Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
File: DuhjrFcK7qH5ML6l52qufdVTgE4.cer (raw, json)
Hash identifier: oUNG4hGBsGNY0x3pP5ziCPizlJIuSL34oU6mm+5mREc=
Subject key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BB95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:51:56 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 63567
IP: 43.226.96.0/20
IP: 43.240.0.0/22
IP: 43.241.48.0/22
IP: 43.247.92.0/22
IP: 43.248.80.0/20
IP: 43.248.176.0 -- 43.248.207.255
IP: 103.37.44.0/22
IP: 103.40.12.0/22
IP: 103.45.160.0/22
IP: 103.83.72.0/22
IP: 103.87.180.0/22
IP: 103.98.140.0 -- 103.98.147.255
IP: 103.205.252.0/22
IP: 103.239.244.0/22
IP: 111.223.12.0/22
IP: 2403:3380::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48021 (0xbb95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:51:56 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c8:c5:76:34:44:03:f7:cd:4e:86:9f:61:a2:
7c:0e:0c:3e:ae:4c:a0:bf:50:92:55:80:8b:40:92:
4e:ca:e0:89:99:06:05:99:ef:a3:d3:c6:60:52:34:
c4:ad:ed:da:5b:a5:e6:d5:7a:8d:1a:48:b1:c4:15:
05:9c:3e:06:aa:52:dd:2f:1f:4c:13:55:65:57:6b:
33:d0:13:69:fa:61:47:1c:a0:23:77:5c:dc:ac:7d:
c6:05:62:4d:99:dc:56:9d:ab:44:92:9c:b7:cd:c9:
23:fc:2c:84:5c:d2:53:e7:5b:45:69:01:ad:99:43:
7f:d8:bf:96:d6:de:50:13:ee:b1:62:47:d5:fb:fe:
0d:20:4f:cd:fd:b5:3d:cf:d7:ad:fa:87:d2:3d:9e:
6d:a0:ce:88:96:7a:0d:fd:55:ca:00:72:a2:06:06:
d6:0d:26:91:6d:22:51:e9:b0:b2:7e:d4:35:95:5b:
d5:d4:0b:67:ac:78:86:e8:60:cf:1b:26:3a:9b:02:
9f:58:ee:6b:44:13:fb:07:ec:e8:9e:b0:54:fc:fc:
62:63:27:1c:5d:b4:f3:b8:93:14:6c:0c:60:fb:d6:
52:99:39:8e:85:b1:39:64:a8:8c:c2:b8:26:f1:66:
df:a3:7b:89:23:2e:f7:d8:35:48:39:62:55:5a:a0:
44:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63567
sbgp-ipAddrBlock: critical
IPv4:
43.226.96.0/20
43.240.0.0/22
43.241.48.0/22
43.247.92.0/22
43.248.80.0/20
43.248.176.0-43.248.207.255
103.37.44.0/22
103.40.12.0/22
103.45.160.0/22
103.83.72.0/22
103.87.180.0/22
103.98.140.0-103.98.147.255
103.205.252.0/22
103.239.244.0/22
111.223.12.0/22
IPv6:
2403:3380::/32
Signature Algorithm: sha256WithRSAEncryption
25:2d:53:d6:2b:36:d7:8b:68:0f:e3:36:08:7c:46:f1:e1:9a:
d8:08:1f:95:37:f4:94:8e:5d:24:2d:63:39:63:c4:7c:1f:71:
92:77:55:08:79:5c:a3:1f:11:92:73:64:3b:34:21:59:73:80:
b8:a9:1f:3c:e7:96:2f:91:6b:49:7f:df:3e:df:d5:8f:5f:a2:
02:8e:8c:fc:20:b5:24:9e:7e:af:a7:66:1a:55:c3:d6:ca:bb:
b1:97:a7:8e:d3:0f:aa:33:04:dd:9f:35:5e:5f:62:56:7e:78:
91:3d:4e:49:f9:71:dd:96:a5:11:ec:26:ea:12:9d:06:19:ad:
dc:73:b3:1f:3c:93:7f:64:e0:be:65:a7:6e:1d:bc:0b:8d:d4:
c4:2b:64:5a:6a:ce:b6:e6:0e:db:ec:42:aa:56:1a:58:8c:06:
d0:f2:7b:4a:5d:5d:be:bd:84:70:23:65:b4:8a:40:de:8a:4b:
18:d9:a5:28:10:e9:de:71:b9:55:5b:dc:47:c2:34:da:da:a0:
bb:eb:0e:b0:ce:78:1a:05:65:57:08:c0:ee:ee:40:e0:a9:a2:
dd:62:b9:da:52:51:9e:59:06:a7:b9:b3:df:7a:64:e6:c5:0a:
02:ac:8a:57:fa:3b:d9:19:c4:53:8d:a2:74:59:be:e1:66:c2:
06:a6:15:af
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgIDALuVMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUxNTZaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDBFRTg2M0FDNTcwQUVFQTFGOTMwQkVBNUU3NkFBRTdERDU1Mzgw
NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5yMV2NEQD981Ohp9h
onwODD6uTKC/UJJVgItAkk7K4ImZBgWZ76PTxmBSNMSt7dpbpebVeo0aSLHEFQWc
PgaqUt0vH0wTVWVXazPQE2n6YUccoCN3XNysfcYFYk2Z3Fadq0SSnLfNySP8LIRc
0lPnW0VpAa2ZQ3/Yv5bW3lAT7rFiR9X7/g0gT839tT3P1636h9I9nm2gzoiWeg39
VcoAcqIGBtYNJpFtIlHpsLJ+1DWVW9XUC2eseIboYM8bJjqbAp9Y7mtEE/sH7Oie
sFT8/GJjJxxdtPO4kxRsDGD71lKZOY6FsTlkqIzCuCbxZt+je4kjLvfYNUg5YlVa
oET3AgMBAAGjggLlMIIC4TAdBgNVHQ4EFgQUDuhjrFcK7qH5ML6l52qufdVTgE4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzg5
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC84OTAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA+E8wgZQGCCsGAQUFBwEHAQH/BIGEMIGB
MHAEAgABMGoDBAQr4mADBAIr8AADBAIr8TADBAIr91wDBAQr+FAwDAMEBCv4sAME
BCv4wAMEAmclLAMEAmcoDAMEAmctoAMEAmdTSAMEAmdXtDAMAwQCZ2KMAwQCZ2KQ
AwQCZ838AwQCZ+/0AwQCb98MMA0EAgACMAcDBQAkAzOAMA0GCSqGSIb3DQEBCwUA
A4IBAQAlLVPWKzbXi2gP4zYIfEbx4ZrYCB+VN/SUjl0kLWM5Y8R8H3GSd1UIeVyj
HxGSc2Q7NCFZc4C4qR8855YvkWtJf98+39WPX6ICjoz8ILUknn6vp2YaVcPWyrux
l6eO0w+qMwTdnzVeX2JWfniRPU5J+XHdlqUR7CbqEp0GGa3cc7MfPJN/ZOC+Zadu
HbwLjdTEK2Raas625g7b7EKqVhpYjAbQ8ntKXV2+vYRwI2W0ikDeiksY2aUoEOne
cblVW9xHwjTa2qC76w6wzngaBWVXCMDu7kDgqaLdYrnaUlGeWQanubPfemTmxQoC
rIpX+jvZGcRTjaJ0Wb7hZsIGphWv
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:26 2024 by rpki-client on console-ams.rpki-client.org