$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/GNOMXLFLfmfU5pKTTsqs4rwzZes.cer File: GNOMXLFLfmfU5pKTTsqs4rwzZes.cer (raw, json) Hash identifier: CW0m7M77ueTC5KYZTJYfH61aBx9WPzcpq01xkP+T50I= Subject key identifier: 18:D3:8C:5C:B1:4B:7E:67:D4:E6:92:93:4E:CA:AC:E2:BC:33:65:EB Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AF85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/GNOMXLFLfmfU5pKTTsqs4rwzZes.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:24:24 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 103.60.228.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 May 2024 15:25:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44933 (0xaf85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:24:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=18D38C5CB14B7E67D4E692934ECAACE2BC3365EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1f:68:a4:2e:9a:55:2e:9e:e7:98:72:ec:ca: 4e:9a:d1:5f:18:55:ff:24:39:74:55:8d:96:da:82: 1e:42:c0:f0:ee:13:7f:da:45:14:76:d1:13:89:d0: ee:b8:10:0a:00:dd:86:47:ca:60:e9:be:0b:b0:c1: e3:43:09:a0:f3:e0:75:a8:b1:7f:07:5f:4b:e9:33: 75:f1:a5:c9:05:09:a9:77:4b:8b:d3:93:72:6d:33: b6:44:e0:19:de:db:5e:14:69:c6:cb:6f:6f:17:40: da:3a:e7:58:3c:4e:cd:cb:80:d4:45:d1:70:97:29: e0:4a:3c:f6:fd:35:89:18:20:d7:a6:9f:5d:46:64: 95:01:4b:73:03:1f:21:cf:fa:e2:d3:ff:e6:8d:3a: 79:fa:c0:24:fc:7c:35:4c:cd:5c:07:0b:9d:56:a5: 14:4f:61:15:cc:98:7b:0e:49:65:1a:bb:70:3f:a1: 28:0c:78:d6:3b:3d:61:98:31:34:84:b0:3e:bd:fe: 83:80:7d:de:f8:74:d9:f1:b1:94:1a:a2:c0:7e:2b: 79:99:7e:0d:54:c2:61:1a:c7:ac:28:57:75:6b:7f: dd:b0:d1:b5:4c:5a:a3:4a:d5:dd:92:19:21:71:79: 1e:c7:82:96:bb:48:fd:b1:93:69:94:8d:94:d3:83: 5b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D3:8C:5C:B1:4B:7E:67:D4:E6:92:93:4E:CA:AC:E2:BC:33:65:EB X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/GNOMXLFLfmfU5pKTTsqs4rwzZes.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.60.228.0/22 Signature Algorithm: sha256WithRSAEncryption b1:e9:9e:83:4a:24:38:fa:a6:83:a9:54:f9:1f:c9:34:5a:d9: 0e:e3:47:6a:d8:d9:0e:3e:e3:54:5f:47:05:c8:f9:0a:64:bb: fe:42:81:d5:ec:82:3b:04:26:20:21:86:0d:ac:71:fd:e8:6b: b0:41:d5:f4:cc:ad:4e:a5:b0:f2:b1:54:d6:0a:58:b6:61:70: e2:d1:52:8f:aa:ce:8b:a4:30:56:ae:0e:c3:d5:c5:61:86:9e: 8d:99:22:51:f5:0c:8c:1e:5a:55:58:a8:d2:5c:f1:c2:60:46: b2:7a:e2:88:a4:86:21:87:c0:62:bc:4b:3d:79:bf:a9:e4:f0: ae:2a:d1:66:c4:3a:d4:02:3f:ae:74:57:11:55:e2:44:c7:7e: 3d:ed:89:1b:1d:99:ea:17:fb:d3:aa:ab:c9:68:6e:01:ab:52: 98:a1:ab:b8:72:48:50:ad:22:05:1d:03:e4:a7:9d:a4:86:6e: cc:f9:52:5b:e7:cc:02:77:93:97:9c:1f:11:6e:a3:3d:8d:55: 15:df:13:c9:37:4f:02:6c:c2:93:12:2c:43:c4:53:5d:fe:1e: aa:88:ba:2f:1c:ac:e2:5e:98:e8:35:1c:d5:21:2b:92:cf:7e: e0:83:91:bc:f3:80:99:b4:55:aa:41:5f:53:ae:7f:fe:47:46: 37:c4:69:2c -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAK+FMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTI0MjRaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDE4RDM4QzVDQjE0QjdFNjdENEU2OTI5MzRFQ0FBQ0UyQkMzMzY1 RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCH2ikLppVLp7nmHLs yk6a0V8YVf8kOXRVjZbagh5CwPDuE3/aRRR20ROJ0O64EAoA3YZHymDpvguwweND CaDz4HWosX8HX0vpM3XxpckFCal3S4vTk3JtM7ZE4Bne214UacbLb28XQNo651g8 Ts3LgNRF0XCXKeBKPPb9NYkYINemn11GZJUBS3MDHyHP+uLT/+aNOnn6wCT8fDVM zVwHC51WpRRPYRXMmHsOSWUau3A/oSgMeNY7PWGYMTSEsD69/oOAfd74dNnxsZQa osB+K3mZfg1UwmEax6woV3Vrf92w0bVMWqNK1d2SGSFxeR7Hgpa7SP2xk2mUjZTT g1uvAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUGNOMXLFLfmfU5pKTTsqs4rwzZesw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEy MzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTIzMC9HTk9NWExGTGZtZlU1cEtUVHNxczRyd3paZXMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZzzkMA0GCSqGSIb3DQEBCwUA A4IBAQCx6Z6DSiQ4+qaDqVT5H8k0WtkO40dq2NkOPuNUX0cFyPkKZLv+QoHV7II7 BCYgIYYNrHH96GuwQdX0zK1OpbDysVTWCli2YXDi0VKPqs6LpDBWrg7D1cVhhp6N mSJR9QyMHlpVWKjSXPHCYEayeuKIpIYhh8BivEs9eb+p5PCuKtFmxDrUAj+udFcR VeJEx3497YkbHZnqF/vTqqvJaG4Bq1KYoau4ckhQrSIFHQPkp52khm7M+VJb58wC d5OXnB8RbqM9jVUV3xPJN08CbMKTEixDxFNd/h6qiLovHKziXpjoNRzVISuSz37g g5G884CZtFWqQV9Trn/+R0Y3xGks -----END CERTIFICATE-----Generated at Sat May 18 09:57:57 2024 by rpki-client on console-fra.rpki-client.org