$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/UtrlTcDKsEdFGkc8madkNE6mTRc.cer File: UtrlTcDKsEdFGkc8madkNE6mTRc.cer (raw, json) Hash identifier: sXI5ysln8PiItm92IzQZlLnH8GEbP4rXj194Zzc6IkE= Subject key identifier: 52:DA:E5:4D:C0:CA:B0:47:45:1A:47:3C:99:A7:64:34:4E:A6:4D:17 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BF4F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/UtrlTcDKsEdFGkc8madkNE6mTRc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Tue 05 Nov 2024 05:36:53 +0000 Certificate not after: Wed 05 Nov 2025 05:25:14 +0000 Subordinate resources: IP: 2401:d420::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 19:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48975 (0xbf4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Nov 5 05:36:53 2024 GMT Not After : Nov 5 05:25:14 2025 GMT Subject: CN=52DAE54DC0CAB047451A473C99A764344EA64D17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a0:31:86:3e:40:41:1b:92:4b:8a:62:2a:66: 5d:8b:80:c5:26:af:87:08:c0:49:be:0e:ca:de:fc: fb:6b:3d:6d:1f:7f:1c:bf:3e:e2:7a:2d:c8:62:7c: 0c:d5:83:c7:5e:39:e6:60:9f:6a:46:97:d3:6a:1d: 61:f6:53:88:ac:f1:09:83:da:54:f7:84:30:fa:6f: 06:18:35:0e:fc:0e:2f:3b:a4:c4:0d:f8:23:17:6c: 5e:db:52:2f:2d:d7:fa:68:41:8e:d2:b2:de:36:79: d7:cc:67:41:33:a5:9c:91:03:5c:1b:9b:00:5a:c9: 67:6f:25:63:fb:e3:85:3f:d3:ec:45:6c:54:8c:cf: fc:b0:99:68:75:10:af:92:9f:e6:b4:8e:8d:3e:49: dc:1d:e2:30:60:ef:e3:4b:c4:d5:1d:84:75:2d:46: 62:6b:ab:b5:87:12:97:9f:c8:53:d7:d2:16:9b:c3: 46:50:19:17:d4:fa:2a:54:c9:ef:12:72:e2:b6:8d: 5a:21:a7:5b:0a:31:65:a0:70:9c:48:64:b3:c3:0a: f2:68:e8:89:1e:fc:77:c1:5b:5f:f0:be:12:7f:06: a0:2b:c0:8a:0f:33:fe:ba:41:88:ec:39:25:26:69: 3c:72:80:c6:fe:4c:b5:ea:6a:10:9c:c7:5f:15:26: 3f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:DA:E5:4D:C0:CA:B0:47:45:1A:47:3C:99:A7:64:34:4E:A6:4D:17 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3327/UtrlTcDKsEdFGkc8madkNE6mTRc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:d420::/32 Signature Algorithm: sha256WithRSAEncryption 66:e3:d1:be:da:9f:c3:e5:2c:09:14:b5:43:60:23:4c:70:03: be:1f:cd:f1:e4:64:0e:57:ee:a6:3d:41:d1:14:f5:15:f0:53: 3d:02:cc:8f:82:e2:66:d2:bf:27:07:f2:5e:f8:d1:9d:24:4b: 2c:08:98:c5:25:4f:81:4f:3b:67:4e:80:a1:e3:ff:00:84:b8: ce:1c:88:a7:c1:6e:45:a0:df:2d:7f:20:c4:d5:29:2d:04:dc: 6f:1d:c1:fd:c3:9b:2f:32:15:03:b8:3d:ac:01:e6:0a:cc:6e: 04:d1:e4:04:bf:9b:67:39:76:18:93:a4:9f:be:2b:20:23:7c: 0d:d2:50:58:1a:76:5a:48:9a:60:61:ca:d8:13:45:28:9f:c7: c9:ed:a8:35:5b:6b:dd:a8:73:90:e5:d2:95:d9:33:6f:d9:65: ca:b2:c8:7f:ac:df:f6:2d:88:86:90:5a:39:2e:56:f5:54:12: 64:64:d7:bf:4e:10:c8:33:19:4b:41:e7:e2:73:f6:38:54:93: d2:b9:44:30:54:eb:ee:20:ff:84:7d:e0:c0:4d:08:38:2d:d2: 7f:b3:2a:14:ab:69:9a:ec:30:4b:49:f2:d1:a7:e9:ce:6e:12: 1d:dc:67:e2:a5:ae:d2:e1:a6:38:46:ee:c9:77:7c:74:03:ee: 0b:8a:a9:63 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDAL9PMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDExMDUwNTM2NTNaFw0yNTExMDUwNTI1MTRaMDMx MTAvBgNVBAMTKDUyREFFNTREQzBDQUIwNDc0NTFBNDczQzk5QTc2NDM0NEVBNjRE MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVoDGGPkBBG5JLimIq Zl2LgMUmr4cIwEm+Dsre/PtrPW0ffxy/PuJ6LchifAzVg8deOeZgn2pGl9NqHWH2 U4is8QmD2lT3hDD6bwYYNQ78Di87pMQN+CMXbF7bUi8t1/poQY7Sst42edfMZ0Ez pZyRA1wbmwBayWdvJWP744U/0+xFbFSMz/ywmWh1EK+Sn+a0jo0+Sdwd4jBg7+NL xNUdhHUtRmJrq7WHEpefyFPX0habw0ZQGRfU+ipUye8ScuK2jVohp1sKMWWgcJxI ZLPDCvJo6Ike/HfBW1/wvhJ/BqArwIoPM/66QYjsOSUmaTxygMb+TLXqahCcx18V Jj8JAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUUtrlTcDKsEdFGkc8madkNE6mTRcw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MjcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMyNy9VdHJsVGNES3NFZEZHa2M4bWFka05FNm1UUmMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHUIDANBgkqhkiG9w0BAQsF AAOCAQEAZuPRvtqfw+UsCRS1Q2AjTHADvh/N8eRkDlfupj1B0RT1FfBTPQLMj4Li ZtK/JwfyXvjRnSRLLAiYxSVPgU87Z06AoeP/AIS4zhyIp8FuRaDfLX8gxNUpLQTc bx3B/cObLzIVA7g9rAHmCsxuBNHkBL+bZzl2GJOkn74rICN8DdJQWBp2WkiaYGHK 2BNFKJ/Hye2oNVtr3ahzkOXSldkzb9llyrLIf6zf9i2IhpBaOS5W9VQSZGTXv04Q yDMZS0Hn4nP2OFST0rlEMFTr7iD/hH3gwE0IOC3Sf7MqFKtpmuwwS0ny0afpzm4S Hdxn4qWu0uGmOEbuyXd8dAPuC4qpYw== -----END CERTIFICATE-----Generated at Mon Nov 25 16:09:04 2024 by rpki-client on console-fra.rpki-client.org