$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/GNOMXLFLfmfU5pKTTsqs4rwzZes.cer File: GNOMXLFLfmfU5pKTTsqs4rwzZes.cer (raw, json) Hash identifier: +YaL38+qReEs+eF++BoxqOCFDByRKEEcaupL2wphtcM= Subject key identifier: 18:D3:8C:5C:B1:4B:7E:67:D4:E6:92:93:4E:CA:AC:E2:BC:33:65:EB Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BCB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/GNOMXLFLfmfU5pKTTsqs4rwzZes.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:57:18 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.60.228.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48309 (0xbcb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:57:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=18D38C5CB14B7E67D4E692934ECAACE2BC3365EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1f:68:a4:2e:9a:55:2e:9e:e7:98:72:ec:ca: 4e:9a:d1:5f:18:55:ff:24:39:74:55:8d:96:da:82: 1e:42:c0:f0:ee:13:7f:da:45:14:76:d1:13:89:d0: ee:b8:10:0a:00:dd:86:47:ca:60:e9:be:0b:b0:c1: e3:43:09:a0:f3:e0:75:a8:b1:7f:07:5f:4b:e9:33: 75:f1:a5:c9:05:09:a9:77:4b:8b:d3:93:72:6d:33: b6:44:e0:19:de:db:5e:14:69:c6:cb:6f:6f:17:40: da:3a:e7:58:3c:4e:cd:cb:80:d4:45:d1:70:97:29: e0:4a:3c:f6:fd:35:89:18:20:d7:a6:9f:5d:46:64: 95:01:4b:73:03:1f:21:cf:fa:e2:d3:ff:e6:8d:3a: 79:fa:c0:24:fc:7c:35:4c:cd:5c:07:0b:9d:56:a5: 14:4f:61:15:cc:98:7b:0e:49:65:1a:bb:70:3f:a1: 28:0c:78:d6:3b:3d:61:98:31:34:84:b0:3e:bd:fe: 83:80:7d:de:f8:74:d9:f1:b1:94:1a:a2:c0:7e:2b: 79:99:7e:0d:54:c2:61:1a:c7:ac:28:57:75:6b:7f: dd:b0:d1:b5:4c:5a:a3:4a:d5:dd:92:19:21:71:79: 1e:c7:82:96:bb:48:fd:b1:93:69:94:8d:94:d3:83: 5b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D3:8C:5C:B1:4B:7E:67:D4:E6:92:93:4E:CA:AC:E2:BC:33:65:EB X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/GNOMXLFLfmfU5pKTTsqs4rwzZes.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.60.228.0/22 Signature Algorithm: sha256WithRSAEncryption 50:24:38:52:73:14:c2:a6:59:be:0c:ae:40:bf:a9:46:09:ad: 7c:b7:20:8f:94:b7:bf:63:ec:7a:8b:12:ef:04:4d:c8:09:da: a0:35:97:7c:3f:c2:b0:66:fa:92:74:05:e8:a1:f6:35:58:9d: 36:1e:24:75:6f:b2:ce:0b:dd:3e:10:e1:51:65:e6:21:1d:9a: 0d:8b:fb:4e:25:d8:1f:4a:93:74:31:28:3a:02:6f:b6:e7:0d: e0:48:66:d6:1f:69:56:4d:72:c9:76:51:11:f9:65:46:49:75: b9:0b:57:ed:0c:bf:07:62:40:91:a6:91:49:21:88:c2:88:d2: 7d:e4:0d:93:66:e3:05:21:b7:25:ef:e3:87:ec:24:f3:fe:3d: c1:d4:5e:89:b6:74:8c:c8:cb:23:b3:b7:fc:24:a8:d2:69:9f: a8:8d:b3:8e:92:4c:7f:4f:85:33:90:69:0e:b5:21:18:73:da: 6a:01:c0:64:d8:e4:ab:96:7a:eb:8f:6c:37:53:f2:4b:18:01: 78:52:6a:5a:d9:94:1c:a4:42:36:27:19:42:e5:1e:42:99:41: c4:50:27:91:28:d1:66:0a:70:cd:9b:2f:97:de:47:95:d9:0f: 32:2c:a5:21:27:c5:95:ba:8f:18:55:92:b4:60:24:a6:29:45: 96:44:0d:15 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALy1MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU3MThaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDE4RDM4QzVDQjE0QjdFNjdENEU2OTI5MzRFQ0FBQ0UyQkMzMzY1 RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCH2ikLppVLp7nmHLs yk6a0V8YVf8kOXRVjZbagh5CwPDuE3/aRRR20ROJ0O64EAoA3YZHymDpvguwweND CaDz4HWosX8HX0vpM3XxpckFCal3S4vTk3JtM7ZE4Bne214UacbLb28XQNo651g8 Ts3LgNRF0XCXKeBKPPb9NYkYINemn11GZJUBS3MDHyHP+uLT/+aNOnn6wCT8fDVM zVwHC51WpRRPYRXMmHsOSWUau3A/oSgMeNY7PWGYMTSEsD69/oOAfd74dNnxsZQa osB+K3mZfg1UwmEax6woV3Vrf92w0bVMWqNK1d2SGSFxeR7Hgpa7SP2xk2mUjZTT g1uvAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUGNOMXLFLfmfU5pKTTsqs4rwzZesw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEy MzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTIzMC9HTk9NWExGTGZtZlU1cEtUVHNxczRyd3paZXMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZzzkMA0GCSqGSIb3DQEBCwUA A4IBAQBQJDhScxTCplm+DK5Av6lGCa18tyCPlLe/Y+x6ixLvBE3ICdqgNZd8P8Kw ZvqSdAXoofY1WJ02HiR1b7LOC90+EOFRZeYhHZoNi/tOJdgfSpN0MSg6Am+25w3g SGbWH2lWTXLJdlER+WVGSXW5C1ftDL8HYkCRppFJIYjCiNJ95A2TZuMFIbcl7+OH 7CTz/j3B1F6JtnSMyMsjs7f8JKjSaZ+ojbOOkkx/T4UzkGkOtSEYc9pqAcBk2OSr lnrrj2w3U/JLGAF4Umpa2ZQcpEI2JxlC5R5CmUHEUCeRKNFmCnDNmy+X3keV2Q8y LKUhJ8WVuo8YVZK0YCSmKUWWRA0V -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:25 2024 by rpki-client on console-fra.rpki-client.org