$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/VyVNn31j60IRhMWNAuBBlwWaag4.cer File: VyVNn31j60IRhMWNAuBBlwWaag4.cer (raw, json) Hash identifier: rK+D8nylzD1onzUpwBITibzMQtFtUelbkP0T1kEA2aM= Subject key identifier: 57:25:4D:9F:7D:63:EB:42:11:84:C5:8D:02:E0:41:97:05:9A:6A:0E Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BAA3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3270/VyVNn31j60IRhMWNAuBBlwWaag4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3270/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:48:31 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: AS: 151292 IP: 2401:87e0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47779 (0xbaa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:48:31 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=57254D9F7D63EB421184C58D02E04197059A6A0E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:fd:37:8e:db:d6:95:dc:de:26:34:77:12:7e: b2:0a:df:25:df:ac:bd:6d:15:48:22:2e:5c:74:de: 14:4e:10:0f:3a:41:6e:2e:02:40:45:b5:d0:fc:ea: 76:b8:49:10:30:a3:48:90:2a:a2:3a:0f:e1:59:40: 77:25:a8:f6:ce:c9:31:71:00:98:c5:3a:f8:ba:0f: 73:18:0b:ca:4f:b9:7c:cb:18:bd:c1:da:2a:60:7d: 7e:04:b8:ea:3b:77:95:fa:5a:5c:38:80:cb:8d:6b: bf:38:d8:1c:d2:0c:8a:0a:fe:07:cf:63:48:50:48: b1:51:c6:9c:b3:08:22:0a:66:eb:c5:7e:b5:9b:04: 3c:af:dc:22:b3:d4:a7:d9:d9:c9:57:22:8d:b0:c5: ed:b2:d5:6c:da:15:c4:91:19:f9:7d:72:af:5c:ae: 11:bf:1c:64:38:7c:67:70:b1:04:57:19:b3:f0:2f: 3c:56:b7:3b:3d:d3:cf:fe:4a:e6:dd:cd:df:88:dc: d9:20:20:f5:51:a5:f2:04:b6:4e:86:d4:76:06:cb: ab:fc:d9:46:57:56:15:6a:60:8d:ff:84:4f:d9:a3: 51:9d:f3:ea:07:9f:78:99:ee:83:72:38:1c:4a:2a: 55:f9:c0:01:64:f2:95:1d:95:37:81:91:6c:26:c9: 43:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:25:4D:9F:7D:63:EB:42:11:84:C5:8D:02:E0:41:97:05:9A:6A:0E X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3270/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3270/VyVNn31j60IRhMWNAuBBlwWaag4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151292 sbgp-ipAddrBlock: critical IPv6: 2401:87e0::/32 Signature Algorithm: sha256WithRSAEncryption 8b:0e:d7:18:58:e0:4d:6d:81:f2:b3:4a:bc:31:6f:a1:9b:52: a2:b6:c7:02:cc:21:92:57:59:8a:a3:61:cc:e9:f6:6a:2d:ad: 28:c9:65:bc:f6:31:78:f7:34:e6:7a:e3:8e:c6:18:26:a0:55: 7b:52:4f:c4:f2:43:65:27:a1:f3:66:3e:f4:d7:4a:32:47:8a: 35:ad:72:e5:1f:50:fc:3a:6a:f6:25:38:b9:5a:de:40:fd:9b: 78:01:d6:71:dc:92:61:e1:86:63:48:da:1e:24:22:90:3e:43: c7:70:9e:9e:6f:53:ea:ec:9c:3c:df:41:4a:21:72:ed:23:cb: 83:34:b1:0b:0c:0e:6b:dc:b5:48:0b:a2:45:6b:2f:56:38:9b: 4e:3a:dd:90:41:c1:06:79:24:34:f0:d9:1a:62:1b:40:ab:75: 9e:8c:ab:68:b3:49:1f:16:23:0c:e9:d3:bf:60:58:8f:46:bf: 65:c9:2e:2b:92:f1:f0:8a:83:37:1e:5c:f4:b9:17:9b:31:9c: 12:d2:3b:1d:2e:4c:ed:7b:44:64:dc:36:32:a1:c3:ff:a2:ec: be:87:a5:da:ca:7d:4d:cb:52:ce:39:16:72:12:fc:fd:5d:f3: ff:ad:92:e3:55:8b:87:ca:c6:b9:db:56:38:4a:d4:4f:70:61: c5:95:64:25 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDALqjMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjQ4MzFaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDU3MjU0RDlGN0Q2M0VCNDIxMTg0QzU4RDAyRTA0MTk3MDU5QTZB MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW/TeO29aV3N4mNHcS frIK3yXfrL1tFUgiLlx03hROEA86QW4uAkBFtdD86na4SRAwo0iQKqI6D+FZQHcl qPbOyTFxAJjFOvi6D3MYC8pPuXzLGL3B2ipgfX4EuOo7d5X6Wlw4gMuNa7842BzS DIoK/gfPY0hQSLFRxpyzCCIKZuvFfrWbBDyv3CKz1KfZ2clXIo2wxe2y1WzaFcSR Gfl9cq9crhG/HGQ4fGdwsQRXGbPwLzxWtzs908/+Subdzd+I3NkgIPVRpfIEtk6G 1HYGy6v82UZXVhVqYI3/hE/Zo1Gd8+oHn3iZ7oNyOBxKKlX5wAFk8pUdlTeBkWwm yUM1AgMBAAGjggJyMIICbjAdBgNVHQ4EFgQUVyVNn31j60IRhMWNAuBBlwWaag4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy NzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI3MC9WeVZObjMxajYwSVJoTVdOQXVCQmx3V2FhZzQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJO/DAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBh+AwDQYJKoZIhvcNAQELBQADggEBAIsO1xhY4E1tgfKzSrwx b6GbUqK2xwLMIZJXWYqjYczp9motrSjJZbz2MXj3NOZ6447GGCagVXtST8TyQ2Un ofNmPvTXSjJHijWtcuUfUPw6avYlOLla3kD9m3gB1nHckmHhhmNI2h4kIpA+Q8dw np5vU+rsnDzfQUohcu0jy4M0sQsMDmvctUgLokVrL1Y4m0463ZBBwQZ5JDTw2Rpi G0CrdZ6Mq2izSR8WIwzp079gWI9Gv2XJLiuS8fCKgzceXPS5F5sxnBLSOx0uTO17 RGTcNjKhw/+i7L6HpdrKfU3LUs45FnIS/P1d8/+tkuNVi4fKxrnbVjhK1E9wYcWV ZCU= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:26 2024 by rpki-client on console-fra.rpki-client.org