$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer File: OstT3inBC2LxfO9hjR44QUU6wOg.cer (raw, json) Hash identifier: PQc1knKdR9BikPqiAxV+AdEqInpMFdOrAftFh0p58wQ= Subject key identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3293 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 01 Mar 2024 01:44:04 +0000 Certificate not after: Sat 22 Feb 2025 10:48:31 +0000 Subordinate resources: IP: 157.20.136.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 May 2024 12:56:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12947 (0x3293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Mar 1 01:44:04 2024 GMT Not After : Feb 22 10:48:31 2025 GMT Subject: CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4e:e9:16:cc:87:f3:cd:eb:61:bd:74:c8:d8: f0:18:f4:4b:ea:41:cc:d1:5f:84:1f:63:26:0a:3e: b2:2e:e0:09:c5:36:60:b6:d7:56:b5:0d:d8:82:06: 59:c1:ef:f8:4f:18:51:24:7a:5f:4d:e4:23:63:93: 24:30:d8:34:0e:02:e3:42:04:04:02:35:83:21:6d: ab:93:21:1c:af:ed:22:21:c7:be:e0:07:5b:fe:b8: 63:d9:5e:eb:03:84:e5:5b:75:41:bc:52:f4:e8:af: 87:79:de:ef:07:6c:ed:a3:16:39:b9:ea:c8:55:b9: 70:d7:ca:09:5f:fa:2c:00:86:1d:e0:41:54:01:7c: 8f:0b:9c:ae:53:34:d8:e8:c0:28:0d:0e:b1:cc:15: 6b:bb:d7:96:09:6f:d5:f9:ba:a8:b6:28:36:f5:98: 69:05:7d:58:cb:a8:a1:6b:90:de:be:b0:7d:6e:b7: 47:b4:88:be:cd:fa:b5:25:e6:c4:16:41:57:e0:67: fe:08:bc:e8:df:69:52:bf:42:29:1e:18:05:27:21: 48:f7:d4:a3:ab:ec:09:a7:85:5a:a5:d7:02:bd:20: df:ae:45:f2:23:03:df:c1:a5:7d:8b:a2:77:1a:0b: ff:7a:d4:c5:f7:7b:2c:52:41:64:35:6d:f2:a6:7d: 64:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.136.0/23 Signature Algorithm: sha256WithRSAEncryption 21:46:e5:44:45:32:d3:42:df:96:23:b3:13:46:2a:ba:6f:06: dd:83:8a:95:b0:dd:76:d1:fe:8d:a9:69:16:6a:f7:32:97:62: 04:0d:27:b6:08:2f:ad:c4:45:1a:3e:8a:30:98:9c:97:cf:d1: f4:3a:72:4d:2d:41:c3:1e:00:c9:90:40:25:06:c3:79:de:fd: 95:9a:f6:55:93:76:50:e2:f8:37:4d:36:86:7f:9f:20:cb:a4: a3:22:7d:24:aa:19:d7:1e:33:1e:6d:ad:ec:b0:88:eb:6a:97: 31:f6:13:60:81:5a:ac:e0:43:6f:b8:1a:1b:4f:0b:cf:ad:9a: cc:19:97:60:bf:cf:1f:69:fd:2e:3f:c0:47:3f:27:10:1f:6a: 54:52:ac:ec:51:b3:6c:8b:4b:1c:36:8e:17:e3:60:b7:49:e7: f1:8b:8e:8f:07:ee:82:81:14:7f:5d:83:6c:9b:92:ea:21:92: 39:b3:17:2d:3e:57:d4:32:0e:dd:9d:36:f0:31:a7:71:e0:1f: 82:f4:da:63:e1:7f:30:8d:bf:17:1b:4a:a6:3c:4c:cd:e4:d3: 34:b2:49:59:32:de:8e:99:29:0b:b2:b7:02:ce:42:ea:c1:c4: e0:0c:c3:a3:dc:32:f3:46:55:45:0e:53:45:e4:a4:9c:12:48: 79:e2:29:f9 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICMpMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDMwMTAxNDQwNFoXDTI1MDIyMjEwNDgzMVowMzEx MC8GA1UEAxMoM0FDQjUzREUyOUMxMEI2MkYxN0NFRjYxOEQxRTM4NDE0NTNBQzBF ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdO6RbMh/PN62G9dMjY 8Bj0S+pBzNFfhB9jJgo+si7gCcU2YLbXVrUN2IIGWcHv+E8YUSR6X03kI2OTJDDY NA4C40IEBAI1gyFtq5MhHK/tIiHHvuAHW/64Y9le6wOE5Vt1QbxS9Oivh3ne7wds 7aMWObnqyFW5cNfKCV/6LACGHeBBVAF8jwucrlM02OjAKA0OscwVa7vXlglv1fm6 qLYoNvWYaQV9WMuooWuQ3r6wfW63R7SIvs36tSXmxBZBV+Bn/gi86N9pUr9CKR4Y BSchSPfUo6vsCaeFWqXXAr0g365F8iMD38GlfYuidxoL/3rUxfd7LFJBZDVt8qZ9 ZL0CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQ6y1PeKcELYvF872GNHjhBRTrA6DAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Ny8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjY3L09zdFQzaW5CQzJMeGZPOWhqUjQ0UVVVNndPZy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdFIgwDQYJKoZIhvcNAQELBQAD ggEBACFG5URFMtNC35YjsxNGKrpvBt2DipWw3XbR/o2paRZq9zKXYgQNJ7YIL63E RRo+ijCYnJfP0fQ6ck0tQcMeAMmQQCUGw3ne/ZWa9lWTdlDi+DdNNoZ/nyDLpKMi fSSqGdceMx5treywiOtqlzH2E2CBWqzgQ2+4GhtPC8+tmswZl2C/zx9p/S4/wEc/ JxAfalRSrOxRs2yLSxw2jhfjYLdJ5/GLjo8H7oKBFH9dg2ybkuohkjmzFy0+V9Qy Dt2dNvAxp3HgH4L02mPhfzCNvxcbSqY8TM3k0zSySVky3o6ZKQuytwLOQurBxOAM w6PcMvNGVUUOU0XkpJwSSHniKfk= -----END CERTIFICATE-----Generated at Wed May 29 07:19:25 2024 by rpki-client on console-fra.rpki-client.org