Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
File: IdyHWWXCumHR2su0je4UBVSqWu8.cer (raw, json)
Hash identifier: cU4N0ygoYdaRFKRm+iIoK3Hv0NRLgQVJ9UH02Qk7jGo=
Subject key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Certificate serial: 3C79
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:07:30 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: IP: 40.72.0.0/15
IP: 40.125.128.0/17
IP: 40.126.64.0/18
IP: 40.162.0.0/16
IP: 52.130.0.0/15
IP: 139.217.0.0/16
IP: 139.219.0.0/16
IP: 143.64.0.0/16
IP: 159.27.0.0/16
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15481 (0x3c79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:07:30 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:bd:75:04:de:8c:74:55:cf:68:f6:2c:77:
c2:b2:b6:7f:25:6d:60:73:47:42:58:e8:e6:24:b6:
66:c1:9d:fe:94:d7:63:b8:c0:48:15:2e:e7:01:81:
45:e5:ca:09:3e:1d:60:79:3f:23:38:57:77:a8:76:
b6:a0:e0:14:31:2f:ab:cc:eb:a9:33:84:4a:03:ee:
81:29:7e:66:5b:26:60:f7:00:dc:d5:fb:96:12:93:
dc:78:47:5b:a6:8f:7d:9c:98:a4:01:13:d0:de:70:
f4:29:ac:e7:65:dd:40:19:72:eb:ab:be:bd:d4:f4:
fb:5c:26:62:d5:fb:9d:20:3a:9a:a6:23:5e:f5:b6:
49:6a:48:f4:24:05:d5:a1:de:35:d6:88:77:cc:d9:
45:50:cd:ac:5d:b8:9f:fe:b8:94:46:b5:d2:26:9a:
3d:65:6d:b8:2b:ce:9d:a3:12:8d:67:92:a1:f5:4c:
1b:0b:b3:77:bb:8c:e8:12:9b:e7:1f:bb:e3:ba:2e:
32:01:5a:74:a5:bc:f7:9e:b4:9a:74:41:7e:15:ff:
35:91:8b:33:03:b1:8c:ba:74:97:2d:62:71:5c:ce:
3f:27:5e:9d:9f:47:f2:21:b2:74:4f:71:4a:87:17:
7d:89:81:bd:ce:74:6f:0b:61:8c:b4:63:b9:f6:84:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Authority Key Identifier:
keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
40.162.0.0/16
52.130.0.0/15
139.217.0.0/16
139.219.0.0/16
143.64.0.0/16
159.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:b0:17:49:a6:6b:cd:92:e7:cf:2d:0e:f8:f9:54:0e:23:19:
08:c8:40:e0:3f:06:fa:b9:40:e6:a6:b4:01:18:63:92:eb:dd:
e2:7d:76:3a:48:78:3a:96:a5:7d:9f:b0:30:8c:50:b1:0a:bd:
8a:08:d0:4e:fc:c6:03:2f:22:ec:c8:f6:30:c3:0d:c7:24:0f:
db:5d:b3:e7:4c:4f:05:42:10:39:1d:bd:bf:5a:4f:f1:65:b8:
fd:1a:6e:0b:75:6d:e6:92:5d:8c:9e:f4:76:b1:ad:75:e4:c3:
e3:2d:a2:85:7d:3d:ae:c0:64:c0:83:45:7d:cb:89:ee:6a:46:
43:ef:8b:26:0b:6c:cb:cc:10:bc:8a:f6:67:29:2e:9e:dd:ee:
d9:4f:2f:1c:ed:2c:dd:a7:4b:de:b1:f4:f4:5e:73:cf:15:d0:
ed:68:85:9e:6c:62:15:3b:e3:18:7c:af:48:fa:fb:05:d1:a6:
79:ad:4e:73:c3:73:a2:60:0a:8d:26:41:77:d4:86:38:b5:39:
f7:4d:50:f8:20:25:1c:36:94:19:1f:95:ee:49:3a:2f:fa:31:
00:86:e6:80:c3:df:b3:03:c0:b0:76:c1:e3:05:4b:79:11:9f:
b9:9e:95:0d:d8:26:66:e2:23:b4:28:4d:f3:63:ac:68:97:6a:
c1:4b:42:ef
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICPHkwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw
QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MDczMFoXDTI2MDQwMzA4MDAwOVowMzEx
MC8GA1UEAxMoMjFEQzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFF
RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7IvXUE3ox0Vc9o9ix3
wrK2fyVtYHNHQljo5iS2ZsGd/pTXY7jASBUu5wGBReXKCT4dYHk/IzhXd6h2tqDg
FDEvq8zrqTOESgPugSl+ZlsmYPcA3NX7lhKT3HhHW6aPfZyYpAET0N5w9Cms52Xd
QBly66u+vdT0+1wmYtX7nSA6mqYjXvW2SWpI9CQF1aHeNdaId8zZRVDNrF24n/64
lEa10iaaPWVtuCvOnaMSjWeSofVMGwuzd7uM6BKb5x+747ouMgFadKW89560mnRB
fhX/NZGLMwOxjLp0ly1icVzOPydenZ9H8iGydE9xSocXfYmBvc50bwthjLRjufaE
HV8CAwEAAaOCAn4wggJ6MB0GA1UdDgQWBBQh3IdZZcK6YdHay7SN7hQFVKpa7zAf
BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx
RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF
BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yNjIwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5tZnQwMQYI
KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww
SAYIKwYBBQUHAQcBAf8EOTA3MDUEAgABMC8DAwEoSAMEByh9gAMEBih+QAMDACii
AwMBNIIDAwCL2QMDAIvbAwMAj0ADAwCfGzANBgkqhkiG9w0BAQsFAAOCAQEAmbAX
SaZrzZLnzy0O+PlUDiMZCMhA4D8G+rlA5qa0ARhjkuvd4n12Okh4OpalfZ+wMIxQ
sQq9igjQTvzGAy8i7Mj2MMMNxyQP212z50xPBUIQOR29v1pP8WW4/RpuC3Vt5pJd
jJ70drGtdeTD4y2ihX09rsBkwINFfcuJ7mpGQ++LJgtsy8wQvIr2Zykunt3u2U8v
HO0s3adL3rH09F5zzxXQ7WiFnmxiFTvjGHyvSPr7BdGmea1Oc8NzomAKjSZBd9SG
OLU5901Q+CAlHDaUGR+V7kk6L/oxAIbmgMPfswPAsHbB4wVLeRGfuZ6VDdgmZuIj
tChN82OsaJdqwUtC7w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:22:02 2025 by rpki-client