$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.cer File: M0aPVoJh8tgI9wMOCc-rvh7g7RQ.cer (raw, json) Hash identifier: V5GffjzYDsHqYcle+vqJWuxyxeaDzxUgyB4hxv4qOdA= Subject key identifier: 33:46:8F:56:82:61:F2:D8:08:F7:03:0E:09:CF:AB:BE:1E:E0:ED:14 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BBDF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:53:09 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.41.232.0/22 IP: 103.90.152.0/22 IP: 103.238.152.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48095 (0xbbdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:53:09 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=33468F568261F2D808F7030E09CFABBE1EE0ED14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:63:b1:41:4d:85:8a:0a:5a:2f:4c:c6:df:a8: c3:58:09:47:8c:9b:9d:f4:e9:5a:05:05:0c:38:9a: c4:d1:1d:81:e1:ec:11:ec:fa:8f:3a:d0:f3:4c:00: 49:b1:75:d7:15:61:9d:42:33:87:68:5f:b5:31:1f: a0:01:bb:5d:e9:13:94:0f:94:19:2b:88:5c:10:00: cb:86:c7:b4:9b:13:71:5e:b1:bd:ae:ee:d9:e0:1c: ec:9b:bd:da:78:43:26:af:f9:c1:e8:ee:f8:d0:53: c8:f8:32:7e:ff:59:34:9d:15:9d:4a:83:f0:21:09: 02:36:06:b9:98:25:5c:2c:8a:2a:86:a2:92:4b:af: 76:b8:1d:fe:e8:c1:f7:1c:c6:01:a5:f1:af:f0:71: d0:4e:b0:ea:b8:a8:5a:78:f0:8c:6e:2c:94:37:b0: 23:ad:ae:d0:00:f7:da:04:93:da:f0:c0:fa:b6:b1: cc:b6:ee:c5:64:e8:85:62:c9:4f:c7:45:3b:8c:f2: d9:2c:39:ce:92:dd:63:f3:fe:60:7e:1d:6b:90:3f: d4:b8:ae:a4:45:d5:50:19:7f:cc:fa:9d:bd:e3:ff: cb:e2:4f:cf:10:7b:54:12:3c:a8:21:4d:11:0b:da: c3:40:bd:e4:fa:78:92:0e:19:15:64:f5:a9:15:5a: 73:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:46:8F:56:82:61:F2:D8:08:F7:03:0E:09:CF:AB:BE:1E:E0:ED:14 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.41.232.0/22 103.90.152.0/22 103.238.152.0/23 Signature Algorithm: sha256WithRSAEncryption 4f:ec:ec:87:80:71:77:f9:05:2e:f0:b3:50:50:5b:34:fc:c1: a4:b0:32:bf:d5:0a:19:7f:fc:6e:66:d7:d4:f1:8f:53:5b:a6: 0a:15:70:89:0b:fc:b2:ff:36:58:a7:01:83:f9:7a:59:fe:06: 22:30:c2:dc:2c:99:24:b8:1e:f7:24:1a:89:44:cd:0d:41:c2: f2:f4:6f:5e:16:8e:53:96:16:76:82:3a:ed:ae:86:aa:1f:91: d5:46:ca:e4:a7:26:59:72:ff:d6:66:ef:a0:2a:bc:f2:66:70: 6b:95:ba:df:d2:b6:ad:a0:37:e0:6d:f1:6e:f4:0b:f2:bd:66: 15:6e:e7:e9:88:bd:5c:da:89:63:0c:87:f6:f1:6d:05:07:77: 1c:f0:7b:b8:e3:6d:41:49:e8:a5:70:a6:94:5a:6b:94:aa:fc: fd:83:10:53:55:eb:00:fb:c4:82:fa:23:7e:83:17:39:27:60: f6:6d:fd:44:31:5b:b7:80:e5:e8:c8:8b:ba:9e:fc:2c:d3:a6: 8d:93:50:d7:31:ba:f2:d7:4b:51:74:c0:25:38:68:ba:9b:a4: 18:44:7b:f7:af:6e:db:9b:35:4a:f8:0f:ce:02:9a:78:e6:bf: 7f:07:f7:66:4b:34:ce:87:14:48:82:45:a6:e1:72:61:a8:ee: fa:bd:d4:54 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIDALvfMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUzMDlaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDMzNDY4RjU2ODI2MUYyRDgwOEY3MDMwRTA5Q0ZBQkJFMUVFMEVE MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMY7FBTYWKClovTMbf qMNYCUeMm5306VoFBQw4msTRHYHh7BHs+o860PNMAEmxddcVYZ1CM4doX7UxH6AB u13pE5QPlBkriFwQAMuGx7SbE3Fesb2u7tngHOybvdp4Qyav+cHo7vjQU8j4Mn7/ WTSdFZ1Kg/AhCQI2BrmYJVwsiiqGopJLr3a4Hf7owfccxgGl8a/wcdBOsOq4qFp4 8IxuLJQ3sCOtrtAA99oEk9rwwPq2scy27sVk6IViyU/HRTuM8tksOc6S3WPz/mB+ HWuQP9S4rqRF1VAZf8z6nb3j/8viT88Qe1QSPKghTREL2sNAveT6eJIOGRVk9akV WnPVAgMBAAGjggJhMIICXTAdBgNVHQ4EFgQUM0aPVoJh8tgI9wMOCc+rvh7g7RQw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MjgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIyOC9NMGFQVm9KaDh0Z0k5d01PQ2MtcnZoN2c3UlEubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCZynoAwQCZ1qYAwQBZ+6YMA0G CSqGSIb3DQEBCwUAA4IBAQBP7OyHgHF3+QUu8LNQUFs0/MGksDK/1QoZf/xuZtfU 8Y9TW6YKFXCJC/yy/zZYpwGD+XpZ/gYiMMLcLJkkuB73JBqJRM0NQcLy9G9eFo5T lhZ2gjrtroaqH5HVRsrkpyZZcv/WZu+gKrzyZnBrlbrf0ratoDfgbfFu9AvyvWYV bufpiL1c2oljDIf28W0FB3cc8Hu4421BSeilcKaUWmuUqvz9gxBTVesA+8SC+iN+ gxc5J2D2bf1EMVu3gOXoyIu6nvws06aNk1DXMbry10tRdMAlOGi6m6QYRHv3r27b mzVK+A/OApp45r9/B/dmSzTOhxRIgkWm4XJhqO76vdRU -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:38 2024 by rpki-client on console-ams.rpki-client.org