Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/UtrlTcDKsEdFGkc8madkNE6mTRc.cer
File: UtrlTcDKsEdFGkc8madkNE6mTRc.cer (raw, json)
Hash identifier: sXI5ysln8PiItm92IzQZlLnH8GEbP4rXj194Zzc6IkE=
Subject key identifier: 52:DA:E5:4D:C0:CA:B0:47:45:1A:47:3C:99:A7:64:34:4E:A6:4D:17
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BF4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/UtrlTcDKsEdFGkc8madkNE6mTRc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Tue 05 Nov 2024 05:36:53 +0000
Certificate not after: Wed 05 Nov 2025 05:25:14 +0000
Subordinate resources: IP: 2401:d420::/32
Validation: Failed, certificate revoked on Fri 21 Mar 2025 02:58:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48975 (0xbf4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Nov 5 05:36:53 2024 GMT
Not After : Nov 5 05:25:14 2025 GMT
Subject: CN=52DAE54DC0CAB047451A473C99A764344EA64D17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a0:31:86:3e:40:41:1b:92:4b:8a:62:2a:66:
5d:8b:80:c5:26:af:87:08:c0:49:be:0e:ca:de:fc:
fb:6b:3d:6d:1f:7f:1c:bf:3e:e2:7a:2d:c8:62:7c:
0c:d5:83:c7:5e:39:e6:60:9f:6a:46:97:d3:6a:1d:
61:f6:53:88:ac:f1:09:83:da:54:f7:84:30:fa:6f:
06:18:35:0e:fc:0e:2f:3b:a4:c4:0d:f8:23:17:6c:
5e:db:52:2f:2d:d7:fa:68:41:8e:d2:b2:de:36:79:
d7:cc:67:41:33:a5:9c:91:03:5c:1b:9b:00:5a:c9:
67:6f:25:63:fb:e3:85:3f:d3:ec:45:6c:54:8c:cf:
fc:b0:99:68:75:10:af:92:9f:e6:b4:8e:8d:3e:49:
dc:1d:e2:30:60:ef:e3:4b:c4:d5:1d:84:75:2d:46:
62:6b:ab:b5:87:12:97:9f:c8:53:d7:d2:16:9b:c3:
46:50:19:17:d4:fa:2a:54:c9:ef:12:72:e2:b6:8d:
5a:21:a7:5b:0a:31:65:a0:70:9c:48:64:b3:c3:0a:
f2:68:e8:89:1e:fc:77:c1:5b:5f:f0:be:12:7f:06:
a0:2b:c0:8a:0f:33:fe:ba:41:88:ec:39:25:26:69:
3c:72:80:c6:fe:4c:b5:ea:6a:10:9c:c7:5f:15:26:
3f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DA:E5:4D:C0:CA:B0:47:45:1A:47:3C:99:A7:64:34:4E:A6:4D:17
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/UtrlTcDKsEdFGkc8madkNE6mTRc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:d420::/32
Signature Algorithm: sha256WithRSAEncryption
66:e3:d1:be:da:9f:c3:e5:2c:09:14:b5:43:60:23:4c:70:03:
be:1f:cd:f1:e4:64:0e:57:ee:a6:3d:41:d1:14:f5:15:f0:53:
3d:02:cc:8f:82:e2:66:d2:bf:27:07:f2:5e:f8:d1:9d:24:4b:
2c:08:98:c5:25:4f:81:4f:3b:67:4e:80:a1:e3:ff:00:84:b8:
ce:1c:88:a7:c1:6e:45:a0:df:2d:7f:20:c4:d5:29:2d:04:dc:
6f:1d:c1:fd:c3:9b:2f:32:15:03:b8:3d:ac:01:e6:0a:cc:6e:
04:d1:e4:04:bf:9b:67:39:76:18:93:a4:9f:be:2b:20:23:7c:
0d:d2:50:58:1a:76:5a:48:9a:60:61:ca:d8:13:45:28:9f:c7:
c9:ed:a8:35:5b:6b:dd:a8:73:90:e5:d2:95:d9:33:6f:d9:65:
ca:b2:c8:7f:ac:df:f6:2d:88:86:90:5a:39:2e:56:f5:54:12:
64:64:d7:bf:4e:10:c8:33:19:4b:41:e7:e2:73:f6:38:54:93:
d2:b9:44:30:54:eb:ee:20:ff:84:7d:e0:c0:4d:08:38:2d:d2:
7f:b3:2a:14:ab:69:9a:ec:30:4b:49:f2:d1:a7:e9:ce:6e:12:
1d:dc:67:e2:a5:ae:d2:e1:a6:38:46:ee:c9:77:7c:74:03:ee:
0b:8a:a9:63
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDAL9PMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDExMDUwNTM2NTNaFw0yNTExMDUwNTI1MTRaMDMx
MTAvBgNVBAMTKDUyREFFNTREQzBDQUIwNDc0NTFBNDczQzk5QTc2NDM0NEVBNjRE
MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVoDGGPkBBG5JLimIq
Zl2LgMUmr4cIwEm+Dsre/PtrPW0ffxy/PuJ6LchifAzVg8deOeZgn2pGl9NqHWH2
U4is8QmD2lT3hDD6bwYYNQ78Di87pMQN+CMXbF7bUi8t1/poQY7Sst42edfMZ0Ez
pZyRA1wbmwBayWdvJWP744U/0+xFbFSMz/ywmWh1EK+Sn+a0jo0+Sdwd4jBg7+NL
xNUdhHUtRmJrq7WHEpefyFPX0habw0ZQGRfU+ipUye8ScuK2jVohp1sKMWWgcJxI
ZLPDCvJo6Ike/HfBW1/wvhJ/BqArwIoPM/66QYjsOSUmaTxygMb+TLXqahCcx18V
Jj8JAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUUtrlTcDKsEdFGkc8madkNE6mTRcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz
MjcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzMyNy9VdHJsVGNES3NFZEZHa2M4bWFka05FNm1UUmMubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHUIDANBgkqhkiG9w0BAQsF
AAOCAQEAZuPRvtqfw+UsCRS1Q2AjTHADvh/N8eRkDlfupj1B0RT1FfBTPQLMj4Li
ZtK/JwfyXvjRnSRLLAiYxSVPgU87Z06AoeP/AIS4zhyIp8FuRaDfLX8gxNUpLQTc
bx3B/cObLzIVA7g9rAHmCsxuBNHkBL+bZzl2GJOkn74rICN8DdJQWBp2WkiaYGHK
2BNFKJ/Hye2oNVtr3ahzkOXSldkzb9llyrLIf6zf9i2IhpBaOS5W9VQSZGTXv04Q
yDMZS0Hn4nP2OFST0rlEMFTr7iD/hH3gwE0IOC3Sf7MqFKtpmuwwS0ny0afpzm4S
Hdxn4qWu0uGmOEbuyXd8dAPuC4qpYw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:18:49 2025 by rpki-client