$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Xo14MK3O_WYKGdfr-bRmxrl8UFU.cer File: Xo14MK3O_WYKGdfr-bRmxrl8UFU.cer (raw, json) Hash identifier: fpFlz8xRBr2Ksu9boNftsTAobfT1A8r/mg23LOynGR0= Subject key identifier: 5E:8D:78:30:AD:CE:FD:66:0A:19:D7:EB:F9:B4:66:C6:B9:7C:50:55 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BC9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/Xo14MK3O_WYKGdfr-bRmxrl8UFU.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:56:52 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 45.253.68.0/22 IP: 103.222.192.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48285 (0xbc9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:56:52 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5E8D7830ADCEFD660A19D7EBF9B466C6B97C5055 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a8:4d:91:5c:79:ab:ec:ab:b1:ea:a2:b4:d5: fc:8b:c5:75:93:e2:d8:ad:8f:28:c0:6a:f4:93:f9: 66:61:1c:c4:cf:a8:c3:ce:f1:c6:f3:bd:0e:7e:a3: 24:69:a5:06:db:1f:14:52:fe:b4:c9:38:b0:12:fc: 2a:41:df:23:d1:42:96:ae:01:67:de:77:e1:63:7e: 7a:8a:c6:a9:6e:dc:35:bd:cd:58:82:90:35:a5:ec: 46:03:33:bf:1d:67:5c:0f:6e:fa:70:2e:1e:f6:a5: 5c:3c:6f:7b:ca:58:c8:0c:d6:54:47:92:33:c0:ad: c2:b3:0d:c3:b2:15:28:a8:f9:36:a0:9a:90:2d:bb: 99:ca:b3:5b:56:8f:92:0e:73:d1:2b:c5:b3:d3:45: 9d:14:ba:65:8f:76:66:a9:c8:b8:a9:c9:a0:62:d4: c0:7b:87:23:c2:30:49:7a:b3:47:bc:ab:0a:c5:4e: 08:cd:31:d7:0d:d3:86:c7:9d:0a:5a:9f:2b:c0:97: 25:06:fb:d8:3d:72:14:3d:a9:53:20:ec:ed:16:b4: 3e:07:dc:f5:a4:2b:ba:15:9e:f2:2a:a6:85:46:db: f8:8d:c5:a4:80:68:4d:41:09:50:8a:35:19:80:ab: 5f:5a:8e:19:48:f8:ae:c3:32:b1:a9:c7:fe:90:37: 59:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:8D:78:30:AD:CE:FD:66:0A:19:D7:EB:F9:B4:66:C6:B9:7C:50:55 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/Xo14MK3O_WYKGdfr-bRmxrl8UFU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.253.68.0/22 103.222.192.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:99:01:40:f4:f7:e0:a7:f6:99:54:a4:5d:b6:e2:63:ab:9d: 53:74:63:36:77:f8:e1:86:4a:29:8a:47:c2:d2:ac:5c:c5:f4: f7:36:51:20:11:ef:81:e5:31:1e:6f:17:0b:f6:fa:3d:47:8d: 02:fe:a2:cb:f6:ca:1d:ac:59:02:0f:fd:0e:d0:7b:d3:2b:aa: 89:ac:6d:d3:16:d5:3b:a0:07:77:07:c6:40:ec:54:b7:bd:d0: ba:e8:17:3b:4e:96:45:18:af:2d:85:b6:a6:28:13:43:38:fe: 78:c7:1b:54:93:40:a7:cd:a1:b3:69:7e:87:89:0b:68:b1:98: 9d:3d:06:62:fd:78:b0:d0:b4:b4:54:20:e4:0c:4d:0c:52:b3: 6d:e4:79:9f:ec:9d:ee:77:1c:76:9a:b2:d5:44:d3:74:b9:f7: 66:23:46:fb:41:1b:85:9b:b3:a3:40:52:3b:40:54:12:21:59: 9e:89:5c:57:29:15:0e:8e:12:f2:f9:e2:34:15:cc:8a:70:d9: 6a:cd:e0:f5:b0:2c:26:dc:ce:f6:36:07:ee:c7:c4:b4:d6:76: 81:f0:1e:36:84:14:5d:0e:a9:62:fd:f7:21:c3:18:08:0e:95: 7d:03:ba:b8:01:df:d4:6c:dc:53:65:b4:e7:79:79:66:ed:84: 56:b0:62:14 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgIDALydMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU2NTJaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDVFOEQ3ODMwQURDRUZENjYwQTE5RDdFQkY5QjQ2NkM2Qjk3QzUw NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiqE2RXHmr7Kux6qK0 1fyLxXWT4titjyjAavST+WZhHMTPqMPO8cbzvQ5+oyRppQbbHxRS/rTJOLAS/CpB 3yPRQpauAWfed+FjfnqKxqlu3DW9zViCkDWl7EYDM78dZ1wPbvpwLh72pVw8b3vK WMgM1lRHkjPArcKzDcOyFSio+TagmpAtu5nKs1tWj5IOc9ErxbPTRZ0UumWPdmap yLipyaBi1MB7hyPCMEl6s0e8qwrFTgjNMdcN04bHnQpanyvAlyUG+9g9chQ9qVMg 7O0WtD4H3PWkK7oVnvIqpoVG2/iNxaSAaE1BCVCKNRmAq19ajhlI+K7DMrGpx/6Q N1nZAgMBAAGjggJbMIICVzAdBgNVHQ4EFgQUXo14MK3O/WYKGdfr+bRmxrl8UFUw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4 NDIvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTg0Mi9YbzE0TUszT19XWUtHZGZyLWJSbXhybDhVRlUubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLf1EAwQCZ97AMA0GCSqGSIb3 DQEBCwUAA4IBAQAMmQFA9Pfgp/aZVKRdtuJjq51TdGM2d/jhhkopikfC0qxcxfT3 NlEgEe+B5TEebxcL9vo9R40C/qLL9sodrFkCD/0O0HvTK6qJrG3TFtU7oAd3B8ZA 7FS3vdC66Bc7TpZFGK8thbamKBNDOP54xxtUk0CnzaGzaX6HiQtosZidPQZi/Xiw 0LS0VCDkDE0MUrNt5Hmf7J3udxx2mrLVRNN0ufdmI0b7QRuFm7OjQFI7QFQSIVme iVxXKRUOjhLy+eI0FcyKcNlqzeD1sCwm3M72Ngfux8S01naB8B42hBRdDqli/fch wxgIDpV9A7q4Ad/UbNxTZbTneXlm7YRWsGIU -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:26 2024 by rpki-client on console-fra.rpki-client.org