Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer
File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer (raw, json)
Hash identifier: ZLBVJT8tkrhorkzC9EDutPBLLZcaacZqoYaAZD3aobg=
Subject key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BB83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:51:42 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: IP: 103.20.44.0/22
IP: 114.112.0.0/22
IP: 114.112.14.0/23
IP: 116.196.14.0/23
IP: 182.50.4.0/22
IP: 183.81.172.0/22
IP: 202.69.6.0/23
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48003 (0xbb83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:51:42 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:b6:94:1c:a1:e5:de:d5:55:4e:4b:43:05:
db:c1:7d:a1:6f:87:85:a6:d0:e2:72:10:05:b9:01:
e1:f4:1b:be:98:b8:1e:23:54:61:6a:f9:1f:db:90:
89:cf:e6:1f:81:6c:be:a0:53:de:43:c4:65:30:70:
f2:0e:3d:f3:fa:bd:fe:27:7f:a6:a0:fd:2c:39:c6:
b0:10:62:b0:51:d0:0a:f7:c4:2f:ac:f3:b6:94:0d:
13:93:9e:2e:aa:01:f7:ca:b5:be:5c:a1:a3:9a:4b:
b9:b7:bd:ba:01:67:60:a8:e2:4b:bc:14:04:1c:48:
40:65:58:fb:b6:29:e1:69:eb:2f:62:a4:28:0f:39:
2a:70:0b:88:ad:7d:4e:fa:83:82:67:61:76:a5:ee:
b2:cc:d1:f7:07:d8:f8:5a:d6:b8:e5:0e:bf:88:a5:
77:47:44:f5:77:02:c5:61:f8:2f:c1:9b:54:8c:98:
c4:59:f2:d1:2e:f5:41:99:41:0b:e0:44:a1:25:c5:
82:ee:a9:e2:0d:69:18:42:78:09:18:dd:98:84:a9:
a1:22:83:33:e3:b4:af:90:fb:e8:4d:8b:81:4b:0a:
55:56:9b:99:74:8a:b4:26:f1:a6:20:05:3c:75:f8:
46:c1:fe:6f:21:b5:42:12:54:58:c0:e3:14:d3:c6:
3d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.44.0/22
114.112.0.0/22
114.112.14.0/23
116.196.14.0/23
182.50.4.0/22
183.81.172.0/22
202.69.6.0/23
Signature Algorithm: sha256WithRSAEncryption
11:e9:9b:8c:15:29:71:51:d3:36:7d:b1:13:43:f6:aa:a7:3b:
71:2b:ba:01:f9:07:58:ce:e7:66:06:3b:51:2b:9b:b5:89:17:
58:11:ba:6b:7c:3d:cf:45:64:00:8b:4d:76:c4:10:e2:33:fe:
d2:37:39:36:90:56:c4:3d:87:a4:c1:17:9f:b1:9e:01:75:d9:
8f:a5:71:8d:36:d9:33:dc:fe:13:53:b6:3f:ca:a8:0d:bb:20:
4c:dc:c5:58:27:52:03:80:1e:c8:ba:75:be:04:81:63:d7:a6:
0a:6c:5f:f9:e5:2b:30:c1:8e:8e:df:f6:c7:93:8f:c7:d8:4e:
a9:7b:5f:62:ce:31:3c:6d:17:b9:80:85:83:12:38:d2:35:64:
d1:97:6d:9c:f9:1c:6e:89:58:fb:f0:02:94:f3:bd:3e:5d:37:
e6:49:9c:ec:f7:d6:24:1e:d1:25:ea:58:52:a1:61:f5:d6:5e:
39:5e:6f:28:19:33:1f:86:bb:00:52:3b:d7:b1:30:c8:15:29:
f0:3a:cd:68:d2:ca:17:fe:5d:fe:e3:77:b0:81:de:fb:5c:55:
f5:7e:ca:06:f9:ef:fc:d5:5d:a0:35:54:e2:81:6b:00:56:c5:
a5:a4:eb:58:19:f1:d6:dd:70:ff:26:be:3d:b3:e6:5f:ad:18:
e0:6e:37:e3
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDALuDMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUxNDJaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDVEQTBBNUVDQzIxODJEQjAwRUI4NUM2MjMxM0Q1N0I5NkI3RkQ2
OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6raUHKHl3tVVTktD
BdvBfaFvh4Wm0OJyEAW5AeH0G76YuB4jVGFq+R/bkInP5h+BbL6gU95DxGUwcPIO
PfP6vf4nf6ag/Sw5xrAQYrBR0Ar3xC+s87aUDROTni6qAffKtb5coaOaS7m3vboB
Z2Co4ku8FAQcSEBlWPu2KeFp6y9ipCgPOSpwC4itfU76g4JnYXal7rLM0fcH2Pha
1rjlDr+IpXdHRPV3AsVh+C/Bm1SMmMRZ8tEu9UGZQQvgRKElxYLuqeINaRhCeAkY
3ZiEqaEigzPjtK+Q++hNi4FLClVWm5l0irQm8aYgBTx1+EbB/m8htUISVFjA4xTT
xj1BAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUXaCl7MIYLbAOuFxiMT1XuWt/1o4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0
MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTQwNy9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCZxQsAwQCcnAAAwQBcnAOAwQB
dMQOAwQCtjIEAwQCt1GsAwQBykUGMA0GCSqGSIb3DQEBCwUAA4IBAQAR6ZuMFSlx
UdM2fbETQ/aqpztxK7oB+QdYzudmBjtRK5u1iRdYEbprfD3PRWQAi012xBDiM/7S
Nzk2kFbEPYekwRefsZ4BddmPpXGNNtkz3P4TU7Y/yqgNuyBM3MVYJ1IDgB7IunW+
BIFj16YKbF/55SswwY6O3/bHk4/H2E6pe19izjE8bRe5gIWDEjjSNWTRl22c+Rxu
iVj78AKU870+XTfmSZzs99YkHtEl6lhSoWH11l45Xm8oGTMfhrsAUjvXsTDIFSnw
Os1o0soX/l3+43ewgd77XFX1fsoG+e/81V2gNVTigWsAVsWlpOtYGfHW3XD/Jr49
s+ZfrRjgbjfj
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:14:39 2024 by rpki-client on console-ams.rpki-client.org