$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer File: OstT3inBC2LxfO9hjR44QUU6wOg.cer (raw, json) Hash identifier: smMTGGjeLXgJsNOf1qPrctfaHkEARVdKpGtHdCiJdk4= Subject key identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 37C7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:53:40 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 157.20.136.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14279 (0x37c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Sep 27 02:53:40 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4e:e9:16:cc:87:f3:cd:eb:61:bd:74:c8:d8: f0:18:f4:4b:ea:41:cc:d1:5f:84:1f:63:26:0a:3e: b2:2e:e0:09:c5:36:60:b6:d7:56:b5:0d:d8:82:06: 59:c1:ef:f8:4f:18:51:24:7a:5f:4d:e4:23:63:93: 24:30:d8:34:0e:02:e3:42:04:04:02:35:83:21:6d: ab:93:21:1c:af:ed:22:21:c7:be:e0:07:5b:fe:b8: 63:d9:5e:eb:03:84:e5:5b:75:41:bc:52:f4:e8:af: 87:79:de:ef:07:6c:ed:a3:16:39:b9:ea:c8:55:b9: 70:d7:ca:09:5f:fa:2c:00:86:1d:e0:41:54:01:7c: 8f:0b:9c:ae:53:34:d8:e8:c0:28:0d:0e:b1:cc:15: 6b:bb:d7:96:09:6f:d5:f9:ba:a8:b6:28:36:f5:98: 69:05:7d:58:cb:a8:a1:6b:90:de:be:b0:7d:6e:b7: 47:b4:88:be:cd:fa:b5:25:e6:c4:16:41:57:e0:67: fe:08:bc:e8:df:69:52:bf:42:29:1e:18:05:27:21: 48:f7:d4:a3:ab:ec:09:a7:85:5a:a5:d7:02:bd:20: df:ae:45:f2:23:03:df:c1:a5:7d:8b:a2:77:1a:0b: ff:7a:d4:c5:f7:7b:2c:52:41:64:35:6d:f2:a6:7d: 64:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.136.0/23 Signature Algorithm: sha256WithRSAEncryption a9:d0:6c:4d:0d:c1:85:67:25:fe:22:19:b0:17:16:7d:b4:00: 45:a6:d7:1c:e0:27:34:1d:5e:93:fc:6f:44:02:be:2e:ac:47: 97:bb:6b:d1:ac:7a:96:23:ae:cc:d6:77:a9:3e:e5:96:b0:21: ae:13:74:3b:a2:2b:38:33:eb:57:b6:9a:40:b0:5e:ac:e3:44: 9f:b6:20:88:f4:88:76:43:ad:a5:b1:08:71:2a:7b:d5:0e:9f: 36:05:3f:66:12:ec:7c:40:74:4f:0f:5e:a3:47:13:95:12:7f: a5:53:1e:28:37:2d:8c:a0:8e:da:12:28:d6:23:dc:4b:17:05: 1c:86:de:92:fb:33:c5:71:6b:41:7a:fe:b5:ca:cf:90:b6:b5: 8e:42:62:b2:a3:71:7c:f7:90:37:b2:49:81:ed:a6:99:78:49: eb:5d:51:f1:0a:0b:92:5a:67:f7:0f:ed:45:4e:32:af:10:26: d6:35:92:ca:95:50:86:a2:63:81:25:5f:5d:e3:4b:cd:b5:57: d9:8b:98:0e:78:38:5a:3c:89:f5:c5:99:cf:7d:73:af:02:40: 95:3d:61:56:51:7a:18:fa:ae:63:69:e3:07:41:81:4c:9b:d8: fe:20:e0:fb:c1:d1:65:41:fe:83:a9:77:0a:10:94:ce:c4:60: 21:9c:7b:45 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICN8cwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNTM0MFoXDTI1MDkyNzAyNDAxNFowMzEx MC8GA1UEAxMoM0FDQjUzREUyOUMxMEI2MkYxN0NFRjYxOEQxRTM4NDE0NTNBQzBF ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdO6RbMh/PN62G9dMjY 8Bj0S+pBzNFfhB9jJgo+si7gCcU2YLbXVrUN2IIGWcHv+E8YUSR6X03kI2OTJDDY NA4C40IEBAI1gyFtq5MhHK/tIiHHvuAHW/64Y9le6wOE5Vt1QbxS9Oivh3ne7wds 7aMWObnqyFW5cNfKCV/6LACGHeBBVAF8jwucrlM02OjAKA0OscwVa7vXlglv1fm6 qLYoNvWYaQV9WMuooWuQ3r6wfW63R7SIvs36tSXmxBZBV+Bn/gi86N9pUr9CKR4Y BSchSPfUo6vsCaeFWqXXAr0g365F8iMD38GlfYuidxoL/3rUxfd7LFJBZDVt8qZ9 ZL0CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQ6y1PeKcELYvF872GNHjhBRTrA6DAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Ny8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjY3L09zdFQzaW5CQzJMeGZPOWhqUjQ0UVVVNndPZy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdFIgwDQYJKoZIhvcNAQELBQAD ggEBAKnQbE0NwYVnJf4iGbAXFn20AEWm1xzgJzQdXpP8b0QCvi6sR5e7a9GsepYj rszWd6k+5ZawIa4TdDuiKzgz61e2mkCwXqzjRJ+2IIj0iHZDraWxCHEqe9UOnzYF P2YS7HxAdE8PXqNHE5USf6VTHig3LYygjtoSKNYj3EsXBRyG3pL7M8Vxa0F6/rXK z5C2tY5CYrKjcXz3kDeySYHtppl4SetdUfEKC5JaZ/cP7UVOMq8QJtY1ksqVUIai Y4ElX13jS821V9mLmA54OFo8ifXFmc99c68CQJU9YVZRehj6rmNp4wdBgUyb2P4g 4PvB0WVB/oOpdwoQlM7EYCGce0U= -----END CERTIFICATE-----Generated at Sat Nov 23 01:15:52 2024 by rpki-client on console-fra.rpki-client.org