$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer File: QANTiAtHjVuXKhIEzwZR3ilfjso.cer (raw, json) Hash identifier: 30b3w3KIOeCPnLaUj/0YEZfdSrGf5KTdsEvIcxMO3Zs= Subject key identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BAE1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:49:25 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.139.2.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47841 (0xbae1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:49:25 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=400353880B478D5B972A1204CF0651DE295F8ECA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:62:ec:e4:8a:65:8f:b8:b8:c8:8b:dd:24:40: ec:28:ab:c8:b0:d4:1b:ce:2c:36:11:8c:c4:ae:be: 41:1e:20:ee:f1:7a:86:37:e8:89:14:d1:c9:70:d1: 52:be:61:27:8d:53:90:c1:04:c4:da:30:66:d4:ef: 66:16:37:5c:4f:9c:51:ae:66:19:76:8b:73:d9:ca: 3d:69:93:4e:06:b2:1d:f5:76:96:9a:df:91:29:ca: ec:c7:c6:1a:53:0f:24:b2:86:7e:ec:35:a0:f4:7d: e2:ce:54:86:3e:3d:c4:b1:2d:7e:14:f5:59:38:fc: 0b:ec:66:07:9e:3c:a9:eb:b9:54:2b:64:eb:d0:54: e9:87:1b:d1:27:cc:be:5d:ca:82:b2:17:d6:9d:27: d4:24:61:db:b1:7f:5f:03:63:52:f5:35:dd:87:1d: d7:d5:0f:dd:20:f3:d4:eb:42:46:23:03:74:1f:b3: 76:2d:1a:19:5d:d0:b7:8c:2a:32:15:b5:9f:e1:3e: 36:b0:4b:bf:b0:f5:72:63:77:e4:66:29:da:8f:f7: 24:46:fb:10:a1:92:af:80:f7:45:34:10:55:a7:21: bf:1a:b6:95:f3:d1:45:78:85:a0:34:26:63:b7:ac: 09:a7:bb:46:f7:4a:8b:aa:9c:c6:13:aa:24:f3:07: 81:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.2.0/23 Signature Algorithm: sha256WithRSAEncryption 27:a5:57:68:d1:a1:3a:f5:1e:94:5b:0e:79:3f:56:b4:4c:62: 6d:30:90:f5:eb:7c:e3:06:ea:ae:9b:1b:c8:89:65:19:f1:1e: d4:15:8d:c3:5c:fb:45:40:0e:90:76:07:98:1f:26:5c:43:ed: 70:cc:7e:81:b6:20:e2:7c:ae:a5:cc:30:c0:20:45:65:fc:d7: 3b:dd:7f:82:72:e6:4a:11:ee:60:01:58:89:df:da:29:17:ff: 7a:94:3d:6e:60:8e:fb:d0:65:90:65:25:36:15:32:02:9a:3a: 1c:92:ed:e8:cf:90:02:a6:e4:1b:21:99:18:20:36:91:78:c0: 98:a9:6b:03:ed:e0:5f:51:21:5b:a5:6f:a2:41:1b:2b:bd:8d: 29:87:21:3c:d5:73:f1:3c:f4:12:0c:33:c2:b4:20:de:77:6e: 7b:e4:8e:39:05:a6:31:5f:71:ea:40:2a:f7:de:86:e0:ac:09: 3c:20:11:ca:fe:fa:cf:5e:ef:97:5b:a4:6b:74:67:bb:9b:3a: 8a:53:3c:ab:c7:16:59:21:dd:1f:fd:ba:b9:54:b7:44:d6:42: c4:d8:2a:ba:ba:e8:22:01:93:cf:b4:dd:c4:e9:5d:c0:06:26: bf:bc:a8:53:06:56:9b:3d:21:c4:6d:77:59:a7:59:e8:8f:e1: 25:58:2c:89 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALrhMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjQ5MjVaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDQwMDM1Mzg4MEI0NzhENUI5NzJBMTIwNENGMDY1MURFMjk1RjhF Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClYuzkimWPuLjIi90k QOwoq8iw1BvOLDYRjMSuvkEeIO7xeoY36IkU0clw0VK+YSeNU5DBBMTaMGbU72YW N1xPnFGuZhl2i3PZyj1pk04Gsh31dpaa35EpyuzHxhpTDySyhn7sNaD0feLOVIY+ PcSxLX4U9Vk4/AvsZgeePKnruVQrZOvQVOmHG9EnzL5dyoKyF9adJ9QkYduxf18D Y1L1Nd2HHdfVD90g89TrQkYjA3Qfs3YtGhld0LeMKjIVtZ/hPjawS7+w9XJjd+Rm KdqP9yRG+xChkq+A90U0EFWnIb8atpXz0UV4haA0JmO3rAmnu0b3SouqnMYTqiTz B4E9AgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUQANTiAtHjVuXKhIEzwZR3ilfjsow HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 OTAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjg5MC9RQU5UaUF0SGpWdVhLaElFendaUjNpbGZqc28ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ4sCMA0GCSqGSIb3DQEBCwUA A4IBAQAnpVdo0aE69R6UWw55P1a0TGJtMJD163zjBuqumxvIiWUZ8R7UFY3DXPtF QA6QdgeYHyZcQ+1wzH6BtiDifK6lzDDAIEVl/Nc73X+CcuZKEe5gAViJ39opF/96 lD1uYI770GWQZSU2FTICmjocku3oz5ACpuQbIZkYIDaReMCYqWsD7eBfUSFbpW+i QRsrvY0phyE81XPxPPQSDDPCtCDed2575I45BaYxX3HqQCr33obgrAk8IBHK/vrP Xu+XW6RrdGe7mzqKUzyrxxZZId0f/bq5VLdE1kLE2Cq6uugiAZPPtN3E6V3ABia/ vKhTBlabPSHEbXdZp1noj+ElWCyJ -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:26 2024 by rpki-client on console-fra.rpki-client.org