$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.cer File: M0aPVoJh8tgI9wMOCc-rvh7g7RQ.cer (raw, json) Hash identifier: uPqKy5HtZdrUTG6A3Imk82w+cEPp6HomT8eKT12AQw8= Subject key identifier: 33:46:8F:56:82:61:F2:D8:08:F7:03:0E:09:CF:AB:BE:1E:E0:ED:14 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AE2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:19:41 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 103.41.232.0/22 IP: 103.90.152.0/22 IP: 103.238.152.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 May 2024 19:56:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44587 (0xae2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:19:41 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=33468F568261F2D808F7030E09CFABBE1EE0ED14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:63:b1:41:4d:85:8a:0a:5a:2f:4c:c6:df:a8: c3:58:09:47:8c:9b:9d:f4:e9:5a:05:05:0c:38:9a: c4:d1:1d:81:e1:ec:11:ec:fa:8f:3a:d0:f3:4c:00: 49:b1:75:d7:15:61:9d:42:33:87:68:5f:b5:31:1f: a0:01:bb:5d:e9:13:94:0f:94:19:2b:88:5c:10:00: cb:86:c7:b4:9b:13:71:5e:b1:bd:ae:ee:d9:e0:1c: ec:9b:bd:da:78:43:26:af:f9:c1:e8:ee:f8:d0:53: c8:f8:32:7e:ff:59:34:9d:15:9d:4a:83:f0:21:09: 02:36:06:b9:98:25:5c:2c:8a:2a:86:a2:92:4b:af: 76:b8:1d:fe:e8:c1:f7:1c:c6:01:a5:f1:af:f0:71: d0:4e:b0:ea:b8:a8:5a:78:f0:8c:6e:2c:94:37:b0: 23:ad:ae:d0:00:f7:da:04:93:da:f0:c0:fa:b6:b1: cc:b6:ee:c5:64:e8:85:62:c9:4f:c7:45:3b:8c:f2: d9:2c:39:ce:92:dd:63:f3:fe:60:7e:1d:6b:90:3f: d4:b8:ae:a4:45:d5:50:19:7f:cc:fa:9d:bd:e3:ff: cb:e2:4f:cf:10:7b:54:12:3c:a8:21:4d:11:0b:da: c3:40:bd:e4:fa:78:92:0e:19:15:64:f5:a9:15:5a: 73:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:46:8F:56:82:61:F2:D8:08:F7:03:0E:09:CF:AB:BE:1E:E0:ED:14 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.41.232.0/22 103.90.152.0/22 103.238.152.0/23 Signature Algorithm: sha256WithRSAEncryption 47:10:4c:88:b0:cd:7f:da:b3:af:9d:7e:06:b2:9c:d9:25:bb: 7a:af:d5:6f:9c:bd:08:19:7d:97:c9:e5:34:35:11:5d:88:1b: b7:ac:3a:46:27:48:2f:d0:80:76:a4:73:6b:18:79:21:d9:af: 5d:88:39:c9:cc:5a:0c:dd:8b:09:05:ce:cb:a9:b9:26:f4:9d: 61:95:f1:32:19:0b:11:87:4c:66:60:4b:9d:7b:01:36:3f:a3: ff:c0:82:33:f7:8f:ea:cf:fe:56:2b:5a:9a:69:fb:1d:94:8a: d6:e2:ae:66:c2:fc:17:a6:f8:c5:df:5a:07:c4:0f:2f:10:80: 36:5a:c5:b1:32:d0:41:83:31:83:a8:37:3d:7f:ca:fb:8b:06: 46:d3:4a:17:bb:ca:f4:64:95:0b:41:64:99:5a:ec:af:64:3c: cd:92:13:f5:4d:bb:88:a3:39:b7:33:1a:96:aa:88:80:e9:bc: a9:78:32:c2:90:d6:09:69:9c:bc:31:b4:72:f1:d0:d9:ca:f1: 3f:e6:ff:c5:55:92:46:93:97:37:53:ef:5b:e9:fe:82:32:d2: 96:85:5d:c3:f9:33:db:fd:ee:19:a3:89:f9:54:db:b3:4d:32: bb:61:d1:a8:3d:01:7a:4a:d6:3c:f0:4c:be:1f:44:09:4e:c5: 5b:e4:ef:92 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIDAK4rMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTE5NDFaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDMzNDY4RjU2ODI2MUYyRDgwOEY3MDMwRTA5Q0ZBQkJFMUVFMEVE MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMY7FBTYWKClovTMbf qMNYCUeMm5306VoFBQw4msTRHYHh7BHs+o860PNMAEmxddcVYZ1CM4doX7UxH6AB u13pE5QPlBkriFwQAMuGx7SbE3Fesb2u7tngHOybvdp4Qyav+cHo7vjQU8j4Mn7/ WTSdFZ1Kg/AhCQI2BrmYJVwsiiqGopJLr3a4Hf7owfccxgGl8a/wcdBOsOq4qFp4 8IxuLJQ3sCOtrtAA99oEk9rwwPq2scy27sVk6IViyU/HRTuM8tksOc6S3WPz/mB+ HWuQP9S4rqRF1VAZf8z6nb3j/8viT88Qe1QSPKghTREL2sNAveT6eJIOGRVk9akV WnPVAgMBAAGjggJhMIICXTAdBgNVHQ4EFgQUM0aPVoJh8tgI9wMOCc+rvh7g7RQw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MjgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIyOC9NMGFQVm9KaDh0Z0k5d01PQ2MtcnZoN2c3UlEubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCZynoAwQCZ1qYAwQBZ+6YMA0G CSqGSIb3DQEBCwUAA4IBAQBHEEyIsM1/2rOvnX4GspzZJbt6r9VvnL0IGX2XyeU0 NRFdiBu3rDpGJ0gv0IB2pHNrGHkh2a9diDnJzFoM3YsJBc7Lqbkm9J1hlfEyGQsR h0xmYEudewE2P6P/wIIz94/qz/5WK1qaafsdlIrW4q5mwvwXpvjF31oHxA8vEIA2 WsWxMtBBgzGDqDc9f8r7iwZG00oXu8r0ZJULQWSZWuyvZDzNkhP1TbuIozm3MxqW qoiA6bypeDLCkNYJaZy8MbRy8dDZyvE/5v/FVZJGk5c3U+9b6f6CMtKWhV3D+TPb /e4Zo4n5VNuzTTK7YdGoPQF6StY88Ey+H0QJTsVb5O+S -----END CERTIFICATE-----Generated at Sat May 18 16:16:51 2024 by rpki-client on console-ams.rpki-client.org