Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.cer
File: PUlFdy0Hqo9NTdfs9sdYDvAcPz8.cer (raw, json)
Hash identifier: ojoJgU19im6QnYP7mk1qpI7zJPXjS888e/oWs/JPSSE=
Subject key identifier: 3D:49:45:77:2D:07:AA:8F:4D:4D:D7:EC:F6:C7:58:0E:F0:1C:3F:3F
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BBEF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:53:23 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 131486
AS: 137753
IP: 1.118.0.0/16
IP: 43.241.112.0/22
IP: 101.124.0.0/16
IP: 103.37.72.0/22
IP: 103.224.220.0/22
IP: 111.228.0.0/16
IP: 114.67.64.0 -- 114.67.255.255
IP: 116.196.64.0/18
IP: 116.198.0.0/16
IP: 117.72.0.0/16
IP: 122.12.0.0/16
IP: 123.62.0.0/16
IP: 124.69.0.0/16
IP: 2402:db40::/32
IP: 2403:1ec0::/32
IP: 240f:c000::/24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48111 (0xbbef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:53:23 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3D4945772D07AA8F4D4DD7ECF6C7580EF01C3F3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:18:7e:70:21:02:8e:58:da:f6:b1:95:b1:
ed:b4:d7:32:86:62:1f:ab:eb:88:fb:33:ba:af:30:
89:1b:52:20:0f:65:2f:92:d6:bc:0c:d9:20:96:5a:
2c:d1:2d:66:81:56:7c:e7:f3:5b:df:c6:cc:99:d8:
10:42:7e:dc:93:fc:c1:3f:19:73:39:89:d6:82:37:
a2:d0:ef:b9:6e:d3:f1:f6:03:4b:0c:d0:e0:61:39:
9a:db:95:e9:38:39:4e:f9:9b:08:75:98:9e:fa:9b:
19:1c:0a:be:04:9b:4d:75:e3:7a:8f:c3:67:20:c7:
1c:67:4a:de:a6:d9:5a:ec:27:bb:55:85:1a:c2:9e:
db:37:86:a7:1e:6b:7c:7d:b7:39:cf:79:4f:f8:8e:
70:a0:ad:c0:b9:37:4d:b6:26:76:f7:77:32:a2:8b:
55:29:62:58:02:4c:d1:83:09:eb:ec:fe:bf:d8:21:
27:88:a5:c4:7b:3d:76:67:89:53:d9:a2:8d:44:fc:
f0:d6:ff:89:1f:25:58:58:74:a5:6b:a0:80:be:a4:
ca:3e:ac:09:34:b2:13:38:26:44:85:be:eb:56:53:
d3:1e:70:a1:34:c9:49:53:c4:8f:77:13:2b:f8:67:
45:c2:a9:a2:9d:65:8e:76:5f:1e:23:83:aa:42:0f:
14:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:49:45:77:2D:07:AA:8F:4D:4D:D7:EC:F6:C7:58:0E:F0:1C:3F:3F
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3263/PUlFdy0Hqo9NTdfs9sdYDvAcPz8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131486
137753
sbgp-ipAddrBlock: critical
IPv4:
1.118.0.0/16
43.241.112.0/22
101.124.0.0/16
103.37.72.0/22
103.224.220.0/22
111.228.0.0/16
114.67.64.0-114.67.255.255
116.196.64.0/18
116.198.0.0/16
117.72.0.0/16
122.12.0.0/16
123.62.0.0/16
124.69.0.0/16
IPv6:
2402:db40::/32
2403:1ec0::/32
240f:c000::/24
Signature Algorithm: sha256WithRSAEncryption
50:cf:12:4b:34:f7:4a:08:23:2d:88:1d:f9:c6:ba:72:17:56:
d5:6d:bb:a7:86:10:6f:c7:26:b8:e3:09:5f:8c:57:cd:fa:d2:
8b:3c:1a:79:5c:b1:8b:7b:6a:2a:19:57:d5:f0:e8:cc:12:b1:
af:bc:82:e2:b4:c4:33:c5:bb:0e:9b:61:d1:c4:47:02:ad:a4:
4c:d8:47:6c:e2:3a:3a:47:72:0c:93:63:15:57:5d:d4:83:7a:
d4:97:9b:da:bd:2b:15:d3:b4:db:2f:08:d0:7f:93:a6:3a:cb:
2d:3a:67:9b:77:30:10:1f:43:c4:d2:1a:24:23:7a:ed:c4:31:
4f:70:e1:cb:39:5a:88:97:30:8b:b1:28:42:6a:d7:a6:02:05:
09:f3:4e:bf:e3:ff:88:0a:f5:0e:85:ea:34:ab:82:d4:ea:1d:
a5:90:6c:64:c6:0e:49:dd:94:1b:44:cf:64:e2:09:87:37:32:
4e:f6:b8:ba:ba:ea:fd:7b:aa:49:cf:2e:fa:1c:4b:db:2b:41:
0f:57:a5:11:c0:09:ef:97:ee:bd:f7:1d:6b:8e:a1:49:ec:5c:
c9:af:0e:67:ce:60:f6:00:05:d0:fd:cd:5a:5f:71:6d:f0:75:
7d:ac:29:bc:a8:66:ca:07:79:b4:16:1e:6d:84:f3:61:a2:cf:
66:9c:2e:c0
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIDALvvMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUzMjNaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDNENDk0NTc3MkQwN0FBOEY0RDRERDdFQ0Y2Qzc1ODBFRjAxQzNG
M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDByRh+cCECjlja9rGV
se201zKGYh+r64j7M7qvMIkbUiAPZS+S1rwM2SCWWizRLWaBVnzn81vfxsyZ2BBC
ftyT/ME/GXM5idaCN6LQ77lu0/H2A0sM0OBhOZrblek4OU75mwh1mJ76mxkcCr4E
m01143qPw2cgxxxnSt6m2VrsJ7tVhRrCnts3hqcea3x9tznPeU/4jnCgrcC5N022
Jnb3dzKii1UpYlgCTNGDCevs/r/YISeIpcR7PXZniVPZoo1E/PDW/4kfJVhYdKVr
oIC+pMo+rAk0shM4JkSFvutWU9MecKE0yUlTxI93Eyv4Z0XCqaKdZY52Xx4jg6pC
DxT3AgMBAAGjggLaMIIC1jAdBgNVHQ4EFgQUPUlFdy0Hqo9NTdfs9sdYDvAcPz8w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy
NjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzI2My9QVWxGZHkwSHFvOU5UZGZzOXNkWUR2QWNQejgubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwIBngIDAhoZMIGCBggrBgEFBQcBBwEB
/wRzMHEwUwQCAAEwTQMDAAF2AwQCK/FwAwMAZXwDBAJnJUgDBAJn4NwDAwBv5DAL
AwQGckNAAwMCckADBAZ0xEADAwB0xgMDAHVIAwMAegwDAwB7PgMDAHxFMBoEAgAC
MBQDBQAkAttAAwUAJAMewAMEACQPwDANBgkqhkiG9w0BAQsFAAOCAQEAUM8SSzT3
SggjLYgd+ca6chdW1W27p4YQb8cmuOMJX4xXzfrSizwaeVyxi3tqKhlX1fDozBKx
r7yC4rTEM8W7Dpth0cRHAq2kTNhHbOI6OkdyDJNjFVdd1IN61Jeb2r0rFdO02y8I
0H+TpjrLLTpnm3cwEB9DxNIaJCN67cQxT3DhyzlaiJcwi7EoQmrXpgIFCfNOv+P/
iAr1DoXqNKuC1OodpZBsZMYOSd2UG0TPZOIJhzcyTva4urrq/XuqSc8u+hxL2ytB
D1elEcAJ75fuvfcda46hSexcya8OZ85g9gAF0P3NWl9xbfB1fawpvKhmygd5tBYe
bYTzYaLPZpwuwA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:28 2024 by rpki-client on console-ams.rpki-client.org