$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/H4HG-W0BkJkB20LNehLnmKk_Trc.cer File: H4HG-W0BkJkB20LNehLnmKk_Trc.cer (raw, json) Hash identifier: Qh8QAzc3TyjENNTMsBsWctPiVN2ZfTKjLak9zCywsCY= Subject key identifier: 1F:81:C6:F9:6D:01:90:99:01:DB:42:CD:7A:12:E7:98:A9:3F:4E:B7 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AF5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/H4HG-W0BkJkB20LNehLnmKk_Trc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:23:51 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 103.156.174.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 05:56:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44893 (0xaf5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:23:51 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1F81C6F96D01909901DB42CD7A12E798A93F4EB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:09:8d:2d:b4:3d:5b:15:aa:2c:1c:52:eb:92: 31:d7:8b:50:c4:ab:6c:27:6e:cd:a5:49:c2:c3:12: 8c:7e:48:cf:f2:e1:34:ee:f0:1f:64:98:70:4f:45: 2d:95:1f:2d:1f:b1:93:d0:04:31:50:25:1d:03:20: 47:64:61:13:05:77:33:fc:4b:35:34:97:6b:01:dd: bb:ca:1a:eb:f9:c6:b4:61:63:d8:20:73:fc:fc:4c: a4:2f:c4:16:95:4c:6d:06:96:75:91:65:ab:01:6a: bf:fc:72:85:b7:ff:3b:73:65:8a:e5:60:53:70:4a: d3:99:bf:65:c4:d3:77:91:cf:6e:8f:2d:ef:b0:cd: b0:58:57:ec:fa:f9:28:67:f5:f2:b6:b9:2d:3e:ca: 0e:ce:c6:f7:4b:9d:30:27:d5:7b:4e:50:bb:ec:4f: 01:8c:66:37:4e:fb:63:c1:56:a1:53:e5:ea:b5:7a: dd:6f:36:11:c3:27:be:71:d7:5c:94:d4:42:31:c8: 5a:24:63:3f:c1:fe:c4:35:51:2d:08:c5:c9:fb:e8: 90:fd:b9:d6:67:5d:7c:ee:cd:b9:a8:e0:c5:c1:86: 86:0b:79:af:0a:ee:2a:72:af:42:1e:75:18:53:d1: 3d:a9:53:f8:d4:39:34:0b:35:d8:5e:e1:70:96:01: 1c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:81:C6:F9:6D:01:90:99:01:DB:42:CD:7A:12:E7:98:A9:3F:4E:B7 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/H4HG-W0BkJkB20LNehLnmKk_Trc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.156.174.0/23 Signature Algorithm: sha256WithRSAEncryption ab:fb:1e:70:c6:16:90:05:f9:ad:9b:5d:7d:4c:8f:ef:a2:46: e1:ad:f5:f0:d9:c3:1a:28:f6:e0:d4:51:2e:60:c9:e6:22:48: 82:b3:b8:45:3f:9b:46:f7:c7:25:3a:02:5d:59:a3:34:c0:5a: e6:2b:91:f4:f7:8f:ea:8b:71:bf:34:3a:dc:8c:b7:f5:f6:65: 07:fd:27:9c:29:00:46:99:bc:36:c7:e4:bd:c8:eb:1e:c5:76: ae:db:18:7a:b5:48:4f:dc:b7:ba:58:68:ef:7c:69:75:4b:70: 06:7c:12:0e:70:c2:07:49:ad:3d:33:54:7f:01:85:19:70:30: d9:ab:b8:a9:d2:c1:1f:e9:49:b7:97:f9:07:3e:21:0e:bd:a0: 1d:bf:7d:a2:bf:5c:19:36:3a:d0:d4:58:66:b6:24:52:bb:ec: 9b:e9:19:ff:3c:df:ff:aa:7a:ad:7a:cb:0f:95:b4:f2:9f:67: f7:9c:8a:cf:18:6d:16:73:f3:f7:b1:09:91:22:c2:f2:a3:f6: 8d:b4:35:9d:ce:1c:57:92:a1:d1:6c:fe:2f:47:e5:66:ab:6f: 43:28:f3:08:d5:b7:30:21:0d:5c:0c:62:68:a0:6d:86:f8:92: fd:1a:72:ab:aa:f9:bb:da:65:51:70:f2:0e:75:4d:77:27:6a: a1:85:da:f1 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAK9dMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIzNTFaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDFGODFDNkY5NkQwMTkwOTkwMURCNDJDRDdBMTJFNzk4QTkzRjRF QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+CY0ttD1bFaosHFLr kjHXi1DEq2wnbs2lScLDEox+SM/y4TTu8B9kmHBPRS2VHy0fsZPQBDFQJR0DIEdk YRMFdzP8SzU0l2sB3bvKGuv5xrRhY9ggc/z8TKQvxBaVTG0GlnWRZasBar/8coW3 /ztzZYrlYFNwStOZv2XE03eRz26PLe+wzbBYV+z6+Shn9fK2uS0+yg7OxvdLnTAn 1XtOULvsTwGMZjdO+2PBVqFT5eq1et1vNhHDJ75x11yU1EIxyFokYz/B/sQ1US0I xcn76JD9udZnXXzuzbmo4MXBhoYLea8K7ipyr0IedRhT0T2pU/jUOTQLNdhe4XCW ARzxAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUH4HG+W0BkJkB20LNehLnmKk/Trcw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw MjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzAyMy9INEhHLVcwQmtKa0IyMExOZWhMbm1La19UcmMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5yuMA0GCSqGSIb3DQEBCwUA A4IBAQCr+x5wxhaQBfmtm119TI/vokbhrfXw2cMaKPbg1FEuYMnmIkiCs7hFP5tG 98clOgJdWaM0wFrmK5H094/qi3G/NDrcjLf19mUH/SecKQBGmbw2x+S9yOsexXau 2xh6tUhP3Le6WGjvfGl1S3AGfBIOcMIHSa09M1R/AYUZcDDZq7ip0sEf6Um3l/kH PiEOvaAdv32iv1wZNjrQ1FhmtiRSu+yb6Rn/PN//qnqtessPlbTyn2f3nIrPGG0W c/P3sQmRIsLyo/aNtDWdzhxXkqHRbP4vR+Vmq29DKPMI1bcwIQ1cDGJooG2G+JL9 GnKrqvm72mVRcPIOdU13J2qhhdrx -----END CERTIFICATE-----Generated at Mon May 20 00:17:33 2024 by rpki-client on console-fra.rpki-client.org