Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
File: DuhjrFcK7qH5ML6l52qufdVTgE4.cer (raw, json)
Hash identifier: 9D7KKin+65TdENEAnqr7ykuQnBmvouOnKV2L696dHLA=
Subject key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AEF5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:21:58 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 63567
IP: 43.226.96.0/20
IP: 43.240.0.0/22
IP: 43.241.48.0/22
IP: 43.247.92.0/22
IP: 43.248.80.0/20
IP: 43.248.176.0 -- 43.248.207.255
IP: 103.37.44.0/22
IP: 103.40.12.0/22
IP: 103.45.160.0/22
IP: 103.83.72.0/22
IP: 103.87.180.0/22
IP: 103.98.140.0 -- 103.98.147.255
IP: 103.205.252.0/22
IP: 103.239.244.0/22
IP: 111.223.12.0/22
IP: 2403:3380::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 00:56:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44789 (0xaef5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:21:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c8:c5:76:34:44:03:f7:cd:4e:86:9f:61:a2:
7c:0e:0c:3e:ae:4c:a0:bf:50:92:55:80:8b:40:92:
4e:ca:e0:89:99:06:05:99:ef:a3:d3:c6:60:52:34:
c4:ad:ed:da:5b:a5:e6:d5:7a:8d:1a:48:b1:c4:15:
05:9c:3e:06:aa:52:dd:2f:1f:4c:13:55:65:57:6b:
33:d0:13:69:fa:61:47:1c:a0:23:77:5c:dc:ac:7d:
c6:05:62:4d:99:dc:56:9d:ab:44:92:9c:b7:cd:c9:
23:fc:2c:84:5c:d2:53:e7:5b:45:69:01:ad:99:43:
7f:d8:bf:96:d6:de:50:13:ee:b1:62:47:d5:fb:fe:
0d:20:4f:cd:fd:b5:3d:cf:d7:ad:fa:87:d2:3d:9e:
6d:a0:ce:88:96:7a:0d:fd:55:ca:00:72:a2:06:06:
d6:0d:26:91:6d:22:51:e9:b0:b2:7e:d4:35:95:5b:
d5:d4:0b:67:ac:78:86:e8:60:cf:1b:26:3a:9b:02:
9f:58:ee:6b:44:13:fb:07:ec:e8:9e:b0:54:fc:fc:
62:63:27:1c:5d:b4:f3:b8:93:14:6c:0c:60:fb:d6:
52:99:39:8e:85:b1:39:64:a8:8c:c2:b8:26:f1:66:
df:a3:7b:89:23:2e:f7:d8:35:48:39:62:55:5a:a0:
44:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63567
sbgp-ipAddrBlock: critical
IPv4:
43.226.96.0/20
43.240.0.0/22
43.241.48.0/22
43.247.92.0/22
43.248.80.0/20
43.248.176.0-43.248.207.255
103.37.44.0/22
103.40.12.0/22
103.45.160.0/22
103.83.72.0/22
103.87.180.0/22
103.98.140.0-103.98.147.255
103.205.252.0/22
103.239.244.0/22
111.223.12.0/22
IPv6:
2403:3380::/32
Signature Algorithm: sha256WithRSAEncryption
3d:3e:b3:31:0b:8b:52:93:15:f4:03:44:d3:00:a0:6f:db:c9:
4b:1f:2c:ed:3f:14:0b:e3:cb:80:3d:c3:85:20:3c:0c:61:f6:
bc:da:62:2e:a3:dc:74:8c:a2:95:68:c0:aa:ef:60:ed:a4:42:
72:e5:c8:b3:06:aa:90:08:80:0e:5e:fb:89:0a:54:aa:96:35:
e8:0b:e2:35:56:ea:dc:1f:ec:12:24:74:b1:64:13:b3:e7:d1:
9a:70:05:af:08:6a:ef:52:db:c5:f8:e0:4b:03:c1:48:95:1f:
4a:d1:c2:a5:fb:0b:fb:a9:c1:3b:5f:8f:44:74:a3:4c:d1:63:
69:c7:64:85:6f:b7:c3:83:f3:2c:b8:69:ac:13:75:65:63:16:
ab:51:f1:c7:b2:3b:73:62:6d:5b:46:9b:4f:53:a2:92:6f:aa:
5d:4d:64:a5:49:21:66:59:a2:43:20:14:00:9f:cb:14:84:99:
a9:0a:00:05:dd:6b:0a:f8:aa:d7:93:8c:11:55:0e:ad:87:3a:
f1:4b:e1:b8:b5:d6:0c:76:cf:36:ee:c3:c7:92:d8:67:ea:e6:
a7:ae:40:96:5f:5e:28:b3:9d:26:48:1b:93:96:2f:b1:41:5f:
56:3b:81:80:62:fd:3b:5c:5e:c2:3b:ad:0f:ff:54:16:83:87:
83:8e:56:69
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgIDAK71MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIxNThaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDBFRTg2M0FDNTcwQUVFQTFGOTMwQkVBNUU3NkFBRTdERDU1Mzgw
NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5yMV2NEQD981Ohp9h
onwODD6uTKC/UJJVgItAkk7K4ImZBgWZ76PTxmBSNMSt7dpbpebVeo0aSLHEFQWc
PgaqUt0vH0wTVWVXazPQE2n6YUccoCN3XNysfcYFYk2Z3Fadq0SSnLfNySP8LIRc
0lPnW0VpAa2ZQ3/Yv5bW3lAT7rFiR9X7/g0gT839tT3P1636h9I9nm2gzoiWeg39
VcoAcqIGBtYNJpFtIlHpsLJ+1DWVW9XUC2eseIboYM8bJjqbAp9Y7mtEE/sH7Oie
sFT8/GJjJxxdtPO4kxRsDGD71lKZOY6FsTlkqIzCuCbxZt+je4kjLvfYNUg5YlVa
oET3AgMBAAGjggLlMIIC4TAdBgNVHQ4EFgQUDuhjrFcK7qH5ML6l52qufdVTgE4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzg5
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC84OTAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA+E8wgZQGCCsGAQUFBwEHAQH/BIGEMIGB
MHAEAgABMGoDBAQr4mADBAIr8AADBAIr8TADBAIr91wDBAQr+FAwDAMEBCv4sAME
BCv4wAMEAmclLAMEAmcoDAMEAmctoAMEAmdTSAMEAmdXtDAMAwQCZ2KMAwQCZ2KQ
AwQCZ838AwQCZ+/0AwQCb98MMA0EAgACMAcDBQAkAzOAMA0GCSqGSIb3DQEBCwUA
A4IBAQA9PrMxC4tSkxX0A0TTAKBv28lLHyztPxQL48uAPcOFIDwMYfa82mIuo9x0
jKKVaMCq72DtpEJy5cizBqqQCIAOXvuJClSqljXoC+I1VurcH+wSJHSxZBOz59Ga
cAWvCGrvUtvF+OBLA8FIlR9K0cKl+wv7qcE7X49EdKNM0WNpx2SFb7fDg/MsuGms
E3VlYxarUfHHsjtzYm1bRptPU6KSb6pdTWSlSSFmWaJDIBQAn8sUhJmpCgAF3WsK
+KrXk4wRVQ6thzrxS+G4tdYMds827sPHkthn6uanrkCWX14os50mSBuTli+xQV9W
O4GAYv07XF7CO60P/1QWg4eDjlZp
-----END CERTIFICATE-----
Generated at Sun May 19 19:43:01 2024 by rpki-client on console-ams.rpki-client.org