Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
File: MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer (raw, json)
Hash identifier: SioJMeTjDampdbfewF3lsj1SXJTwANkhgm+Nv9fwdVQ=
Subject key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: C434
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Mon 13 Jan 2025 01:37:57 +0000
Certificate not after: Tue 13 Jan 2026 01:35:26 +0000
Subordinate resources: AS: 9813
AS: 24413
AS: 38340
AS: 45059
IP: 103.26.228.0/22
IP: 114.28.0.0 -- 114.28.67.255
IP: 114.28.80.0 -- 114.28.127.255
IP: 114.28.192.0/18
IP: 202.46.32.0/19
IP: 2400:3e00::/32
IP: 2402:33c0::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50228 (0xc434)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Jan 13 01:37:57 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:90:ea:2c:81:3c:c0:88:eb:d8:bc:96:49:9a:
74:15:24:c9:67:82:a0:1d:0b:d2:79:16:8f:93:1e:
e5:7b:09:41:c0:5e:e9:44:ed:f8:b3:53:83:25:df:
4f:ff:89:13:f1:b3:19:0b:85:b1:0e:a1:26:87:3b:
39:ae:90:ba:82:f4:81:78:00:65:cc:5d:2c:44:e8:
c4:6f:cf:61:15:63:03:2a:a9:74:fa:94:e4:37:50:
bb:bf:26:71:01:64:a8:87:17:c0:4a:d8:0f:09:46:
ee:dc:3a:4b:38:57:e4:01:17:9e:66:fa:1f:22:f3:
df:20:3e:a4:0d:20:b4:ea:bb:65:2b:97:dc:df:57:
d5:9c:b5:36:d6:e8:f7:ce:dd:a8:17:90:6a:91:2d:
7a:56:74:d9:59:01:76:2d:71:af:b7:71:3a:ec:51:
8b:d1:d5:8e:6e:0f:02:a4:8d:b8:01:35:e1:e9:48:
e3:f0:b8:d0:04:35:31:38:29:17:c0:39:3a:ca:8b:
33:35:f1:bd:86:08:0d:22:af:0f:5a:60:c9:9b:1e:
fe:d9:c2:95:6e:79:ec:30:12:59:df:4f:5e:fd:23:
3e:7d:5b:8a:87:9a:ca:5f:f9:49:07:a3:67:05:a0:
65:16:c0:29:3c:50:54:ea:06:e9:66:a1:1e:1b:ff:
84:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9813
24413
38340
45059
sbgp-ipAddrBlock: critical
IPv4:
103.26.228.0/22
114.28.0.0-114.28.67.255
114.28.80.0-114.28.127.255
114.28.192.0/18
202.46.32.0/19
IPv6:
2400:3e00::/32
2402:33c0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:80:08:6f:0a:88:cd:87:7a:96:0d:01:b3:db:30:ce:a3:37:
bf:41:82:74:97:d5:42:ef:b1:eb:6d:09:84:25:09:6c:b7:a2:
6e:9b:40:8b:9b:fa:96:34:df:8b:1e:4a:c8:60:fd:20:ad:67:
8e:d6:f5:63:66:ec:07:be:b7:51:0e:69:7a:c6:c4:8f:ce:eb:
b4:3e:90:dd:4f:c0:0d:95:ec:bf:23:11:92:b8:03:d1:1d:b2:
72:b9:c3:4a:e1:2a:80:a0:15:dc:ba:65:e3:f2:b8:85:87:c2:
1d:1b:d0:f8:59:86:0b:2c:53:8f:ed:16:2b:a3:da:3a:7d:03:
02:1b:9f:b6:3c:ad:bf:90:87:42:60:fc:c9:f2:db:dc:a4:75:
03:b9:7d:0b:9b:e7:36:2e:37:ab:68:89:73:67:86:3a:df:09:
6a:6c:bc:62:f2:a7:e6:b3:3b:42:36:84:a0:82:3b:a2:40:ec:
13:ac:dc:cb:b8:b0:db:0e:45:ca:1a:90:22:b1:ff:52:99:0b:
b5:2a:f6:b1:de:30:a2:18:7e:8f:a1:73:42:9c:cb:b4:1f:98:
b3:9c:f4:3b:bb:3d:e9:6a:56:dd:38:dd:f1:08:d7:f5:26:af:
79:61:47:95:35:0b:03:70:9d:1c:d4:d8:6d:42:78:ec:42:5d:
32:92:a8:07
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIDAMQ0MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTAxMTMwMTM3NTdaFw0yNjAxMTMwMTM1MjZaMDMx
MTAvBgNVBAMTKDMwOUMyQTk0M0IyOERDMDg1OEMzOUI5MjA4QTE2MDlDMDk3M0U0
OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYkOosgTzAiOvYvJZJ
mnQVJMlngqAdC9J5Fo+THuV7CUHAXulE7fizU4Ml30//iRPxsxkLhbEOoSaHOzmu
kLqC9IF4AGXMXSxE6MRvz2EVYwMqqXT6lOQ3ULu/JnEBZKiHF8BK2A8JRu7cOks4
V+QBF55m+h8i898gPqQNILTqu2Url9zfV9WctTbW6PfO3agXkGqRLXpWdNlZAXYt
ca+3cTrsUYvR1Y5uDwKkjbgBNeHpSOPwuNAENTE4KRfAOTrKizM18b2GCA0irw9a
YMmbHv7ZwpVueewwElnfT179Iz59W4qHmspf+UkHo2cFoGUWwCk8UFTqBulmoR4b
/4RvAgMBAAGjggK5MIICtTAdBgNVHQ4EFgQUMJwqlDso3AhYw5uSCKFgnAlz5Jow
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYy
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC82MjAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAn
BggrBgEFBQcBCAEB/wQYMBagFDASAgImVQICX10CAwCVxAIDALADMFwGCCsGAQUF
BwEHAQH/BE0wSzAzBAIAATAtAwQCZxrkMAsDAwJyHAMEAnIcQDAMAwQEchxQAwQH
chwAAwQGchzAAwQFyi4gMBQEAgACMA4DBQAkAD4AAwUAJAIzwDANBgkqhkiG9w0B
AQsFAAOCAQEAj4AIbwqIzYd6lg0Bs9swzqM3v0GCdJfVQu+x620JhCUJbLeibptA
i5v6ljTfix5KyGD9IK1njtb1Y2bsB763UQ5pesbEj87rtD6Q3U/ADZXsvyMRkrgD
0R2ycrnDSuEqgKAV3Lpl4/K4hYfCHRvQ+FmGCyxTj+0WK6PaOn0DAhuftjytv5CH
QmD8yfLb3KR1A7l9C5vnNi43q2iJc2eGOt8Jamy8YvKn5rM7QjaEoII7okDsE6zc
y7iw2w5FyhqQIrH/UpkLtSr2sd4wohh+j6FzQpzLtB+Ys5z0O7s96WpW3Tjd8QjX
9SaveWFHlTULA3CdHNTYbUJ47EJdMpKoBw==
-----END CERTIFICATE-----
Generated at Fri Feb 21 10:23:30 2025 by rpki-client