Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer
File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer (raw, json)
Hash identifier: gqR4+BjFOplxkKYQshRxuAhOhROZtOkXC4mbNHdMItg=
Subject key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: A996
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Mon 09 Oct 2023 00:29:44 +0000
Certificate not after: Tue 08 Oct 2024 00:16:33 +0000
Subordinate resources: IP: 103.20.44.0/22
IP: 114.112.0.0/22
IP: 114.112.14.0/23
IP: 116.196.14.0/23
IP: 182.50.4.0/22
IP: 183.81.172.0/22
IP: 202.69.6.0/23
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 05:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43414 (0xa996)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Oct 9 00:29:44 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:b6:94:1c:a1:e5:de:d5:55:4e:4b:43:05:
db:c1:7d:a1:6f:87:85:a6:d0:e2:72:10:05:b9:01:
e1:f4:1b:be:98:b8:1e:23:54:61:6a:f9:1f:db:90:
89:cf:e6:1f:81:6c:be:a0:53:de:43:c4:65:30:70:
f2:0e:3d:f3:fa:bd:fe:27:7f:a6:a0:fd:2c:39:c6:
b0:10:62:b0:51:d0:0a:f7:c4:2f:ac:f3:b6:94:0d:
13:93:9e:2e:aa:01:f7:ca:b5:be:5c:a1:a3:9a:4b:
b9:b7:bd:ba:01:67:60:a8:e2:4b:bc:14:04:1c:48:
40:65:58:fb:b6:29:e1:69:eb:2f:62:a4:28:0f:39:
2a:70:0b:88:ad:7d:4e:fa:83:82:67:61:76:a5:ee:
b2:cc:d1:f7:07:d8:f8:5a:d6:b8:e5:0e:bf:88:a5:
77:47:44:f5:77:02:c5:61:f8:2f:c1:9b:54:8c:98:
c4:59:f2:d1:2e:f5:41:99:41:0b:e0:44:a1:25:c5:
82:ee:a9:e2:0d:69:18:42:78:09:18:dd:98:84:a9:
a1:22:83:33:e3:b4:af:90:fb:e8:4d:8b:81:4b:0a:
55:56:9b:99:74:8a:b4:26:f1:a6:20:05:3c:75:f8:
46:c1:fe:6f:21:b5:42:12:54:58:c0:e3:14:d3:c6:
3d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.44.0/22
114.112.0.0/22
114.112.14.0/23
116.196.14.0/23
182.50.4.0/22
183.81.172.0/22
202.69.6.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:3e:82:64:2f:58:22:c3:de:ca:d5:63:9f:5e:d2:f7:8b:71:
1b:e0:12:18:09:ad:b0:79:3b:99:8f:66:cb:42:bd:cd:6a:8c:
56:03:8f:72:ac:00:c1:a0:41:4f:cc:98:75:de:44:6f:be:79:
86:c0:7c:83:ae:24:28:88:2a:83:1d:d2:10:cf:90:65:df:ba:
3e:32:eb:1b:d6:fe:64:74:05:bf:49:1d:7a:cd:e4:8d:0c:a2:
24:9d:d0:1b:87:17:25:c4:09:1d:ee:d7:44:ae:a0:3f:83:04:
a0:2c:08:72:8b:f0:47:a0:34:cd:d5:4d:3d:0e:1d:c4:18:b1:
09:8e:fd:96:5e:b1:fa:8e:22:2e:e0:1a:6b:ae:73:5c:cf:67:
ad:b5:0a:bf:b9:24:f5:3a:99:0b:e9:13:61:a9:4d:66:6a:c9:
6d:6e:75:9e:40:eb:57:a4:25:bb:e8:61:b0:36:d4:97:7c:cd:
9f:b3:3c:f5:e2:b0:0f:b6:48:81:12:b7:d6:40:c3:8c:df:1b:
e8:66:aa:4c:4f:f3:db:b9:51:7c:ff:93:51:55:6b:13:a6:3f:
1f:32:b8:16:3d:48:ba:c3:44:31:dd:6d:84:53:3a:92:7e:44:
24:5f:83:d8:ed:f0:83:8a:bf:06:b0:dc:14:99:42:61:24:76:
8f:d6:dd:be
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDAKmWMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yMzEwMDkwMDI5NDRaFw0yNDEwMDgwMDE2MzNaMDMx
MTAvBgNVBAMTKDVEQTBBNUVDQzIxODJEQjAwRUI4NUM2MjMxM0Q1N0I5NkI3RkQ2
OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6raUHKHl3tVVTktD
BdvBfaFvh4Wm0OJyEAW5AeH0G76YuB4jVGFq+R/bkInP5h+BbL6gU95DxGUwcPIO
PfP6vf4nf6ag/Sw5xrAQYrBR0Ar3xC+s87aUDROTni6qAffKtb5coaOaS7m3vboB
Z2Co4ku8FAQcSEBlWPu2KeFp6y9ipCgPOSpwC4itfU76g4JnYXal7rLM0fcH2Pha
1rjlDr+IpXdHRPV3AsVh+C/Bm1SMmMRZ8tEu9UGZQQvgRKElxYLuqeINaRhCeAkY
3ZiEqaEigzPjtK+Q++hNi4FLClVWm5l0irQm8aYgBTx1+EbB/m8htUISVFjA4xTT
xj1BAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUXaCl7MIYLbAOuFxiMT1XuWt/1o4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0
MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTQwNy9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCZxQsAwQCcnAAAwQBcnAOAwQB
dMQOAwQCtjIEAwQCt1GsAwQBykUGMA0GCSqGSIb3DQEBCwUAA4IBAQCbPoJkL1gi
w97K1WOfXtL3i3Eb4BIYCa2weTuZj2bLQr3NaoxWA49yrADBoEFPzJh13kRvvnmG
wHyDriQoiCqDHdIQz5Bl37o+Musb1v5kdAW/SR16zeSNDKIkndAbhxclxAkd7tdE
rqA/gwSgLAhyi/BHoDTN1U09Dh3EGLEJjv2WXrH6jiIu4BprrnNcz2ettQq/uST1
OpkL6RNhqU1masltbnWeQOtXpCW76GGwNtSXfM2fszz14rAPtkiBErfWQMOM3xvo
ZqpMT/PbuVF8/5NRVWsTpj8fMrgWPUi6w0Qx3W2EUzqSfkQkX4PY7fCDir8GsNwU
mUJhJHaP1t2+
-----END CERTIFICATE-----
Generated at Mon May 20 00:17:34 2024 by rpki-client on console-fra.rpki-client.org