$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer File: QANTiAtHjVuXKhIEzwZR3ilfjso.cer (raw, json) Hash identifier: wTKzAQNmV0Tc+UUtmN+tSUeNO+6wEJEz3eBfdaeWxQM= Subject key identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AEAD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:21:09 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 103.139.2.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 19:56:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44717 (0xaead) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:21:09 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=400353880B478D5B972A1204CF0651DE295F8ECA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:62:ec:e4:8a:65:8f:b8:b8:c8:8b:dd:24:40: ec:28:ab:c8:b0:d4:1b:ce:2c:36:11:8c:c4:ae:be: 41:1e:20:ee:f1:7a:86:37:e8:89:14:d1:c9:70:d1: 52:be:61:27:8d:53:90:c1:04:c4:da:30:66:d4:ef: 66:16:37:5c:4f:9c:51:ae:66:19:76:8b:73:d9:ca: 3d:69:93:4e:06:b2:1d:f5:76:96:9a:df:91:29:ca: ec:c7:c6:1a:53:0f:24:b2:86:7e:ec:35:a0:f4:7d: e2:ce:54:86:3e:3d:c4:b1:2d:7e:14:f5:59:38:fc: 0b:ec:66:07:9e:3c:a9:eb:b9:54:2b:64:eb:d0:54: e9:87:1b:d1:27:cc:be:5d:ca:82:b2:17:d6:9d:27: d4:24:61:db:b1:7f:5f:03:63:52:f5:35:dd:87:1d: d7:d5:0f:dd:20:f3:d4:eb:42:46:23:03:74:1f:b3: 76:2d:1a:19:5d:d0:b7:8c:2a:32:15:b5:9f:e1:3e: 36:b0:4b:bf:b0:f5:72:63:77:e4:66:29:da:8f:f7: 24:46:fb:10:a1:92:af:80:f7:45:34:10:55:a7:21: bf:1a:b6:95:f3:d1:45:78:85:a0:34:26:63:b7:ac: 09:a7:bb:46:f7:4a:8b:aa:9c:c6:13:aa:24:f3:07: 81:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.2.0/23 Signature Algorithm: sha256WithRSAEncryption 13:0f:cf:31:2b:d9:0b:21:4b:93:a5:2e:da:26:f0:f2:9b:d9: 66:62:a0:51:ba:00:81:83:3d:d9:f2:38:3d:1a:c2:5f:ca:bd: 51:96:40:08:ef:b2:d9:b1:44:02:80:51:81:31:91:2a:da:eb: e4:a2:4c:a7:93:fe:3a:ec:0d:38:a2:cd:61:8b:a4:fc:b4:97: 07:0f:e8:bd:79:30:bb:53:59:eb:b1:d8:b5:5e:2a:48:e1:83: 6d:be:0c:5e:b4:9b:b5:10:24:08:44:60:21:82:eb:f4:73:4e: fe:42:89:e7:55:72:55:d2:a6:fe:53:27:b5:04:b8:8f:5b:5e: 62:7d:14:29:6c:9d:93:9d:a4:1c:9a:ed:e3:f0:dc:81:ab:49: 03:6e:b0:c4:cd:ad:fe:0d:91:98:6a:7f:85:f1:12:7a:bd:26: ee:e2:d7:eb:7e:5c:83:5f:4b:d0:35:3a:9a:69:76:69:d1:97: c6:8b:04:9c:1c:8a:d0:48:b2:f4:ca:fb:a6:c5:94:88:a9:df: 9d:eb:24:a8:88:d5:47:40:b6:f1:4c:28:d4:63:3f:d9:8d:aa: 81:ce:a9:c6:9b:99:f2:8e:da:7a:0c:cc:19:d2:ca:be:71:9b: b0:32:31:4e:40:72:83:f4:99:b6:21:8b:4b:72:47:0e:7f:b5: e0:2e:70:5c -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAK6tMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIxMDlaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDQwMDM1Mzg4MEI0NzhENUI5NzJBMTIwNENGMDY1MURFMjk1RjhF Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClYuzkimWPuLjIi90k QOwoq8iw1BvOLDYRjMSuvkEeIO7xeoY36IkU0clw0VK+YSeNU5DBBMTaMGbU72YW N1xPnFGuZhl2i3PZyj1pk04Gsh31dpaa35EpyuzHxhpTDySyhn7sNaD0feLOVIY+ PcSxLX4U9Vk4/AvsZgeePKnruVQrZOvQVOmHG9EnzL5dyoKyF9adJ9QkYduxf18D Y1L1Nd2HHdfVD90g89TrQkYjA3Qfs3YtGhld0LeMKjIVtZ/hPjawS7+w9XJjd+Rm KdqP9yRG+xChkq+A90U0EFWnIb8atpXz0UV4haA0JmO3rAmnu0b3SouqnMYTqiTz B4E9AgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUQANTiAtHjVuXKhIEzwZR3ilfjsow HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 OTAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjg5MC9RQU5UaUF0SGpWdVhLaElFendaUjNpbGZqc28ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ4sCMA0GCSqGSIb3DQEBCwUA A4IBAQATD88xK9kLIUuTpS7aJvDym9lmYqBRugCBgz3Z8jg9GsJfyr1RlkAI77LZ sUQCgFGBMZEq2uvkokynk/467A04os1hi6T8tJcHD+i9eTC7U1nrsdi1XipI4YNt vgxetJu1ECQIRGAhguv0c07+QonnVXJV0qb+Uye1BLiPW15ifRQpbJ2TnaQcmu3j 8NyBq0kDbrDEza3+DZGYan+F8RJ6vSbu4tfrflyDX0vQNTqaaXZp0ZfGiwScHIrQ SLL0yvumxZSIqd+d6ySoiNVHQLbxTCjUYz/ZjaqBzqnGm5nyjtp6DMwZ0sq+cZuw MjFOQHKD9Jm2IYtLckcOf7XgLnBc -----END CERTIFICATE-----Generated at Sun May 19 14:41:54 2024 by rpki-client on console-ams.rpki-client.org