Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.cer
File: PUlFdy0Hqo9NTdfs9sdYDvAcPz8.cer (raw, json)
Hash identifier: Ws02hFtI/ado68i5ARekoCKLTxbxWBUyNi+9MtfH4cA=
Subject key identifier: 3D:49:45:77:2D:07:AA:8F:4D:4D:D7:EC:F6:C7:58:0E:F0:1C:3F:3F
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AEBB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:21:18 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 131486
AS: 137753
IP: 1.118.0.0/16
IP: 43.241.112.0/22
IP: 101.124.0.0/16
IP: 103.37.72.0/22
IP: 103.224.220.0/22
IP: 111.228.0.0/16
IP: 114.67.64.0 -- 114.67.255.255
IP: 116.196.64.0/18
IP: 116.198.0.0/16
IP: 117.72.0.0/16
IP: 122.12.0.0/16
IP: 123.62.0.0/16
IP: 124.69.0.0/16
IP: 2402:db40::/32
IP: 2403:1ec0::/32
IP: 240f:c000::/24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 17 May 2024 11:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44731 (0xaebb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:21:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3D4945772D07AA8F4D4DD7ECF6C7580EF01C3F3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:18:7e:70:21:02:8e:58:da:f6:b1:95:b1:
ed:b4:d7:32:86:62:1f:ab:eb:88:fb:33:ba:af:30:
89:1b:52:20:0f:65:2f:92:d6:bc:0c:d9:20:96:5a:
2c:d1:2d:66:81:56:7c:e7:f3:5b:df:c6:cc:99:d8:
10:42:7e:dc:93:fc:c1:3f:19:73:39:89:d6:82:37:
a2:d0:ef:b9:6e:d3:f1:f6:03:4b:0c:d0:e0:61:39:
9a:db:95:e9:38:39:4e:f9:9b:08:75:98:9e:fa:9b:
19:1c:0a:be:04:9b:4d:75:e3:7a:8f:c3:67:20:c7:
1c:67:4a:de:a6:d9:5a:ec:27:bb:55:85:1a:c2:9e:
db:37:86:a7:1e:6b:7c:7d:b7:39:cf:79:4f:f8:8e:
70:a0:ad:c0:b9:37:4d:b6:26:76:f7:77:32:a2:8b:
55:29:62:58:02:4c:d1:83:09:eb:ec:fe:bf:d8:21:
27:88:a5:c4:7b:3d:76:67:89:53:d9:a2:8d:44:fc:
f0:d6:ff:89:1f:25:58:58:74:a5:6b:a0:80:be:a4:
ca:3e:ac:09:34:b2:13:38:26:44:85:be:eb:56:53:
d3:1e:70:a1:34:c9:49:53:c4:8f:77:13:2b:f8:67:
45:c2:a9:a2:9d:65:8e:76:5f:1e:23:83:aa:42:0f:
14:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:49:45:77:2D:07:AA:8F:4D:4D:D7:EC:F6:C7:58:0E:F0:1C:3F:3F
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131486
137753
sbgp-ipAddrBlock: critical
IPv4:
1.118.0.0/16
43.241.112.0/22
101.124.0.0/16
103.37.72.0/22
103.224.220.0/22
111.228.0.0/16
114.67.64.0-114.67.255.255
116.196.64.0/18
116.198.0.0/16
117.72.0.0/16
122.12.0.0/16
123.62.0.0/16
124.69.0.0/16
IPv6:
2402:db40::/32
2403:1ec0::/32
240f:c000::/24
Signature Algorithm: sha256WithRSAEncryption
34:2a:7d:20:48:aa:7e:4c:4e:36:df:16:46:10:da:31:78:c8:
2f:2c:05:49:fb:36:c9:25:97:bb:2f:dc:a7:0f:57:87:58:db:
c1:ef:eb:6d:51:4e:a4:40:55:34:0b:4f:5b:1c:0c:f3:a2:65:
92:82:aa:7a:8e:60:42:29:c4:aa:4c:d4:b2:2b:9e:3a:fe:60:
59:ea:4e:41:87:6a:d5:7b:5f:90:45:88:f5:6c:3e:23:18:89:
43:65:d5:ab:ca:fc:8b:bd:f4:34:63:11:f9:f8:84:43:27:3a:
c3:c9:b6:67:b2:da:24:08:d4:ff:d9:19:1e:9c:6e:4f:43:cf:
c9:57:00:30:f3:f5:0d:78:6d:e0:5b:f0:10:ef:7e:2b:83:39:
10:02:75:af:15:e5:df:ae:e5:3f:65:10:02:56:c6:fa:3b:a5:
c9:0f:a2:3b:2e:78:3f:02:e5:39:9a:55:67:51:d2:c1:c1:79:
2c:6d:ec:b2:a7:80:24:5f:8e:b1:92:e5:46:df:51:ea:0e:87:
9e:da:b9:6d:cd:c7:8f:82:76:5c:ec:21:52:9f:e4:96:3a:2c:
fc:c7:49:c9:73:e5:a7:30:be:82:5c:ce:9b:0d:94:ed:2d:99:
cc:86:64:69:6d:f2:b7:2c:fa:56:65:a3:97:4f:9a:6d:e6:67:
7c:24:b6:c8
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIDAK67MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIxMThaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDNENDk0NTc3MkQwN0FBOEY0RDRERDdFQ0Y2Qzc1ODBFRjAxQzNG
M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDByRh+cCECjlja9rGV
se201zKGYh+r64j7M7qvMIkbUiAPZS+S1rwM2SCWWizRLWaBVnzn81vfxsyZ2BBC
ftyT/ME/GXM5idaCN6LQ77lu0/H2A0sM0OBhOZrblek4OU75mwh1mJ76mxkcCr4E
m01143qPw2cgxxxnSt6m2VrsJ7tVhRrCnts3hqcea3x9tznPeU/4jnCgrcC5N022
Jnb3dzKii1UpYlgCTNGDCevs/r/YISeIpcR7PXZniVPZoo1E/PDW/4kfJVhYdKVr
oIC+pMo+rAk0shM4JkSFvutWU9MecKE0yUlTxI93Eyv4Z0XCqaKdZY52Xx4jg6pC
DxT3AgMBAAGjggLaMIIC1jAdBgNVHQ4EFgQUPUlFdy0Hqo9NTdfs9sdYDvAcPz8w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy
NjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzI2My9QVWxGZHkwSHFvOU5UZGZzOXNkWUR2QWNQejgubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwIBngIDAhoZMIGCBggrBgEFBQcBBwEB
/wRzMHEwUwQCAAEwTQMDAAF2AwQCK/FwAwMAZXwDBAJnJUgDBAJn4NwDAwBv5DAL
AwQGckNAAwMCckADBAZ0xEADAwB0xgMDAHVIAwMAegwDAwB7PgMDAHxFMBoEAgAC
MBQDBQAkAttAAwUAJAMewAMEACQPwDANBgkqhkiG9w0BAQsFAAOCAQEANCp9IEiq
fkxONt8WRhDaMXjILywFSfs2ySWXuy/cpw9Xh1jbwe/rbVFOpEBVNAtPWxwM86Jl
koKqeo5gQinEqkzUsiueOv5gWepOQYdq1XtfkEWI9Ww+IxiJQ2XVq8r8i730NGMR
+fiEQyc6w8m2Z7LaJAjU/9kZHpxuT0PPyVcAMPP1DXht4FvwEO9+K4M5EAJ1rxXl
367lP2UQAlbG+julyQ+iOy54PwLlOZpVZ1HSwcF5LG3ssqeAJF+OsZLlRt9R6g6H
ntq5bc3Hj4J2XOwhUp/kljos/MdJyXPlpzC+glzOmw2U7S2ZzIZkaW3ytyz6VmWj
l0+abeZnfCS2yA==
-----END CERTIFICATE-----
Generated at Fri May 17 06:19:02 2024 by rpki-client on console-fra.rpki-client.org