Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XWE3zbGu4T2JZXNyfTOC3zFwJj0.cer
File: XWE3zbGu4T2JZXNyfTOC3zFwJj0.cer (raw, json)
Hash identifier: 2zjeR45maxfjt5juXPOT+0pkxjpEOMk0ZgpHurJMhoM=
Subject key identifier: 5D:61:37:CD:B1:AE:E1:3D:89:65:73:72:7D:33:82:DF:31:70:26:3D
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: 7C2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/XWE3zbGu4T2JZXNyfTOC3zFwJj0.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 04 Nov 2021 20:14:40 +0000
Certificate not after: Fri 27 May 2022 04:59:52 +0000
Subordinate resources: AS: 63545
IP: 43.254.140.0/22
IP: 45.112.132.0/22
IP: 103.242.64.0/22
IP: 106.2.0.0/20
IP: 116.196.184.0/21
IP: 2403:5280::/32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31786 (0x7c2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Nov 4 20:14:40 2021 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=5D6137CDB1AEE13D896573727D3382DF3170263D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:92:24:3a:ed:89:22:e3:7a:b2:2f:cb:1a:cf:
45:40:48:e0:d5:df:15:38:57:ac:a2:c1:10:db:cc:
72:f3:d0:4d:e8:a8:0a:45:29:92:60:10:25:0b:dd:
e8:98:a5:ab:25:22:48:d4:52:06:36:1e:cf:ec:fb:
d0:1d:cf:30:fa:eb:79:b7:54:6f:f6:7f:34:e8:1a:
64:62:61:d9:21:df:f3:12:6b:a5:2c:19:c7:4d:ec:
6b:8c:83:b7:8d:ca:3a:f0:b9:01:f5:c4:8c:56:33:
7d:e3:d6:97:49:f1:0a:a9:bc:b2:86:61:4d:b3:54:
84:d3:b4:0d:51:26:c5:b6:18:f3:5d:bc:35:ca:f1:
2c:11:f0:12:c1:45:da:91:33:31:6b:18:7d:b8:14:
b7:78:1e:f1:85:2b:6e:0d:db:5f:4e:87:16:15:ff:
c0:b9:96:cd:32:f5:2d:f9:51:b0:e5:50:98:29:c5:
21:0e:b1:f3:7d:cb:7a:d6:0d:ca:48:86:ad:b3:fb:
59:a8:59:f4:e6:37:ca:45:de:61:97:04:3d:61:3f:
48:40:4c:fb:e0:b2:ff:ef:ef:dc:5a:a0:6a:fd:16:
1f:5f:5e:4f:c3:36:d4:1a:8f:13:5e:0a:a0:8a:ee:
35:6b:4a:1e:dd:32:4d:d2:15:bb:28:3b:f4:47:de:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:61:37:CD:B1:AE:E1:3D:89:65:73:72:7D:33:82:DF:31:70:26:3D
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/XWE3zbGu4T2JZXNyfTOC3zFwJj0.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63545
sbgp-ipAddrBlock: critical
IPv4:
43.254.140.0/22
45.112.132.0/22
103.242.64.0/22
106.2.0.0/20
116.196.184.0/21
IPv6:
2403:5280::/32
Signature Algorithm: sha256WithRSAEncryption
51:40:d1:bc:e7:fb:28:fe:f5:9c:a0:c3:ad:96:f2:51:f7:8c:
87:0c:33:96:98:9d:93:a8:a7:2f:f5:d5:f0:47:94:01:d4:cc:
55:49:9a:af:91:85:7a:4c:65:25:70:e3:33:f8:4d:aa:3e:33:
0f:75:69:72:59:ab:b7:de:b3:d0:bf:23:05:d0:be:eb:ec:0f:
7c:8e:fc:44:69:fc:bf:a1:82:83:c3:60:a9:35:21:bd:d1:d5:
9d:59:30:ce:72:2b:fe:36:40:28:29:7e:f8:22:1c:1d:53:eb:
98:97:aa:cd:19:af:56:62:1c:1c:de:e6:7c:7e:e3:1f:bd:98:
3e:59:53:40:ab:af:b6:93:08:31:83:52:3a:26:06:ea:37:58:
92:f7:96:71:29:44:af:38:6a:fe:27:c6:4d:da:c7:a9:f0:88:
a6:c9:e5:6e:22:f5:34:14:18:b5:71:1b:3c:0a:68:1b:5f:29:
c9:2e:36:07:50:c9:cb:73:85:a7:3c:3f:a4:ab:c2:b6:40:15:
9f:b9:8d:3a:9d:39:f0:82:73:85:3a:ed:22:d0:f5:65:5a:7f:
98:be:91:f2:9a:cf:09:31:0a:c8:82:7a:3d:36:3e:d6:ac:ff:
4b:22:a7:41:6a:1c:3d:d2:d3:be:4c:44:22:89:a5:ed:a3:0e:
2e:b3:96:d1
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICfCowDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEygwNDE2MjlCNkE5RUFCN0NCMTMyNEVBMzk3OEYw
Mzc5NkY4ODlCNTQwMB4XDTIxMTEwNDIwMTQ0MFoXDTIyMDUyNzA0NTk1MlowMzEx
MC8GA1UEAxMoNUQ2MTM3Q0RCMUFFRTEzRDg5NjU3MzcyN0QzMzgyREYzMTcwMjYz
RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmSJDrtiSLjerIvyxrP
RUBI4NXfFThXrKLBENvMcvPQTeioCkUpkmAQJQvd6JilqyUiSNRSBjYez+z70B3P
MPrrebdUb/Z/NOgaZGJh2SHf8xJrpSwZx03sa4yDt43KOvC5AfXEjFYzfePWl0nx
Cqm8soZhTbNUhNO0DVEmxbYY8128NcrxLBHwEsFF2pEzMWsYfbgUt3ge8YUrbg3b
X06HFhX/wLmWzTL1LflRsOVQmCnFIQ6x833LetYNykiGrbP7WahZ9OY3ykXeYZcE
PWE/SEBM++Cy/+/v3Fqgav0WH19eT8M21BqPE14KoIruNWtKHt0yTdIVuyg79Efe
+6cCAwEAAaOCApYwggKSMB0GA1UdDgQWBBRdYTfNsa7hPYllc3J9M4LfMXAmPTAf
BgNVHSMEGDAWgBQEFim2qeq3yxMk6jl48DeW+Im1QDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQx
RkYyL0JCWXB0cW5xdDhzVEpPbzVlUEEzbHZpSnRVQS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF
BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQz
LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzY0My9YV0UzemJHdTRUMkpaWE55ZlRPQzN6RndKajAubWZ0MDEGCCsG
AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwD4OTBGBggrBgEFBQcBBwEB/wQ3MDUwJAQC
AAEwHgMEAiv+jAMEAi1whAMEAmfyQAMEBGoCAAMEA3TEuDANBAIAAjAHAwUAJANS
gDANBgkqhkiG9w0BAQsFAAOCAQEAUUDRvOf7KP71nKDDrZbyUfeMhwwzlpidk6in
L/XV8EeUAdTMVUmar5GFekxlJXDjM/hNqj4zD3Vpclmrt96z0L8jBdC+6+wPfI78
RGn8v6GCg8NgqTUhvdHVnVkwznIr/jZAKCl++CIcHVPrmJeqzRmvVmIcHN7mfH7j
H72YPllTQKuvtpMIMYNSOiYG6jdYkveWcSlErzhq/ifGTdrHqfCIpsnlbiL1NBQY
tXEbPApoG18pyS42B1DJy3OFpzw/pKvCtkAVn7mNOp058IJzhTrtItD1ZVp/mL6R
8prPCTEKyIJ6PTY+1qz/SyKnQWocPdLTvkxEIoml7aMOLrOW0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:20 2023 by rpki-client on console-ams.rpki-client.org