$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer File: HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer (raw, json) Hash identifier: yUCzKieEoO+R1xmrmZZQ9rQrNm4HlMgcmGpMYJqwuvM= Subject key identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3787 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:48:28 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 157.10.130.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14215 (0x3787) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Sep 27 02:48:28 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1E099E05E6C1A101EF057912FBC133F170DEE0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:ec:8c:27:2d:bd:d8:dd:41:24:67:7e:97: 13:8f:b3:d8:a2:4a:bb:6a:6f:8c:dd:38:e9:98:c4: b7:10:d1:28:6b:c8:a8:d2:5e:fa:d1:ad:97:c9:c8: db:5b:e8:d6:86:c3:24:05:58:b2:d6:b8:6f:71:66: 9b:b1:41:3c:2b:d9:38:b6:7c:fb:90:61:4b:a9:4e: 0c:ba:f9:01:ec:ac:3f:c6:fa:e3:b5:98:5f:4f:e3: 31:39:2c:a6:cf:fa:c6:b6:e0:b7:34:6b:9c:d1:66: cb:54:2c:7a:ac:2f:f9:aa:ba:02:6b:9f:43:1d:9d: 2d:d1:96:fe:55:34:a4:29:20:ab:9a:3a:d9:b1:a9: e7:ba:21:cf:d6:f5:a9:ad:41:f9:4c:e4:11:8d:70: 64:cb:b9:09:8f:95:1e:d5:cd:6d:28:0c:ca:82:b5: 53:6c:3c:85:57:8e:c4:9b:80:e2:f1:3c:2b:9a:2e: ca:04:43:9d:49:e7:14:9a:c6:9d:27:d9:cf:ae:3e: 19:1a:31:0c:7c:42:c9:2c:8d:2a:d0:77:9b:82:97: 12:6d:b9:4a:94:60:0c:25:30:9b:15:5a:3b:73:e0: f5:cd:51:f4:a5:0b:32:87:19:35:a6:1d:50:7b:9a: dc:4e:86:09:20:cc:bf:ff:0b:e7:d5:f9:70:94:db: ff:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.130.0/23 Signature Algorithm: sha256WithRSAEncryption 3a:ad:26:d0:b9:f3:ae:d7:64:6c:60:28:36:06:5c:cf:57:bf: d7:8f:d0:82:80:9c:a0:a0:01:4d:25:f5:33:57:4e:3d:96:eb: 81:78:8a:3a:08:35:5c:ed:92:1b:39:2c:4b:8c:e5:13:b2:07: dc:2f:45:e6:3e:54:af:d7:c9:ba:a3:34:52:5a:46:7a:c5:14: 66:5c:65:f8:c4:1a:d3:8e:25:2e:97:9d:33:30:73:0a:5b:02: 6f:29:2c:d9:3d:c0:90:67:f9:9e:5c:ee:38:53:f6:f2:a2:27: d2:3d:fb:af:5b:00:96:c9:df:6e:69:60:a2:96:60:c8:34:e3: 4b:fb:44:b4:42:e5:c5:d8:de:38:db:3d:97:66:ef:bf:82:a7: dc:cb:27:9f:65:c3:a1:8d:02:b6:4c:28:97:6b:5d:2a:b7:2a: 6f:d1:49:39:d7:cd:56:c8:72:6b:e5:dc:fb:a4:fc:2e:53:d7: ab:8a:0c:91:41:98:e7:b1:3d:1b:92:93:cb:73:5e:17:c6:bb: 81:dd:08:2f:c6:f3:94:b2:51:f5:48:53:9d:a2:15:37:f7:93: a2:41:ae:61:2d:ad:7d:f2:a7:cc:33:20:14:6e:88:cf:5f:0d: 3e:25:52:8b:5f:2a:3c:4b:4a:8a:6b:e8:c1:4b:2a:d7:db:77: b6:d6:af:e1 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICN4cwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNDgyOFoXDTI1MDkyNzAyNDAxNFowMzEx MC8GA1UEAxMoMUUwOTlFMDVFNkMxQTEwMUVGMDU3OTEyRkJDMTMzRjE3MERFRTBB NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOV17IwnLb3Y3UEkZ36X E4+z2KJKu2pvjN046ZjEtxDRKGvIqNJe+tGtl8nI21vo1obDJAVYsta4b3Fmm7FB PCvZOLZ8+5BhS6lODLr5AeysP8b647WYX0/jMTksps/6xrbgtzRrnNFmy1Qseqwv +aq6AmufQx2dLdGW/lU0pCkgq5o62bGp57ohz9b1qa1B+UzkEY1wZMu5CY+VHtXN bSgMyoK1U2w8hVeOxJuA4vE8K5ouygRDnUnnFJrGnSfZz64+GRoxDHxCySyNKtB3 m4KXEm25SpRgDCUwmxVaO3Pg9c1R9KULMocZNaYdUHua3E6GCSDMv/8L59X5cJTb /x8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQeCZ4F5sGhAe8FeRL7wTPxcN7gpzAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 Ni8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU2L0hnbWVCZWJCb1FIdkJYa1MtOEV6OFhEZTRLYy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCoIwDQYJKoZIhvcNAQELBQAD ggEBADqtJtC5867XZGxgKDYGXM9Xv9eP0IKAnKCgAU0l9TNXTj2W64F4ijoINVzt khs5LEuM5ROyB9wvReY+VK/XybqjNFJaRnrFFGZcZfjEGtOOJS6XnTMwcwpbAm8p LNk9wJBn+Z5c7jhT9vKiJ9I9+69bAJbJ325pYKKWYMg040v7RLRC5cXY3jjbPZdm 77+Cp9zLJ59lw6GNArZMKJdrXSq3Km/RSTnXzVbIcmvl3Puk/C5T16uKDJFBmOex PRuSk8tzXhfGu4HdCC/G85SyUfVIU52iFTf3k6JBrmEtrX3yp8wzIBRuiM9fDT4l UotfKjxLSopr6MFLKtfbd7bWr+E= -----END CERTIFICATE-----Generated at Sat Nov 23 01:55:10 2024 by rpki-client on console-ams.rpki-client.org