Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
File: Os4QyDgpLG_HBlhbRE667coqEbk.cer (raw, json)
Hash identifier: +6uoXqBrmnv7NPQ48y/GtMYh0bhS8jiu5mKlPgvKcBs=
Subject key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: ADE5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:18:54 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 55990
AS: 63727
AS: 139124
AS: 139144
IP: 1.92.0.0/16
IP: 1.94.0.0/15
IP: 14.130.0.0/15
IP: 42.196.0.0 -- 42.198.255.255
IP: 43.226.168.0 -- 43.226.215.255
IP: 43.226.240.0 -- 43.227.7.255
IP: 43.227.36.0 -- 43.227.51.255
IP: 43.227.96.0/21
IP: 43.249.152.0 -- 43.249.167.255
IP: 43.254.0.0/22
IP: 49.4.0.0/17
IP: 49.220.0.0/16
IP: 49.222.0.0/16
IP: 60.201.0.0 -- 60.204.255.255
IP: 101.54.0.0/16
IP: 101.104.0.0/17
IP: 101.105.0.0 -- 101.107.255.255
IP: 101.245.0.0/16
IP: 103.31.200.0/22
IP: 103.39.160.0/19
IP: 103.40.16.0 -- 103.40.47.255
IP: 103.45.80.0/20
IP: 103.45.192.0/19
IP: 103.46.0.0/22
IP: 103.46.152.0 -- 103.46.167.255
IP: 103.46.172.0 -- 103.46.183.255
IP: 103.161.220.0/23
IP: 110.41.0.0/16
IP: 113.44.0.0/14
IP: 114.115.128.0 -- 114.116.255.255
IP: 115.32.0.0/14
IP: 115.120.0.0/16
IP: 115.173.0.0/17
IP: 115.175.0.0/16
IP: 116.61.0.0/16
IP: 116.63.0.0/16
IP: 116.196.192.0/18
IP: 116.204.0.0/17
IP: 116.205.0.0/16
IP: 116.216.0.0/16
IP: 116.218.0.0/16
IP: 116.243.0.0/16
IP: 117.78.0.0/18
IP: 117.100.0.0/17
IP: 117.101.0.0/16
IP: 118.198.0.0/16
IP: 118.207.0.0/16
IP: 118.244.0.0/17
IP: 118.246.0.0/16
IP: 119.3.0.0/16
IP: 120.46.0.0/16
IP: 121.36.0.0/15
IP: 121.71.0.0/16
IP: 122.9.0.0/16
IP: 122.112.128.0/17
IP: 123.60.0.0/16
IP: 123.196.128.0 -- 123.197.127.255
IP: 123.249.0.0/17
IP: 124.15.0.0/17
IP: 124.70.0.0/15
IP: 124.203.0.0/17
IP: 175.189.0.0/16
IP: 175.190.128.0 -- 175.191.255.255
IP: 180.86.0.0/16
IP: 180.89.128.0 -- 180.90.255.255
IP: 218.245.64.0/18
IP: 220.114.0.0/16
IP: 223.20.0.0/15
IP: 223.201.0.0/16
IP: 223.208.0.0/15
IP: 2407:c080::/32
IP: 2409:2000::/21
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 10 May 2024 13:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44517 (0xade5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:18:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d0:c0:7e:44:ce:ba:24:5d:61:3e:e2:45:fd:
9d:06:0d:63:51:b6:9a:52:c2:af:8d:02:75:c8:ca:
86:5e:52:2a:69:d0:d5:ac:6d:76:6e:00:82:f9:77:
b6:be:c9:9a:f6:5b:ad:27:b3:a5:61:f6:14:dd:1d:
f1:2e:e4:21:eb:79:dc:47:c3:00:31:d3:c0:74:aa:
d1:d6:fd:a4:47:00:73:0b:a1:03:f5:d6:6e:f7:1d:
ac:c0:3f:ff:d2:bd:54:27:27:f1:ee:42:15:f7:f3:
e7:e2:74:34:de:9b:93:b6:ab:bb:a7:6d:49:9f:56:
2f:ab:38:86:f6:3f:28:38:83:25:bf:91:80:86:42:
1f:a3:7e:b3:1a:18:a1:df:e6:a8:0c:75:a8:3a:4f:
29:81:02:aa:f4:32:7e:64:8b:77:b2:08:f2:99:ad:
1d:1d:5e:70:f2:4c:68:34:6f:72:b3:43:12:a0:f4:
69:07:91:35:59:35:a3:ef:3f:d6:23:ab:50:61:e6:
38:71:db:15:52:62:ca:90:b0:f2:12:19:ae:4a:cc:
83:9e:59:96:20:37:67:76:f8:8b:22:a0:e5:da:6c:
7e:8f:6a:84:66:6d:97:f7:79:a0:4a:dc:a0:b7:bb:
27:36:8a:3f:de:98:ed:46:dd:d0:75:bf:0a:93:3f:
8f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
55990
63727
139124
139144
sbgp-ipAddrBlock: critical
IPv4:
1.92.0.0/16
1.94.0.0/15
14.130.0.0/15
42.196.0.0-42.198.255.255
43.226.168.0-43.226.215.255
43.226.240.0-43.227.7.255
43.227.36.0-43.227.51.255
43.227.96.0/21
43.249.152.0-43.249.167.255
43.254.0.0/22
49.4.0.0/17
49.220.0.0/16
49.222.0.0/16
60.201.0.0-60.204.255.255
101.54.0.0/16
101.104.0.0/17
101.105.0.0-101.107.255.255
101.245.0.0/16
103.31.200.0/22
103.39.160.0/19
103.40.16.0-103.40.47.255
103.45.80.0/20
103.45.192.0/19
103.46.0.0/22
103.46.152.0-103.46.167.255
103.46.172.0-103.46.183.255
103.161.220.0/23
110.41.0.0/16
113.44.0.0/14
114.115.128.0-114.116.255.255
115.32.0.0/14
115.120.0.0/16
115.173.0.0/17
115.175.0.0/16
116.61.0.0/16
116.63.0.0/16
116.196.192.0/18
116.204.0.0/17
116.205.0.0/16
116.216.0.0/16
116.218.0.0/16
116.243.0.0/16
117.78.0.0/18
117.100.0.0/17
117.101.0.0/16
118.198.0.0/16
118.207.0.0/16
118.244.0.0/17
118.246.0.0/16
119.3.0.0/16
120.46.0.0/16
121.36.0.0/15
121.71.0.0/16
122.9.0.0/16
122.112.128.0/17
123.60.0.0/16
123.196.128.0-123.197.127.255
123.249.0.0/17
124.15.0.0/17
124.70.0.0/15
124.203.0.0/17
175.189.0.0/16
175.190.128.0-175.191.255.255
180.86.0.0/16
180.89.128.0-180.90.255.255
218.245.64.0/18
220.114.0.0/16
223.20.0.0/15
223.201.0.0/16
223.208.0.0/15
IPv6:
2407:c080::/32
2409:2000::/21
Signature Algorithm: sha256WithRSAEncryption
33:a6:12:3c:d5:99:d4:54:f6:fc:b5:9e:e6:18:4e:76:dc:e1:
4b:e6:51:a6:70:6b:f8:5f:14:c3:42:fd:7c:85:3f:f6:53:38:
bb:93:bd:be:8b:98:84:89:c8:27:b8:11:f9:02:9a:65:c4:cd:
db:8d:d9:2c:2e:80:d9:99:9f:06:ae:08:2e:a5:4e:d6:b1:6c:
cc:77:bd:91:36:0c:0d:f9:4a:ec:83:65:c4:ee:3a:1e:bb:b2:
d0:f8:57:a4:9a:a8:07:0a:2c:ce:85:0f:03:63:35:46:1e:f0:
34:33:ab:1b:12:f3:83:ad:70:83:14:49:cc:fb:84:28:c3:aa:
0e:3f:ba:90:ac:98:db:3a:e3:5b:45:57:89:0c:2f:c8:57:5c:
0b:49:94:f9:07:fa:ad:bd:97:6d:e8:ae:61:43:af:21:7f:4c:
ed:e1:6b:79:a2:43:7f:75:36:d6:93:44:f1:6c:22:50:a6:3e:
1a:6b:19:37:64:b6:f6:26:a0:a0:a2:de:8e:77:80:9b:37:47:
12:d7:f1:5c:b2:98:42:d8:71:f1:4e:fc:72:4c:4e:5e:37:ff:
59:a1:c9:2d:4e:ed:7c:6a:0f:96:6b:2b:2f:d5:a8:a1:ee:8e:
b5:4c:b6:cb:92:06:8e:a4:35:72:47:9a:5b:50:3e:f5:f6:75:
89:ae:9d:c6
-----BEGIN CERTIFICATE-----
MIIHfTCCBmWgAwIBAgIDAK3lMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTE4NTRaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDNBQ0UxMEM4MzgyOTJDNkZDNzA2NTg1QjQ0NEVCQUVEQ0EyQTEx
QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB0MB+RM66JF1hPuJF
/Z0GDWNRtppSwq+NAnXIyoZeUipp0NWsbXZuAIL5d7a+yZr2W60ns6Vh9hTdHfEu
5CHredxHwwAx08B0qtHW/aRHAHMLoQP11m73HazAP//SvVQnJ/HuQhX38+fidDTe
m5O2q7unbUmfVi+rOIb2Pyg4gyW/kYCGQh+jfrMaGKHf5qgMdag6TymBAqr0Mn5k
i3eyCPKZrR0dXnDyTGg0b3KzQxKg9GkHkTVZNaPvP9Yjq1Bh5jhx2xVSYsqQsPIS
Ga5KzIOeWZYgN2d2+IsioOXabH6PaoRmbZf3eaBK3KC3uyc2ij/emO1G3dB1vwqT
P4+TAgMBAAGjggSBMIIEfTAdBgNVHQ4EFgQUOs4QyDgpLG/HBlhbRE667coqEbkw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw
MTQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzAxNC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCkGCCsGAQUFBwEIAQH/BBowGKAWMBQCAwDatgIDAPjvAgMCH3QCAwIfiDCCAh4G
CCsGAQUFBwEHAQH/BIICDTCCAgkwggHwBAIAATCCAegDAwABXAMDAQFeAwMBDoIw
CgMDAirEAwMAKsYwDAMEAyviqAMEAyvi0DAMAwQEK+LwAwQDK+MAMAwDBAIr4yQD
BAIr4zADBAMr42AwDAMEAyv5mAMEAyv5oAMEAiv+AAMEBzEEAAMDADHcAwMAMd4w
CgMDADzJAwMAPMwDAwBlNgMEB2VoADAKAwMAZWkDAwJlaAMDAGX1AwQCZx/IAwQF
ZyegMAwDBARnKBADBARnKCADBARnLVADBAVnLcADBAJnLgAwDAMEA2cumAMEA2cu
oDAMAwQCZy6sAwQDZy6wAwQBZ6HcAwMAbikDAwJxLDALAwQHcnOAAwMAcnQDAwJz
IAMDAHN4AwQHc60AAwMAc68DAwB0PQMDAHQ/AwQGdMTAAwQHdMwAAwMAdM0DAwB0
2AMDAHTaAwMAdPMDBAZ1TgADBAd1ZAADAwB1ZQMDAHbGAwMAds8DBAd29AADAwB2
9gMDAHcDAwMAeC4DAwF5JAMDAHlHAwMAegkDBAd6cIADAwB7PDAMAwQHe8SAAwQH
e8UAAwQHe/kAAwQHfA8AAwMBfEYDBAd8ywADAwCvvTALAwQHr76AAwMGr4ADAwC0
VjALAwQHtFmAAwMAtFoDBAba9UADAwDccgMDAd8UAwMA38kDAwHf0DATBAIAAjAN
AwUAJAfAgAMEAyQJIDANBgkqhkiG9w0BAQsFAAOCAQEAM6YSPNWZ1FT2/LWe5hhO
dtzhS+ZRpnBr+F8Uw0L9fIU/9lM4u5O9vouYhInIJ7gR+QKaZcTN243ZLC6A2Zmf
Bq4ILqVO1rFszHe9kTYMDflK7INlxO46Hruy0PhXpJqoBwoszoUPA2M1Rh7wNDOr
GxLzg61wgxRJzPuEKMOqDj+6kKyY2zrjW0VXiQwvyFdcC0mU+Qf6rb2XbeiuYUOv
IX9M7eFreaJDf3U21pNE8WwiUKY+GmsZN2S29iagoKLejneAmzdHEtfxXLKYQthx
8U78ckxOXjf/WaHJLU7tfGoPlmsrL9Wooe6OtUy2y5IGjqQ1ckeaW1A+9fZ1ia6d
xg==
-----END CERTIFICATE-----
Generated at Fri May 10 11:40:35 2024 by rpki-client on console-fra.rpki-client.org