Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
File: IdyHWWXCumHR2su0je4UBVSqWu8.cer (raw, json)
Hash identifier: pqq3+h5jO5TLJajdtlrvuHjdFPRzUzV7b/ZlArRc+Rc=
Subject key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Certificate serial: 3304
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 22 Mar 2024 06:12:40 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: IP: 40.72.0.0/15
IP: 40.125.128.0/17
IP: 40.126.64.0/18
IP: 40.162.0.0/16
IP: 52.130.0.0/15
IP: 139.217.0.0/16
IP: 139.219.0.0/16
IP: 143.64.0.0/16
IP: 159.27.0.0/16
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 May 2024 03:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13060 (0x3304)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Validity
Not Before: Mar 22 06:12:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:bd:75:04:de:8c:74:55:cf:68:f6:2c:77:
c2:b2:b6:7f:25:6d:60:73:47:42:58:e8:e6:24:b6:
66:c1:9d:fe:94:d7:63:b8:c0:48:15:2e:e7:01:81:
45:e5:ca:09:3e:1d:60:79:3f:23:38:57:77:a8:76:
b6:a0:e0:14:31:2f:ab:cc:eb:a9:33:84:4a:03:ee:
81:29:7e:66:5b:26:60:f7:00:dc:d5:fb:96:12:93:
dc:78:47:5b:a6:8f:7d:9c:98:a4:01:13:d0:de:70:
f4:29:ac:e7:65:dd:40:19:72:eb:ab:be:bd:d4:f4:
fb:5c:26:62:d5:fb:9d:20:3a:9a:a6:23:5e:f5:b6:
49:6a:48:f4:24:05:d5:a1:de:35:d6:88:77:cc:d9:
45:50:cd:ac:5d:b8:9f:fe:b8:94:46:b5:d2:26:9a:
3d:65:6d:b8:2b:ce:9d:a3:12:8d:67:92:a1:f5:4c:
1b:0b:b3:77:bb:8c:e8:12:9b:e7:1f:bb:e3:ba:2e:
32:01:5a:74:a5:bc:f7:9e:b4:9a:74:41:7e:15:ff:
35:91:8b:33:03:b1:8c:ba:74:97:2d:62:71:5c:ce:
3f:27:5e:9d:9f:47:f2:21:b2:74:4f:71:4a:87:17:
7d:89:81:bd:ce:74:6f:0b:61:8c:b4:63:b9:f6:84:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Authority Key Identifier:
keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
40.162.0.0/16
52.130.0.0/15
139.217.0.0/16
139.219.0.0/16
143.64.0.0/16
159.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:f6:0d:b6:e9:6d:46:72:c7:92:7e:04:63:6b:ab:2a:46:4c:
e1:d4:ac:9b:0b:6d:ab:7e:41:80:47:8b:19:0b:87:c9:28:60:
ca:4e:6d:73:7d:2f:20:05:be:80:35:6a:3c:55:d2:fa:19:fa:
ea:af:9a:24:12:b9:32:ba:74:68:61:c0:ce:be:b1:3b:30:79:
e7:0c:33:78:d9:b5:b0:07:a1:04:95:57:ef:d9:7f:2c:3f:77:
e2:08:76:93:9a:ec:c2:eb:b7:6f:b3:65:4b:12:8d:95:75:47:
06:b5:2b:58:70:b8:f1:fb:89:ad:77:63:a9:72:84:8a:1a:63:
01:52:b9:88:d9:8f:aa:04:35:d2:88:6c:e3:51:eb:f4:d3:07:
91:af:c1:09:c7:89:e0:cd:be:50:b3:7f:bb:d6:60:d5:9d:4b:
21:d0:9b:c6:be:6c:b9:22:6c:29:dc:2f:66:4e:73:e8:57:46:
86:3d:39:6f:79:7e:90:d8:ff:1d:29:37:02:8c:38:90:aa:14:
a7:d7:26:2b:c6:26:15:08:16:fd:7c:96:49:e0:83:1c:1c:5c:
fd:56:af:da:e2:ca:c3:ec:1d:b6:f4:3a:7d:91:9c:6d:f0:f8:
0f:76:2e:50:7d:71:15:87:64:e8:45:05:6e:06:27:c2:96:53:
4b:75:21:03
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICMwQwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw
QTU0QTk1MTk1QTExMB4XDTI0MDMyMjA2MTI0MFoXDTI1MDEzMTAxMTM0NlowMzEx
MC8GA1UEAxMoMjFEQzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFF
RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7IvXUE3ox0Vc9o9ix3
wrK2fyVtYHNHQljo5iS2ZsGd/pTXY7jASBUu5wGBReXKCT4dYHk/IzhXd6h2tqDg
FDEvq8zrqTOESgPugSl+ZlsmYPcA3NX7lhKT3HhHW6aPfZyYpAET0N5w9Cms52Xd
QBly66u+vdT0+1wmYtX7nSA6mqYjXvW2SWpI9CQF1aHeNdaId8zZRVDNrF24n/64
lEa10iaaPWVtuCvOnaMSjWeSofVMGwuzd7uM6BKb5x+747ouMgFadKW89560mnRB
fhX/NZGLMwOxjLp0ly1icVzOPydenZ9H8iGydE9xSocXfYmBvc50bwthjLRjufaE
HV8CAwEAAaOCAn4wggJ6MB0GA1UdDgQWBBQh3IdZZcK6YdHay7SN7hQFVKpa7zAf
BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx
RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF
BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yNjIwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5tZnQwMQYI
KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww
SAYIKwYBBQUHAQcBAf8EOTA3MDUEAgABMC8DAwEoSAMEByh9gAMEBih+QAMDACii
AwMBNIIDAwCL2QMDAIvbAwMAj0ADAwCfGzANBgkqhkiG9w0BAQsFAAOCAQEAiPYN
tultRnLHkn4EY2urKkZM4dSsmwttq35BgEeLGQuHyShgyk5tc30vIAW+gDVqPFXS
+hn66q+aJBK5Mrp0aGHAzr6xOzB55wwzeNm1sAehBJVX79l/LD934gh2k5rswuu3
b7NlSxKNlXVHBrUrWHC48fuJrXdjqXKEihpjAVK5iNmPqgQ10ohs41Hr9NMHka/B
CceJ4M2+ULN/u9Zg1Z1LIdCbxr5suSJsKdwvZk5z6FdGhj05b3l+kNj/HSk3Aow4
kKoUp9cmK8YmFQgW/XyWSeCDHBxc/Vav2uLKw+wdtvQ6fZGcbfD4D3YuUH1xFYdk
6EUFbgYnwpZTS3UhAw==
-----END CERTIFICATE-----
Generated at Tue May 28 23:01:53 2024 by rpki-client on console-ams.rpki-client.org