$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Xo14MK3O_WYKGdfr-bRmxrl8UFU.cer File: Xo14MK3O_WYKGdfr-bRmxrl8UFU.cer (raw, json) Hash identifier: vvHBJ+r3RLS2DhdxD/PbeN/oefiKLEfx+XzD+vzYcto= Subject key identifier: 5E:8D:78:30:AD:CE:FD:66:0A:19:D7:EB:F9:B4:66:C6:B9:7C:50:55 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AF77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/Xo14MK3O_WYKGdfr-bRmxrl8UFU.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:24:11 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 45.253.68.0/22 IP: 103.222.192.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 00:56:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44919 (0xaf77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:24:11 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5E8D7830ADCEFD660A19D7EBF9B466C6B97C5055 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a8:4d:91:5c:79:ab:ec:ab:b1:ea:a2:b4:d5: fc:8b:c5:75:93:e2:d8:ad:8f:28:c0:6a:f4:93:f9: 66:61:1c:c4:cf:a8:c3:ce:f1:c6:f3:bd:0e:7e:a3: 24:69:a5:06:db:1f:14:52:fe:b4:c9:38:b0:12:fc: 2a:41:df:23:d1:42:96:ae:01:67:de:77:e1:63:7e: 7a:8a:c6:a9:6e:dc:35:bd:cd:58:82:90:35:a5:ec: 46:03:33:bf:1d:67:5c:0f:6e:fa:70:2e:1e:f6:a5: 5c:3c:6f:7b:ca:58:c8:0c:d6:54:47:92:33:c0:ad: c2:b3:0d:c3:b2:15:28:a8:f9:36:a0:9a:90:2d:bb: 99:ca:b3:5b:56:8f:92:0e:73:d1:2b:c5:b3:d3:45: 9d:14:ba:65:8f:76:66:a9:c8:b8:a9:c9:a0:62:d4: c0:7b:87:23:c2:30:49:7a:b3:47:bc:ab:0a:c5:4e: 08:cd:31:d7:0d:d3:86:c7:9d:0a:5a:9f:2b:c0:97: 25:06:fb:d8:3d:72:14:3d:a9:53:20:ec:ed:16:b4: 3e:07:dc:f5:a4:2b:ba:15:9e:f2:2a:a6:85:46:db: f8:8d:c5:a4:80:68:4d:41:09:50:8a:35:19:80:ab: 5f:5a:8e:19:48:f8:ae:c3:32:b1:a9:c7:fe:90:37: 59:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:8D:78:30:AD:CE:FD:66:0A:19:D7:EB:F9:B4:66:C6:B9:7C:50:55 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1842/Xo14MK3O_WYKGdfr-bRmxrl8UFU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.253.68.0/22 103.222.192.0/22 Signature Algorithm: sha256WithRSAEncryption 37:22:20:fe:ef:bc:21:af:9a:ea:ec:25:fa:7d:7a:fb:f1:bf: 12:5b:58:f6:42:7b:37:e8:81:9b:d5:d7:e8:7c:fd:11:d4:65: 3a:d1:b2:84:f2:58:08:dd:24:d5:5a:af:13:e1:bf:cf:05:b6: 43:90:a1:07:da:f9:ff:c2:29:a5:2b:06:25:68:79:74:d1:ba: 48:3a:03:a4:11:ca:45:d3:68:90:85:72:9b:b6:af:e3:5c:aa: c6:74:79:40:82:e5:c5:a8:81:86:4b:e6:fb:e1:f2:2d:14:61: 50:9a:a9:82:5d:82:50:d5:05:8b:54:16:8d:c2:42:8c:1b:f6: 97:dc:bb:6f:a5:81:fa:a7:35:d8:58:6d:a8:97:39:02:8a:7f: 23:8a:f3:90:6b:9b:fb:72:12:ed:83:3d:a5:e7:07:ab:0a:a1: 85:22:d0:06:d2:44:7b:2a:ee:54:21:04:13:aa:16:ea:aa:1f: 20:ac:9d:b0:db:94:a7:fa:7b:cb:72:f6:5d:5d:29:67:62:27: 26:61:9b:6c:5d:00:37:46:1d:ec:66:89:61:5c:31:b3:3e:3b: 6f:2f:08:f6:44:be:0d:9c:63:9e:b8:2f:b4:83:f3:0e:6f:51: 8c:57:db:45:d6:36:ca:ca:b5:11:e4:ff:df:3c:ed:5a:45:d1: 33:3e:b4:4d -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgIDAK93MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTI0MTFaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDVFOEQ3ODMwQURDRUZENjYwQTE5RDdFQkY5QjQ2NkM2Qjk3QzUw NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiqE2RXHmr7Kux6qK0 1fyLxXWT4titjyjAavST+WZhHMTPqMPO8cbzvQ5+oyRppQbbHxRS/rTJOLAS/CpB 3yPRQpauAWfed+FjfnqKxqlu3DW9zViCkDWl7EYDM78dZ1wPbvpwLh72pVw8b3vK WMgM1lRHkjPArcKzDcOyFSio+TagmpAtu5nKs1tWj5IOc9ErxbPTRZ0UumWPdmap yLipyaBi1MB7hyPCMEl6s0e8qwrFTgjNMdcN04bHnQpanyvAlyUG+9g9chQ9qVMg 7O0WtD4H3PWkK7oVnvIqpoVG2/iNxaSAaE1BCVCKNRmAq19ajhlI+K7DMrGpx/6Q N1nZAgMBAAGjggJbMIICVzAdBgNVHQ4EFgQUXo14MK3O/WYKGdfr+bRmxrl8UFUw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4 NDIvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTg0Mi9YbzE0TUszT19XWUtHZGZyLWJSbXhybDhVRlUubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLf1EAwQCZ97AMA0GCSqGSIb3 DQEBCwUAA4IBAQA3IiD+77whr5rq7CX6fXr78b8SW1j2Qns36IGb1dfofP0R1GU6 0bKE8lgI3STVWq8T4b/PBbZDkKEH2vn/wimlKwYlaHl00bpIOgOkEcpF02iQhXKb tq/jXKrGdHlAguXFqIGGS+b74fItFGFQmqmCXYJQ1QWLVBaNwkKMG/aX3LtvpYH6 pzXYWG2olzkCin8jivOQa5v7chLtgz2l5werCqGFItAG0kR7Ku5UIQQTqhbqqh8g rJ2w25Sn+nvLcvZdXSlnYicmYZtsXQA3Rh3sZolhXDGzPjtvLwj2RL4NnGOeuC+0 g/MOb1GMV9tF1jbKyrUR5P/fPO1aRdEzPrRN -----END CERTIFICATE-----Generated at Sun May 19 19:43:01 2024 by rpki-client on console-ams.rpki-client.org