Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
File: IdyHWWXCumHR2su0je4UBVSqWu8.cer (raw, json)
Hash identifier: WoDjL6Hsy7Y0zgSTWQF1YRvIn4PMrqioQwwXeyAqUaE=
Subject key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Certificate serial: 3799
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:49:58 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: IP: 40.72.0.0/15
IP: 40.125.128.0/17
IP: 40.126.64.0/18
IP: 40.162.0.0/16
IP: 52.130.0.0/15
IP: 139.217.0.0/16
IP: 139.219.0.0/16
IP: 143.64.0.0/16
IP: 159.27.0.0/16
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 23 Nov 2024 04:53:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14233 (0x3799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Validity
Not Before: Sep 27 02:49:58 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:bd:75:04:de:8c:74:55:cf:68:f6:2c:77:
c2:b2:b6:7f:25:6d:60:73:47:42:58:e8:e6:24:b6:
66:c1:9d:fe:94:d7:63:b8:c0:48:15:2e:e7:01:81:
45:e5:ca:09:3e:1d:60:79:3f:23:38:57:77:a8:76:
b6:a0:e0:14:31:2f:ab:cc:eb:a9:33:84:4a:03:ee:
81:29:7e:66:5b:26:60:f7:00:dc:d5:fb:96:12:93:
dc:78:47:5b:a6:8f:7d:9c:98:a4:01:13:d0:de:70:
f4:29:ac:e7:65:dd:40:19:72:eb:ab:be:bd:d4:f4:
fb:5c:26:62:d5:fb:9d:20:3a:9a:a6:23:5e:f5:b6:
49:6a:48:f4:24:05:d5:a1:de:35:d6:88:77:cc:d9:
45:50:cd:ac:5d:b8:9f:fe:b8:94:46:b5:d2:26:9a:
3d:65:6d:b8:2b:ce:9d:a3:12:8d:67:92:a1:f5:4c:
1b:0b:b3:77:bb:8c:e8:12:9b:e7:1f:bb:e3:ba:2e:
32:01:5a:74:a5:bc:f7:9e:b4:9a:74:41:7e:15:ff:
35:91:8b:33:03:b1:8c:ba:74:97:2d:62:71:5c:ce:
3f:27:5e:9d:9f:47:f2:21:b2:74:4f:71:4a:87:17:
7d:89:81:bd:ce:74:6f:0b:61:8c:b4:63:b9:f6:84:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Authority Key Identifier:
keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
40.162.0.0/16
52.130.0.0/15
139.217.0.0/16
139.219.0.0/16
143.64.0.0/16
159.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:05:7b:9f:f0:06:3d:0c:35:b7:6e:4b:94:15:de:0c:a1:f9:
6e:72:b2:15:35:9e:03:d6:f9:ca:10:4a:49:72:98:c0:e5:5f:
55:28:70:52:c4:e5:82:c4:60:68:3a:33:b5:56:6f:fc:c7:f0:
54:b7:36:20:92:ce:aa:f6:31:f0:92:4b:e1:4a:81:76:be:49:
5d:70:ef:60:75:61:ee:94:2f:6c:f5:d8:2d:49:58:5a:a5:c7:
53:28:6b:88:b1:d8:39:f3:59:ed:f2:53:56:b6:cd:13:d1:6d:
ec:5c:51:01:f2:2e:0c:8e:a2:35:4f:ba:2e:66:d1:34:99:64:
31:91:7a:47:eb:d3:3f:f4:b9:e1:e2:86:b5:5f:84:b3:4c:8f:
ec:73:d7:5b:87:49:f2:81:9a:0d:b4:3a:c8:86:da:7a:8a:b7:
c5:76:e9:d3:99:04:17:a6:40:68:d3:80:78:63:32:92:96:11:
92:aa:73:30:62:ff:54:43:75:80:f1:71:c5:ed:e7:2e:1b:22:
42:0e:32:06:3f:d3:32:3c:d0:bf:36:ff:c6:82:e7:9c:90:c2:
ed:db:d7:a7:79:ee:b9:0e:05:8a:b3:b4:74:81:06:60:a7:8a:
57:51:0f:bd:ac:a1:9d:d0:3f:0c:c2:4c:70:46:4e:e1:5c:44:
49:37:79:4c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICN5kwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw
QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNDk1OFoXDTI1MDkyNzAyNDAxNFowMzEx
MC8GA1UEAxMoMjFEQzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFF
RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7IvXUE3ox0Vc9o9ix3
wrK2fyVtYHNHQljo5iS2ZsGd/pTXY7jASBUu5wGBReXKCT4dYHk/IzhXd6h2tqDg
FDEvq8zrqTOESgPugSl+ZlsmYPcA3NX7lhKT3HhHW6aPfZyYpAET0N5w9Cms52Xd
QBly66u+vdT0+1wmYtX7nSA6mqYjXvW2SWpI9CQF1aHeNdaId8zZRVDNrF24n/64
lEa10iaaPWVtuCvOnaMSjWeSofVMGwuzd7uM6BKb5x+747ouMgFadKW89560mnRB
fhX/NZGLMwOxjLp0ly1icVzOPydenZ9H8iGydE9xSocXfYmBvc50bwthjLRjufaE
HV8CAwEAAaOCAn4wggJ6MB0GA1UdDgQWBBQh3IdZZcK6YdHay7SN7hQFVKpa7zAf
BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx
RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF
BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yNjIwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5tZnQwMQYI
KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww
SAYIKwYBBQUHAQcBAf8EOTA3MDUEAgABMC8DAwEoSAMEByh9gAMEBih+QAMDACii
AwMBNIIDAwCL2QMDAIvbAwMAj0ADAwCfGzANBgkqhkiG9w0BAQsFAAOCAQEApgV7
n/AGPQw1t25LlBXeDKH5bnKyFTWeA9b5yhBKSXKYwOVfVShwUsTlgsRgaDoztVZv
/MfwVLc2IJLOqvYx8JJL4UqBdr5JXXDvYHVh7pQvbPXYLUlYWqXHUyhriLHYOfNZ
7fJTVrbNE9Ft7FxRAfIuDI6iNU+6LmbRNJlkMZF6R+vTP/S54eKGtV+Es0yP7HPX
W4dJ8oGaDbQ6yIbaeoq3xXbp05kEF6ZAaNOAeGMykpYRkqpzMGL/VEN1gPFxxe3n
LhsiQg4yBj/TMjzQvzb/xoLnnJDC7dvXp3nuuQ4FirO0dIEGYKeKV1EPvayhndA/
DMJMcEZO4VxESTd5TA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:55:10 2024 by rpki-client on console-ams.rpki-client.org