c2:6c: 8f:1e:e8:ec:b7:2c:ac:27:81:0e:21:94:7c:e4:85: 5c:60:e5:1e:bf:f8:91:00:a0:bc:09:0e:ee:82:73: 8d:d5:b6:51:21:41:a4:2b:10:28:74:ab:0f:72:bf: fd:16:7b:2e:c5:bd:1c:68:c0:b9:11:fd:83:22:eb: 83:6f:ea:14:9f:dc:f6:4b:4a:60:9c:40:0d:6f:46: 0f:3a:9e:68:57:62:93:32:6a:d4:7e:ca:93:fd:29: d8:d4:3a:c1:a8:f1:4b:db:60:af:57:ba:f3:98:c4: be:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:25:3A:71:9E:8A:44:FC:18:E1:05:B9:5A:A2:34:8B:5D:CE:D5:95 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/DCU6cZ6KRPwY4QW5WqI0i13O1ZU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.41.140.0/22 103.49.76.0/22 103.52.72.0-103.52.87.255 IPv6: 2403:28c0::/32 Signature Algorithm: sha256WithRSAEncryption 73:23:25:f5:87:21:5b:86:b3:43:ec:00:17:1a:d6:5d:fa:bf: b8:c3:3a:8f:58:65:92:09:c1:27:14:e3:ad:c0:e4:f0:60:e8: 52:2d:a6:e2:70:a1:c3:72:17:3b:3e:ed:c5:94:fd:f8:c0:4b: f5:a1:08:69:c1:56:64:3a:a2:02:17:10:5c:90:e5:5c:c8:c4: ee:6e:57:b4:2d:40:cb:13:40:c9:22:b8:6d:22:22:12:e9:65: 27:26:cd:a2:52:b8:8e:c0:b5:e0:20:c5:a4:ad:ba:f4:a9:00: 18:1a:d2:f0:2b:1b:e8:f4:f6:bc:a7:b4:aa:58:c1:fe:a6:0a: f3:33:58:14:ca:50:ca:5f:c0:32:96:de:7a:74:9c:60:f8:58: 47:c8:3f:98:c1:f5:b1:79:e8:4e:dd:92:12:66:24:ee:f5:59: fe:d0:6c:6e:f6:80:6c:48:d3:57:e1:db:82:e8:00:ec:10:13: c2:fd:28:be:66:a0:16:23:0e:2d:7b:97:33:42:9b:97:c3:f5: b5:a5:44:f0:af:d9:02:7d:c4:e4:b0:72:5d:08:5f:fa:71:0c: 84:cc:71:89:22:05:e7:af:f2:77:0d:f1:f1:d7:03:c1:2f:28: a3:8f:7b:7f:c7:5b:86:61:b1:48:1a:a4:bc:d8:6e:3e:ae:fc: 78:00:1a:5c -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgIDAK5rMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIwMjJaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDBDMjUzQTcxOUU4QTQ0RkMxOEUxMDVCOTVBQTIzNDhCNURDRUQ1 OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr6ucxNk2iHNMQjlNR 6x/O99uqKixEt4waBER29hdtJzn5NGyUIbelMy5Rmng/iXtErmhqFim5Iy9V6OYu 1f+cOuH4X5TUdHucf5V6zcvjfCazHiPvjNGV8dDtLnx/z3VNn5mfPFrFvrvB1onr qPfoGDGxaks4FiObyUx+EH0L5wz48Yy+7P05GGuVp/eudiKbqinCbI8e6Oy3LKwn gQ4hlHzkhVxg5R6/+JEAoLwJDu6Cc43VtlEhQaQrECh0qw9yv/0Wey7FvRxowLkR /YMi64Nv6hSf3PZLSmCcQA1vRg86nmhXYpMyatR+ypP9KdjUOsGo8UvbYK9XuvOY xL4FAgMBAAGjggJ4MIICdDAdBgNVHQ4EFgQUDCU6cZ6KRPwY4QW5WqI0i13O1ZUw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEw MDgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTAwOC9EQ1U2Y1o2S1JQd1k0UVc1V3FJMGkxM08xWlUubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCZymMAwQCZzFMMAwDBANnNEgD BANnNFAwDQQCAAIwBwMFACQDKMAwDQYJKoZIhvcNAQELBQADggEBAHMjJfWHIVuG s0PsABca1l36v7jDOo9YZZIJwScU463A5PBg6FItpuJwocNyFzs+7cWU/fjAS/Wh CGnBVmQ6ogIXEFyQ5VzIxO5uV7QtQMsTQMkiuG0iIhLpZScmzaJSuI7AteAgxaSt uvSpABga0vArG+j09ryntKpYwf6mCvMzWBTKUMpfwDKW3np0nGD4WEfIP5jB9bF5 6E7dkhJmJO71Wf7QbG72gGxI01fh24LoAOwQE8L9KL5moBYjDi17lzNCm5fD9bWl RPCv2QJ9xOSwcl0IX/pxDITMcYkiBeev8ncN8fHXA8EvKKOPe3/HW4ZhsUgapLzY bj6u/HgAGlw= -----END CERTIFICATE-----Generated at Sun May 19 10:14:56 2024 by rpki-client on console-fra.rpki-client.org