Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
File: Os4QyDgpLG_HBlhbRE667coqEbk.cer (raw, json)
Hash identifier: VeDgJlxQk4WMbAP9dgESBAH0sYUEYmPA0LPfB+q7qRA=
Subject key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CCAB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:05:33 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 55990
AS: 63727
AS: 139124
AS: 139144
IP: 1.92.0.0/16
IP: 1.94.0.0/15
IP: 14.130.0.0/15
IP: 42.196.0.0 -- 42.198.255.255
IP: 43.226.168.0 -- 43.226.215.255
IP: 43.226.240.0 -- 43.227.7.255
IP: 43.227.36.0 -- 43.227.51.255
IP: 43.227.96.0/21
IP: 43.249.152.0 -- 43.249.167.255
IP: 43.254.0.0/22
IP: 49.4.0.0/17
IP: 49.220.0.0/16
IP: 49.222.0.0/16
IP: 60.201.0.0 -- 60.204.255.255
IP: 101.54.0.0/16
IP: 101.104.0.0/17
IP: 101.105.0.0 -- 101.107.255.255
IP: 101.245.0.0/16
IP: 103.31.200.0/22
IP: 103.39.160.0/19
IP: 103.40.16.0 -- 103.40.47.255
IP: 103.45.80.0/20
IP: 103.45.192.0/19
IP: 103.46.0.0/22
IP: 103.46.152.0 -- 103.46.167.255
IP: 103.46.172.0 -- 103.46.183.255
IP: 103.161.220.0/23
IP: 110.41.0.0/16
IP: 113.44.0.0/14
IP: 114.115.128.0 -- 114.116.255.255
IP: 115.32.0.0/14
IP: 115.120.0.0/16
IP: 115.173.0.0/17
IP: 115.175.0.0/16
IP: 116.61.0.0/16
IP: 116.63.0.0/16
IP: 116.196.192.0/18
IP: 116.204.0.0/17
IP: 116.205.0.0/16
IP: 116.216.0.0/16
IP: 116.218.0.0/16
IP: 116.243.0.0/16
IP: 117.78.0.0/18
IP: 117.100.0.0/17
IP: 117.101.0.0/16
IP: 118.198.0.0/16
IP: 118.207.0.0/16
IP: 118.244.0.0/17
IP: 118.246.0.0/16
IP: 119.3.0.0/16
IP: 120.46.0.0/16
IP: 121.36.0.0/15
IP: 121.71.0.0/16
IP: 122.9.0.0/16
IP: 122.112.128.0/17
IP: 123.60.0.0/16
IP: 123.196.128.0 -- 123.197.127.255
IP: 123.249.0.0/17
IP: 124.15.0.0/17
IP: 124.70.0.0/15
IP: 124.203.0.0/17
IP: 175.189.0.0/16
IP: 175.190.128.0 -- 175.191.255.255
IP: 180.86.0.0/16
IP: 180.89.128.0 -- 180.90.255.255
IP: 218.245.64.0/18
IP: 220.114.0.0/16
IP: 223.20.0.0/15
IP: 223.201.0.0/16
IP: 223.208.0.0/15
IP: 2407:c080::/32
IP: 2409:2000::/21
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52395 (0xccab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:05:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d0:c0:7e:44:ce:ba:24:5d:61:3e:e2:45:fd:
9d:06:0d:63:51:b6:9a:52:c2:af:8d:02:75:c8:ca:
86:5e:52:2a:69:d0:d5:ac:6d:76:6e:00:82:f9:77:
b6:be:c9:9a:f6:5b:ad:27:b3:a5:61:f6:14:dd:1d:
f1:2e:e4:21:eb:79:dc:47:c3:00:31:d3:c0:74:aa:
d1:d6:fd:a4:47:00:73:0b:a1:03:f5:d6:6e:f7:1d:
ac:c0:3f:ff:d2:bd:54:27:27:f1:ee:42:15:f7:f3:
e7:e2:74:34:de:9b:93:b6:ab:bb:a7:6d:49:9f:56:
2f:ab:38:86:f6:3f:28:38:83:25:bf:91:80:86:42:
1f:a3:7e:b3:1a:18:a1:df:e6:a8:0c:75:a8:3a:4f:
29:81:02:aa:f4:32:7e:64:8b:77:b2:08:f2:99:ad:
1d:1d:5e:70:f2:4c:68:34:6f:72:b3:43:12:a0:f4:
69:07:91:35:59:35:a3:ef:3f:d6:23:ab:50:61:e6:
38:71:db:15:52:62:ca:90:b0:f2:12:19:ae:4a:cc:
83:9e:59:96:20:37:67:76:f8:8b:22:a0:e5:da:6c:
7e:8f:6a:84:66:6d:97:f7:79:a0:4a:dc:a0:b7:bb:
27:36:8a:3f:de:98:ed:46:dd:d0:75:bf:0a:93:3f:
8f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55990
63727
139124
139144
sbgp-ipAddrBlock: critical
IPv4:
1.92.0.0/16
1.94.0.0/15
14.130.0.0/15
42.196.0.0-42.198.255.255
43.226.168.0-43.226.215.255
43.226.240.0-43.227.7.255
43.227.36.0-43.227.51.255
43.227.96.0/21
43.249.152.0-43.249.167.255
43.254.0.0/22
49.4.0.0/17
49.220.0.0/16
49.222.0.0/16
60.201.0.0-60.204.255.255
101.54.0.0/16
101.104.0.0/17
101.105.0.0-101.107.255.255
101.245.0.0/16
103.31.200.0/22
103.39.160.0/19
103.40.16.0-103.40.47.255
103.45.80.0/20
103.45.192.0/19
103.46.0.0/22
103.46.152.0-103.46.167.255
103.46.172.0-103.46.183.255
103.161.220.0/23
110.41.0.0/16
113.44.0.0/14
114.115.128.0-114.116.255.255
115.32.0.0/14
115.120.0.0/16
115.173.0.0/17
115.175.0.0/16
116.61.0.0/16
116.63.0.0/16
116.196.192.0/18
116.204.0.0/17
116.205.0.0/16
116.216.0.0/16
116.218.0.0/16
116.243.0.0/16
117.78.0.0/18
117.100.0.0/17
117.101.0.0/16
118.198.0.0/16
118.207.0.0/16
118.244.0.0/17
118.246.0.0/16
119.3.0.0/16
120.46.0.0/16
121.36.0.0/15
121.71.0.0/16
122.9.0.0/16
122.112.128.0/17
123.60.0.0/16
123.196.128.0-123.197.127.255
123.249.0.0/17
124.15.0.0/17
124.70.0.0/15
124.203.0.0/17
175.189.0.0/16
175.190.128.0-175.191.255.255
180.86.0.0/16
180.89.128.0-180.90.255.255
218.245.64.0/18
220.114.0.0/16
223.20.0.0/15
223.201.0.0/16
223.208.0.0/15
IPv6:
2407:c080::/32
2409:2000::/21
Signature Algorithm: sha256WithRSAEncryption
7e:f9:89:ce:60:1b:69:c0:3b:67:e6:16:66:07:12:7b:8b:38:
4c:e8:17:f8:50:f5:4a:1a:3e:f8:22:d2:d9:4c:9e:11:9e:04:
02:9d:c3:7a:11:13:40:87:79:32:b0:25:d1:b7:87:c3:7a:4d:
85:39:01:6d:6a:17:c3:60:e8:d6:77:10:12:cf:ac:93:41:5a:
7b:f8:95:4d:92:1c:b4:d7:52:ae:fe:d3:2b:e4:e3:a1:d4:dd:
15:09:8e:b2:bc:0a:d5:6c:5f:72:55:95:ae:eb:8b:a5:49:1e:
ff:e0:e3:3d:46:6d:18:a7:2a:58:1b:c8:87:7f:bd:05:9b:93:
80:e2:fc:6b:34:ba:83:8f:56:d3:99:32:1b:47:e9:fb:cb:72:
ce:aa:7c:a7:1f:c7:be:b5:91:bc:90:47:23:46:45:dc:d0:82:
15:cf:ae:06:8e:eb:05:05:d6:89:e0:0f:94:91:27:3a:6e:1e:
6f:23:92:cd:f8:bc:28:05:03:23:66:64:06:ba:60:5e:5c:fa:
86:04:d7:d1:48:54:00:78:a3:d2:32:21:ce:15:e3:0e:b2:ac:
e0:60:a7:76:bd:04:d7:55:df:ce:e6:ec:ea:ef:c2:38:ae:8e:
39:ac:b7:27:48:31:a4:32:88:8d:5c:4f:22:e1:a2:ba:ae:56:
ea:14:b0:ef
-----BEGIN CERTIFICATE-----
MIIHfTCCBmWgAwIBAgIDAMyrMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA1MzNaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDNBQ0UxMEM4MzgyOTJDNkZDNzA2NTg1QjQ0NEVCQUVEQ0EyQTEx
QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB0MB+RM66JF1hPuJF
/Z0GDWNRtppSwq+NAnXIyoZeUipp0NWsbXZuAIL5d7a+yZr2W60ns6Vh9hTdHfEu
5CHredxHwwAx08B0qtHW/aRHAHMLoQP11m73HazAP//SvVQnJ/HuQhX38+fidDTe
m5O2q7unbUmfVi+rOIb2Pyg4gyW/kYCGQh+jfrMaGKHf5qgMdag6TymBAqr0Mn5k
i3eyCPKZrR0dXnDyTGg0b3KzQxKg9GkHkTVZNaPvP9Yjq1Bh5jhx2xVSYsqQsPIS
Ga5KzIOeWZYgN2d2+IsioOXabH6PaoRmbZf3eaBK3KC3uyc2ij/emO1G3dB1vwqT
P4+TAgMBAAGjggSBMIIEfTAdBgNVHQ4EFgQUOs4QyDgpLG/HBlhbRE667coqEbkw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw
MTQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzAxNC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCkGCCsGAQUFBwEIAQH/BBowGKAWMBQCAwDatgIDAPjvAgMCH3QCAwIfiDCCAh4G
CCsGAQUFBwEHAQH/BIICDTCCAgkwggHwBAIAATCCAegDAwABXAMDAQFeAwMBDoIw
CgMDAirEAwMAKsYwDAMEAyviqAMEAyvi0DAMAwQEK+LwAwQDK+MAMAwDBAIr4yQD
BAIr4zADBAMr42AwDAMEAyv5mAMEAyv5oAMEAiv+AAMEBzEEAAMDADHcAwMAMd4w
CgMDADzJAwMAPMwDAwBlNgMEB2VoADAKAwMAZWkDAwJlaAMDAGX1AwQCZx/IAwQF
ZyegMAwDBARnKBADBARnKCADBARnLVADBAVnLcADBAJnLgAwDAMEA2cumAMEA2cu
oDAMAwQCZy6sAwQDZy6wAwQBZ6HcAwMAbikDAwJxLDALAwQHcnOAAwMAcnQDAwJz
IAMDAHN4AwQHc60AAwMAc68DAwB0PQMDAHQ/AwQGdMTAAwQHdMwAAwMAdM0DAwB0
2AMDAHTaAwMAdPMDBAZ1TgADBAd1ZAADAwB1ZQMDAHbGAwMAds8DBAd29AADAwB2
9gMDAHcDAwMAeC4DAwF5JAMDAHlHAwMAegkDBAd6cIADAwB7PDAMAwQHe8SAAwQH
e8UAAwQHe/kAAwQHfA8AAwMBfEYDBAd8ywADAwCvvTALAwQHr76AAwMGr4ADAwC0
VjALAwQHtFmAAwMAtFoDBAba9UADAwDccgMDAd8UAwMA38kDAwHf0DATBAIAAjAN
AwUAJAfAgAMEAyQJIDANBgkqhkiG9w0BAQsFAAOCAQEAfvmJzmAbacA7Z+YWZgcS
e4s4TOgX+FD1Sho++CLS2UyeEZ4EAp3DehETQId5MrAl0beHw3pNhTkBbWoXw2Do
1ncQEs+sk0Fae/iVTZIctNdSrv7TK+TjodTdFQmOsrwK1WxfclWVruuLpUke/+Dj
PUZtGKcqWBvIh3+9BZuTgOL8azS6g49W05kyG0fp+8tyzqp8px/HvrWRvJBHI0ZF
3NCCFc+uBo7rBQXWieAPlJEnOm4ebyOSzfi8KAUDI2ZkBrpgXlz6hgTX0UhUAHij
0jIhzhXjDrKs4GCndr0E11Xfzubs6u/COK6OOay3J0gxpDKIjVxPIuGiuq5W6hSw
7w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:16:36 2025 by rpki-client