Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
File: DuhjrFcK7qH5ML6l52qufdVTgE4.cer (raw, json)
Hash identifier: NkS9/BEzHJDayCmgL0rE+pTznI8iOSipLEfSo/23XPk=
Subject key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: C788
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 21 Mar 2025 02:57:27 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 63567
IP: 43.226.96.0/20
IP: 43.240.0.0/22
IP: 43.241.48.0/22
IP: 43.247.92.0/22
IP: 43.248.192.0/20
IP: 103.37.44.0/22
IP: 103.40.12.0/22
IP: 103.45.160.0/22
IP: 103.83.72.0/22
IP: 103.205.252.0/22
IP: 103.239.244.0/22
IP: 111.223.12.0/22
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51080 (0xc788)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Mar 21 02:57:27 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c8:c5:76:34:44:03:f7:cd:4e:86:9f:61:a2:
7c:0e:0c:3e:ae:4c:a0:bf:50:92:55:80:8b:40:92:
4e:ca:e0:89:99:06:05:99:ef:a3:d3:c6:60:52:34:
c4:ad:ed:da:5b:a5:e6:d5:7a:8d:1a:48:b1:c4:15:
05:9c:3e:06:aa:52:dd:2f:1f:4c:13:55:65:57:6b:
33:d0:13:69:fa:61:47:1c:a0:23:77:5c:dc:ac:7d:
c6:05:62:4d:99:dc:56:9d:ab:44:92:9c:b7:cd:c9:
23:fc:2c:84:5c:d2:53:e7:5b:45:69:01:ad:99:43:
7f:d8:bf:96:d6:de:50:13:ee:b1:62:47:d5:fb:fe:
0d:20:4f:cd:fd:b5:3d:cf:d7:ad:fa:87:d2:3d:9e:
6d:a0:ce:88:96:7a:0d:fd:55:ca:00:72:a2:06:06:
d6:0d:26:91:6d:22:51:e9:b0:b2:7e:d4:35:95:5b:
d5:d4:0b:67:ac:78:86:e8:60:cf:1b:26:3a:9b:02:
9f:58:ee:6b:44:13:fb:07:ec:e8:9e:b0:54:fc:fc:
62:63:27:1c:5d:b4:f3:b8:93:14:6c:0c:60:fb:d6:
52:99:39:8e:85:b1:39:64:a8:8c:c2:b8:26:f1:66:
df:a3:7b:89:23:2e:f7:d8:35:48:39:62:55:5a:a0:
44:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63567
sbgp-ipAddrBlock: critical
IPv4:
43.226.96.0/20
43.240.0.0/22
43.241.48.0/22
43.247.92.0/22
43.248.192.0/20
103.37.44.0/22
103.40.12.0/22
103.45.160.0/22
103.83.72.0/22
103.205.252.0/22
103.239.244.0/22
111.223.12.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:d9:2d:08:69:fd:a8:94:19:98:7e:94:71:5b:11:53:d3:5b:
8a:96:b7:89:bd:1c:34:49:ba:b0:fb:aa:f6:32:ae:86:54:0f:
59:c7:d1:e2:b7:e6:a1:96:d9:c6:42:35:7c:e3:88:82:1e:61:
c9:ce:7e:0d:75:be:79:f0:d6:9d:38:30:da:67:f9:d3:09:b4:
e1:64:16:0c:0a:ec:83:72:71:0d:88:28:0a:62:16:78:10:03:
80:53:0d:44:c3:34:b6:96:a8:0a:f1:43:d1:11:e8:0f:6e:c6:
67:44:30:20:95:5e:23:6a:3d:dc:4f:c8:34:21:ec:cb:ef:17:
2b:e4:56:af:8e:a5:0c:57:39:ac:19:9b:dc:85:e8:57:8e:87:
73:9e:59:a1:58:07:16:d1:c4:4d:96:4a:b6:9b:88:ee:55:7d:
90:d2:18:cd:f1:2e:6e:2e:21:3a:cc:ca:9d:04:31:de:36:73:
8f:98:ce:e6:a2:0c:50:26:9a:17:e0:ea:18:47:e7:7a:d8:06:
db:5e:e9:01:1f:25:49:6d:4c:3b:f1:1b:10:b0:60:d9:98:d2:
d7:94:2d:57:1a:8f:51:3d:b5:4b:10:18:49:23:83:ed:20:79:
d5:df:80:c7:f0:45:1b:bc:1f:c3:72:52:43:4f:a6:25:de:86:
c2:86:6c:ae
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIDAMeIMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTAzMjEwMjU3MjdaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDBFRTg2M0FDNTcwQUVFQTFGOTMwQkVBNUU3NkFBRTdERDU1Mzgw
NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5yMV2NEQD981Ohp9h
onwODD6uTKC/UJJVgItAkk7K4ImZBgWZ76PTxmBSNMSt7dpbpebVeo0aSLHEFQWc
PgaqUt0vH0wTVWVXazPQE2n6YUccoCN3XNysfcYFYk2Z3Fadq0SSnLfNySP8LIRc
0lPnW0VpAa2ZQ3/Yv5bW3lAT7rFiR9X7/g0gT839tT3P1636h9I9nm2gzoiWeg39
VcoAcqIGBtYNJpFtIlHpsLJ+1DWVW9XUC2eseIboYM8bJjqbAp9Y7mtEE/sH7Oie
sFT8/GJjJxxdtPO4kxRsDGD71lKZOY6FsTlkqIzCuCbxZt+je4kjLvfYNUg5YlVa
oET3AgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUDuhjrFcK7qH5ML6l52qufdVTgE4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzg5
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC84OTAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA+E8wYQYIKwYBBQUHAQcBAf8EUjBQME4E
AgABMEgDBAQr4mADBAIr8AADBAIr8TADBAIr91wDBAQr+MADBAJnJSwDBAJnKAwD
BAJnLaADBAJnU0gDBAJnzfwDBAJn7/QDBAJv3wwwDQYJKoZIhvcNAQELBQADggEB
AB3ZLQhp/aiUGZh+lHFbEVPTW4qWt4m9HDRJurD7qvYyroZUD1nH0eK35qGW2cZC
NXzjiIIeYcnOfg11vnnw1p04MNpn+dMJtOFkFgwK7INycQ2IKApiFngQA4BTDUTD
NLaWqArxQ9ER6A9uxmdEMCCVXiNqPdxPyDQh7MvvFyvkVq+OpQxXOawZm9yF6FeO
h3OeWaFYBxbRxE2WSrabiO5VfZDSGM3xLm4uITrMyp0EMd42c4+YzuaiDFAmmhfg
6hhH53rYBtte6QEfJUltTDvxGxCwYNmY0teULVcaj1E9tUsQGEkjg+0gedXfgMfw
RRu8H8NyUkNPpiXehsKGbK4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:17:48 2025 by rpki-client