Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/QZthcvWyvCKKx7p4s58CMyghqKg.cer
File: QZthcvWyvCKKx7p4s58CMyghqKg.cer (raw, json)
Hash identifier: cGMce3gVlQDz49eftiJDHfM8rFixcChJUQOJbBqcr4s=
Subject key identifier: 41:9B:61:72:F5:B2:BC:22:8A:C7:BA:78:B3:9F:02:33:28:21:A8:A8
Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Certificate serial: 39D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3341/QZthcvWyvCKKx7p4s58CMyghqKg.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3341/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Mon 23 Dec 2024 06:20:40 +0000
Certificate not after: Tue 23 Dec 2025 06:03:57 +0000
Subordinate resources: IP: 161.248.20.0/23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14804 (0x39d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Dec 23 06:20:40 2024 GMT
Not After : Dec 23 06:03:57 2025 GMT
Subject: CN=419B6172F5B2BC228AC7BA78B39F02332821A8A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:c0:b9:50:6f:de:46:a9:2b:d2:cc:9c:45:
5f:25:f5:90:00:8f:df:bd:75:b7:f6:7c:60:c8:47:
a0:f9:09:a7:e7:e7:45:59:82:06:d9:a7:5d:fa:29:
ab:4c:02:54:c6:ec:a6:bd:cd:dd:6c:e7:a8:f9:bc:
fc:ba:79:07:07:2e:28:54:88:8b:ba:86:4e:9a:e9:
96:43:2a:f9:1b:7d:21:63:06:bd:f7:a3:37:87:7b:
cd:98:e7:db:e8:ff:4b:d5:2c:bd:40:73:4f:40:b1:
a4:3a:30:b9:ab:c1:ee:0b:17:90:3a:0a:88:1f:85:
6b:c4:83:24:0d:52:b2:55:28:79:c1:c2:96:a5:0d:
85:20:4e:15:da:97:39:91:57:7b:32:a0:5e:fd:c2:
00:10:91:81:6b:6c:ec:64:e6:0c:8c:5d:c5:71:be:
a4:d6:77:8e:58:b7:74:97:22:5f:55:4d:7c:83:32:
5e:09:79:1c:63:90:6c:c3:d8:a6:54:62:35:66:4e:
f9:02:ca:b5:8b:1f:4f:b5:26:b8:9d:83:d9:22:87:
68:ba:6a:f0:7e:45:54:d9:9b:52:d4:26:80:f9:68:
9f:68:84:2e:2a:19:66:9c:f1:9e:ef:b4:96:9e:2d:
32:1b:6f:1d:da:91:0a:4c:dc:ba:70:f6:8a:6a:1d:
e8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9B:61:72:F5:B2:BC:22:8A:C7:BA:78:B3:9F:02:33:28:21:A8:A8
X509v3 Authority Key Identifier:
keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3341/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3341/QZthcvWyvCKKx7p4s58CMyghqKg.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.20.0/23
Signature Algorithm: sha256WithRSAEncryption
01:a5:68:eb:d4:b1:48:a6:7c:7f:e5:00:a6:b8:94:c7:97:06:
d2:07:0e:aa:13:b5:51:6a:fe:fd:02:52:ee:8a:62:76:9d:af:
84:3d:c1:1e:0c:ae:0e:f8:76:5a:5b:8b:40:1d:ed:94:27:d1:
0f:43:75:57:81:9b:c9:cb:d9:01:01:23:c2:01:94:d3:90:8a:
11:30:3c:a1:fc:ed:25:a5:8a:70:4f:5c:dc:a4:ac:e9:4b:66:
ff:cb:bb:f8:fc:3b:73:fd:b7:56:2d:0b:93:7f:93:b3:4a:d8:
a0:56:16:d9:a4:e1:27:c3:44:63:b0:37:7e:05:28:bb:e1:43:
e4:4a:fa:8d:2c:52:cc:92:3c:38:d4:d2:5a:1a:c6:51:ec:14:
69:b3:d2:92:57:34:ee:27:0a:4b:da:d7:14:9e:d5:27:aa:64:
a3:d8:9f:3d:cb:9f:f1:0c:93:00:17:2c:0f:90:2e:b1:d6:41:
f7:20:21:4f:d2:ca:09:0d:eb:3c:9b:06:ff:09:45:1a:ad:19:
ff:a1:aa:9e:55:73:e6:d4:8f:38:1b:fc:9f:10:d3:10:ba:0f:
a1:f0:58:b2:a2:69:17:db:41:91:26:84:47:47:eb:39:42:13:
6c:65:3c:d0:90:fd:c8:08:b7:b0:f1:8d:e2:62:04:bf:9f:23:
a8:c6:ea:63
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgICOdQwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw
QTU0QTk1MTk1QTExMB4XDTI0MTIyMzA2MjA0MFoXDTI1MTIyMzA2MDM1N1owMzEx
MC8GA1UEAxMoNDE5QjYxNzJGNUIyQkMyMjhBQzdCQTc4QjM5RjAyMzMyODIxQThB
ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbawLlQb95GqSvSzJxF
XyX1kACP3711t/Z8YMhHoPkJp+fnRVmCBtmnXfopq0wCVMbspr3N3WznqPm8/Lp5
BwcuKFSIi7qGTprplkMq+Rt9IWMGvfejN4d7zZjn2+j/S9UsvUBzT0CxpDowuavB
7gsXkDoKiB+Fa8SDJA1SslUoecHClqUNhSBOFdqXOZFXezKgXv3CABCRgWts7GTm
DIxdxXG+pNZ3jli3dJciX1VNfIMyXgl5HGOQbMPYplRiNWZO+QLKtYsfT7UmuJ2D
2SKHaLpq8H5FVNmbUtQmgPlon2iELioZZpzxnu+0lp4tMhtvHdqRCkzcunD2imod
6EUCAwEAAaOCAlUwggJRMB0GA1UdDgQWBBRBm2Fy9bK8IorHuniznwIzKCGoqDAf
BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx
RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF
BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0
MS8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zMzQxL1FadGhjdld5dkNLS3g3cDRzNThDTXlnaHFLZy5tZnQwMQYI
KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGh+BQwDQYJKoZIhvcNAQELBQAD
ggEBAAGlaOvUsUimfH/lAKa4lMeXBtIHDqoTtVFq/v0CUu6KYnadr4Q9wR4Mrg74
dlpbi0Ad7ZQn0Q9DdVeBm8nL2QEBI8IBlNOQihEwPKH87SWlinBPXNykrOlLZv/L
u/j8O3P9t1YtC5N/k7NK2KBWFtmk4SfDRGOwN34FKLvhQ+RK+o0sUsySPDjU0loa
xlHsFGmz0pJXNO4nCkva1xSe1SeqZKPYnz3Ln/EMkwAXLA+QLrHWQfcgIU/SygkN
6zybBv8JRRqtGf+hqp5Vc+bUjzgb/J8Q0xC6D6HwWLKiaRfbQZEmhEdH6zlCE2xl
PNCQ/cgIt7DxjeJiBL+fI6jG6mM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:01 2025 by rpki-client