$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/TdNpVbTnoAyh-m7c2oSqBzD9Jq4.cer File: TdNpVbTnoAyh-m7c2oSqBzD9Jq4.cer (raw, json) Hash identifier: BZuUXQ6vaCM5Li6loH1uDnu1SUFbpFtyHkMH5ZhBtug= Subject key identifier: 4D:D3:69:55:B4:E7:A0:0C:A1:FA:6E:DC:DA:84:AA:07:30:FD:26:AE Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: A03A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/TdNpVbTnoAyh-m7c2oSqBzD9Jq4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Tue 08 Aug 2023 05:00:59 +0000 Certificate not after: Fri 07 Jun 2024 02:16:11 +0000 Subordinate resources: IP: 61.8.160.0/20 IP: 103.13.196.0/22 IP: 124.108.8.0/21 IP: 2405:7d40::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 19:56:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41018 (0xa03a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 8 05:00:59 2023 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=4DD36955B4E7A00CA1FA6EDCDA84AA0730FD26AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ba:ed:ac:d8:09:8a:57:eb:28:b8:87:12:20: 50:60:ac:1e:a6:8b:75:27:9f:be:88:18:90:22:38: e1:0f:e6:8d:ff:81:d3:b2:da:87:85:45:52:73:7e: ad:bc:6e:22:d0:eb:cb:04:60:38:df:24:38:d2:be: 40:34:6f:81:67:e1:34:a9:4a:5b:60:72:b6:d9:20: 12:f6:28:c6:6b:e2:3c:18:5e:c4:4c:ab:9b:af:5a: a3:a6:3c:59:df:11:00:3f:84:f2:1a:8d:af:b8:39: 95:22:34:99:db:a3:82:00:21:63:4f:92:36:ae:35: 1c:1b:1b:09:55:40:80:a7:bc:c5:4e:a8:08:8a:44: 34:88:32:92:3c:26:a1:a7:d4:9f:75:81:e4:2a:96: cc:0b:e7:90:d2:fb:d3:4e:50:82:55:6c:8d:6d:20: 41:41:a3:8d:87:b2:21:f7:1e:9d:be:63:01:83:f4: 77:7d:fc:ce:7a:db:b3:24:c2:ef:f3:01:e8:0b:ee: 69:ea:ba:3b:a8:e5:3e:e1:dc:f9:4e:92:e7:d7:57: 6a:89:1a:7c:fb:84:98:20:3f:3f:79:2c:80:4e:31: 02:8b:d1:43:34:d8:b5:fc:cc:c0:ac:ef:28:2a:fc: e2:44:b0:0b:88:6e:3b:da:84:eb:9c:c7:0e:7b:c0: 0c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:D3:69:55:B4:E7:A0:0C:A1:FA:6E:DC:DA:84:AA:07:30:FD:26:AE X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/TdNpVbTnoAyh-m7c2oSqBzD9Jq4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.8.160.0/20 103.13.196.0/22 124.108.8.0/21 IPv6: 2405:7d40::/32 Signature Algorithm: sha256WithRSAEncryption 0c:40:60:ce:9f:6f:d6:9f:f6:66:c5:f7:c8:34:ed:38:9e:89: b9:29:f2:c9:ed:2c:28:c2:2d:27:17:a5:a5:7d:66:e6:57:95: a3:5c:09:6d:67:6b:70:1c:36:78:f5:dd:10:42:2e:45:d4:9e: 98:7c:a8:95:31:d9:cf:bd:7b:32:8a:82:4a:3b:3e:ab:e8:47: 7f:64:6f:1f:5a:92:6a:37:78:e9:53:c2:a0:f7:7a:26:c3:b0: a9:2d:a8:ff:54:98:32:c8:4d:46:d6:d0:a9:1e:41:97:e7:39: ae:ab:93:c6:48:ff:86:55:0d:15:2d:62:3a:32:fe:d6:7a:bd: d0:48:27:ea:f7:ad:3f:5d:3c:fe:88:50:15:46:25:f2:17:c1: 5d:b3:64:76:45:9e:da:36:4c:98:a8:a4:a7:02:20:68:aa:93: ae:1c:cf:e1:43:40:e2:b0:d7:ef:7d:2a:e8:f0:78:66:32:81: 84:dc:c4:1b:7c:7c:25:9d:89:a8:25:4b:cf:59:81:50:19:e7: 69:5a:a1:29:66:51:0f:a3:3f:0a:ba:11:8f:2b:9d:c3:13:9a: ae:6a:a1:09:c9:ed:76:89:60:d9:1c:1f:c2:0b:08:f8:c2:fc: 14:41:58:b9:84:57:11:11:2f:ff:a3:0d:e3:71:00:64:93:7d: 94:90:d2:07 -----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgIDAKA6MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yMzA4MDgwNTAwNTlaFw0yNDA2MDcwMjE2MTFaMDMx MTAvBgNVBAMTKDRERDM2OTU1QjRFN0EwMENBMUZBNkVEQ0RBODRBQTA3MzBGRDI2 QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEuu2s2AmKV+souIcS IFBgrB6mi3Unn76IGJAiOOEP5o3/gdOy2oeFRVJzfq28biLQ68sEYDjfJDjSvkA0 b4Fn4TSpSltgcrbZIBL2KMZr4jwYXsRMq5uvWqOmPFnfEQA/hPIaja+4OZUiNJnb o4IAIWNPkjauNRwbGwlVQICnvMVOqAiKRDSIMpI8JqGn1J91geQqlswL55DS+9NO UIJVbI1tIEFBo42HsiH3Hp2+YwGD9Hd9/M5627Mkwu/zAegL7mnqujuo5T7h3PlO kufXV2qJGnz7hJggPz95LIBOMQKL0UM02LX8zMCs7ygq/OJEsAuIbjvahOucxw57 wAyRAgMBAAGjggJwMIICbDAdBgNVHQ4EFgQUTdNpVbTnoAyh+m7c2oSqBzD9Jq4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIy MDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjIwMy9UZE5wVmJUbm9BeWgtbTdjMm9TcUJ6RDlKcTQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEPQigAwQCZw3EAwQDfGwIMA0E AgACMAcDBQAkBX1AMA0GCSqGSIb3DQEBCwUAA4IBAQAMQGDOn2/Wn/ZmxffINO04 nom5KfLJ7Swowi0nF6WlfWbmV5WjXAltZ2twHDZ49d0QQi5F1J6YfKiVMdnPvXsy ioJKOz6r6Ed/ZG8fWpJqN3jpU8Kg93omw7CpLaj/VJgyyE1G1tCpHkGX5zmuq5PG SP+GVQ0VLWI6Mv7Wer3QSCfq960/XTz+iFAVRiXyF8Fds2R2RZ7aNkyYqKSnAiBo qpOuHM/hQ0DisNfvfSro8HhmMoGE3MQbfHwlnYmoJUvPWYFQGedpWqEpZlEPoz8K uhGPK53DE5quaqEJye12iWDZHB/CCwj4wvwUQVi5hFcRES//ow3jcQBkk32UkNIH -----END CERTIFICATE-----Generated at Sun May 19 14:41:54 2024 by rpki-client on console-ams.rpki-client.org