Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.cer
File: PUlFdy0Hqo9NTdfs9sdYDvAcPz8.cer (raw, json)
Hash identifier: 6rOPqekG6IPJgJKJkg8rt+zsSfk2hsIh26BjAUhRpr8=
Subject key identifier: 3D:49:45:77:2D:07:AA:8F:4D:4D:D7:EC:F6:C7:58:0E:F0:1C:3F:3F
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CD9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:09:55 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 131486
AS: 137753
IP: 1.118.0.0/16
IP: 43.241.112.0/22
IP: 101.124.0.0/16
IP: 103.37.72.0/22
IP: 103.224.220.0/22
IP: 111.228.0.0/16
IP: 114.67.64.0 -- 114.67.255.255
IP: 116.196.64.0/18
IP: 116.198.0.0/16
IP: 117.72.0.0/16
IP: 122.12.0.0/16
IP: 123.62.0.0/16
IP: 124.69.0.0/16
IP: 2402:db40::/32
IP: 2403:1ec0::/32
IP: 240f:c000::/24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52637 (0xcd9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:09:55 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3D4945772D07AA8F4D4DD7ECF6C7580EF01C3F3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:18:7e:70:21:02:8e:58:da:f6:b1:95:b1:
ed:b4:d7:32:86:62:1f:ab:eb:88:fb:33:ba:af:30:
89:1b:52:20:0f:65:2f:92:d6:bc:0c:d9:20:96:5a:
2c:d1:2d:66:81:56:7c:e7:f3:5b:df:c6:cc:99:d8:
10:42:7e:dc:93:fc:c1:3f:19:73:39:89:d6:82:37:
a2:d0:ef:b9:6e:d3:f1:f6:03:4b:0c:d0:e0:61:39:
9a:db:95:e9:38:39:4e:f9:9b:08:75:98:9e:fa:9b:
19:1c:0a:be:04:9b:4d:75:e3:7a:8f:c3:67:20:c7:
1c:67:4a:de:a6:d9:5a:ec:27:bb:55:85:1a:c2:9e:
db:37:86:a7:1e:6b:7c:7d:b7:39:cf:79:4f:f8:8e:
70:a0:ad:c0:b9:37:4d:b6:26:76:f7:77:32:a2:8b:
55:29:62:58:02:4c:d1:83:09:eb:ec:fe:bf:d8:21:
27:88:a5:c4:7b:3d:76:67:89:53:d9:a2:8d:44:fc:
f0:d6:ff:89:1f:25:58:58:74:a5:6b:a0:80:be:a4:
ca:3e:ac:09:34:b2:13:38:26:44:85:be:eb:56:53:
d3:1e:70:a1:34:c9:49:53:c4:8f:77:13:2b:f8:67:
45:c2:a9:a2:9d:65:8e:76:5f:1e:23:83:aa:42:0f:
14:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:49:45:77:2D:07:AA:8F:4D:4D:D7:EC:F6:C7:58:0E:F0:1C:3F:3F
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131486
137753
sbgp-ipAddrBlock: critical
IPv4:
1.118.0.0/16
43.241.112.0/22
101.124.0.0/16
103.37.72.0/22
103.224.220.0/22
111.228.0.0/16
114.67.64.0-114.67.255.255
116.196.64.0/18
116.198.0.0/16
117.72.0.0/16
122.12.0.0/16
123.62.0.0/16
124.69.0.0/16
IPv6:
2402:db40::/32
2403:1ec0::/32
240f:c000::/24
Signature Algorithm: sha256WithRSAEncryption
6d:c3:a5:b6:9c:11:68:dc:3c:05:59:be:08:a1:33:ed:38:0b:
b8:3c:44:54:3b:6c:f3:00:fd:25:98:14:2e:75:63:74:c7:b9:
f1:25:bc:11:c1:7e:1e:4c:11:cc:d4:71:5c:26:b8:9e:2d:3b:
1a:b9:6c:72:fd:16:15:77:a0:25:24:0c:1e:54:8c:ef:77:a4:
17:73:89:86:6f:65:17:2e:0c:28:11:db:2d:db:12:07:e5:4b:
17:81:dc:14:3b:44:70:97:b8:7c:fe:56:b5:b5:d1:ae:2d:d5:
b1:94:3e:c7:35:20:83:c7:9f:40:01:b8:47:84:63:45:2d:83:
13:be:56:f2:5d:62:af:42:83:65:11:4d:77:23:a5:c4:3a:ea:
a2:b8:22:71:bc:53:3c:6d:17:2a:2f:e9:39:67:0b:01:ab:53:
1a:c0:4d:a2:dd:87:a5:5b:15:98:a8:f8:e6:5d:60:b3:dc:81:
a0:17:d5:7d:17:7e:ec:63:0a:a5:13:bb:93:22:11:5b:20:f1:
8d:19:c4:26:30:f0:67:42:e0:b2:84:3b:18:a4:54:fe:b5:d5:
e3:df:b6:ec:df:c9:22:e1:0f:43:44:e0:e2:93:55:ac:74:af:
0e:04:5d:8e:32:e4:d6:e6:82:52:42:ba:d5:b5:01:34:25:7c:
d7:a4:ae:b3
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIDAM2dMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA5NTVaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDNENDk0NTc3MkQwN0FBOEY0RDRERDdFQ0Y2Qzc1ODBFRjAxQzNG
M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDByRh+cCECjlja9rGV
se201zKGYh+r64j7M7qvMIkbUiAPZS+S1rwM2SCWWizRLWaBVnzn81vfxsyZ2BBC
ftyT/ME/GXM5idaCN6LQ77lu0/H2A0sM0OBhOZrblek4OU75mwh1mJ76mxkcCr4E
m01143qPw2cgxxxnSt6m2VrsJ7tVhRrCnts3hqcea3x9tznPeU/4jnCgrcC5N022
Jnb3dzKii1UpYlgCTNGDCevs/r/YISeIpcR7PXZniVPZoo1E/PDW/4kfJVhYdKVr
oIC+pMo+rAk0shM4JkSFvutWU9MecKE0yUlTxI93Eyv4Z0XCqaKdZY52Xx4jg6pC
DxT3AgMBAAGjggLaMIIC1jAdBgNVHQ4EFgQUPUlFdy0Hqo9NTdfs9sdYDvAcPz8w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy
NjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzI2My9QVWxGZHkwSHFvOU5UZGZzOXNkWUR2QWNQejgubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwIBngIDAhoZMIGCBggrBgEFBQcBBwEB
/wRzMHEwUwQCAAEwTQMDAAF2AwQCK/FwAwMAZXwDBAJnJUgDBAJn4NwDAwBv5DAL
AwQGckNAAwMCckADBAZ0xEADAwB0xgMDAHVIAwMAegwDAwB7PgMDAHxFMBoEAgAC
MBQDBQAkAttAAwUAJAMewAMEACQPwDANBgkqhkiG9w0BAQsFAAOCAQEAbcOltpwR
aNw8BVm+CKEz7TgLuDxEVDts8wD9JZgULnVjdMe58SW8EcF+HkwRzNRxXCa4ni07
Grlscv0WFXegJSQMHlSM73ekF3OJhm9lFy4MKBHbLdsSB+VLF4HcFDtEcJe4fP5W
tbXRri3VsZQ+xzUgg8efQAG4R4RjRS2DE75W8l1ir0KDZRFNdyOlxDrqorgicbxT
PG0XKi/pOWcLAatTGsBNot2HpVsVmKj45l1gs9yBoBfVfRd+7GMKpRO7kyIRWyDx
jRnEJjDwZ0LgsoQ7GKRU/rXV49+27N/JIuEPQ0Tg4pNVrHSvDgRdjjLk1uaCUkK6
1bUBNCV816Susw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:18:37 2025 by rpki-client