Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer
File: XrjFfXL3lG3XskIFmSiOyhU8twk.cer (raw, json)
Hash identifier: g9PPDDhF0hg5gY0HsegNfPYd8NwujuguFIf23gsq7JI=
Subject key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: D370
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Mon 26 May 2025 00:43:44 +0000
Certificate not after: Tue 26 May 2026 00:40:26 +0000
Subordinate resources: AS: 9803
AS: 17963
AS: 23849
IP: 119.61.0.0/17
IP: 210.78.128.0/22
IP: 211.99.224.0/19
IP: 211.100.64.0/19
IP: 211.150.0.0 -- 211.150.191.255
IP: 211.157.128.0 -- 211.157.207.255
IP: 211.157.224.0/19
IP: 2402:b200::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Jun 2025 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54128 (0xd370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: May 26 00:43:44 2025 GMT
Not After : May 26 00:40:26 2026 GMT
Subject: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a5:4d:68:56:74:1a:71:f5:bc:63:94:9d:a5:
e1:59:7b:2f:cb:d1:d7:16:07:62:3c:8f:2c:2a:ba:
db:3b:cf:6d:36:8a:cd:a0:79:fb:73:94:8a:e8:45:
d2:9f:e6:bb:df:bb:9d:cb:b8:74:f4:c6:de:77:94:
6f:e9:94:85:11:22:1a:0e:03:60:d7:f7:37:46:c4:
e1:05:46:e7:ce:ad:37:11:78:fa:d8:b1:46:9f:60:
06:25:f5:b5:82:c1:c6:1c:f4:78:4e:41:a8:98:93:
b9:6a:3b:38:e1:c9:95:f2:77:d9:69:fe:a6:40:ae:
d7:9e:3c:38:fc:4a:b9:ac:87:b1:b6:ce:df:20:07:
24:88:73:02:39:44:6b:87:3a:50:a7:aa:35:20:e2:
57:6c:6f:09:73:cf:65:67:46:70:ca:ff:e0:61:83:
77:75:46:bb:5b:40:a9:b1:42:bd:f1:59:a3:64:b9:
2b:73:9d:4b:9f:ea:70:04:70:74:c2:00:49:1c:46:
61:5c:cc:a7:6a:dd:44:a3:b3:6a:29:d8:14:08:e0:
6f:a1:4e:d4:12:bb:7b:f4:89:95:4a:5f:f5:be:50:
b0:de:0f:c7:13:23:a0:32:3e:e7:16:fd:6d:2b:bd:
9a:fe:c8:a9:bd:07:6e:7b:74:c1:c2:d4:37:51:23:
56:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9803
17963
23849
sbgp-ipAddrBlock: critical
IPv4:
119.61.0.0/17
210.78.128.0/22
211.99.224.0/19
211.100.64.0/19
211.150.0.0-211.150.191.255
211.157.128.0-211.157.207.255
211.157.224.0/19
IPv6:
2402:b200::/32
Signature Algorithm: sha256WithRSAEncryption
2a:77:d6:a9:60:79:9d:c4:37:35:22:06:80:8c:31:66:43:ba:
14:ce:bf:58:ea:8c:e1:c3:88:7a:6f:b0:60:ca:f7:80:8d:13:
0a:bf:f2:c0:93:e8:40:34:f6:56:19:21:c5:db:ca:ad:8b:83:
39:a4:ed:cf:a4:c9:17:37:1f:4e:3b:5c:d3:7a:22:6f:a3:40:
57:44:e1:02:c4:12:b7:8c:ec:5d:fc:2a:a9:a3:14:7e:bd:0e:
bb:25:9a:d4:5b:a8:b1:fd:79:1c:0c:6f:8e:ed:f2:62:61:d3:
99:1b:39:8b:48:ed:89:0e:d2:99:4b:ca:ed:c7:98:f3:6c:d8:
82:87:54:e8:6c:8f:64:19:73:d1:61:48:3f:8f:0e:6f:a7:7f:
d5:03:7a:87:a4:1b:72:25:2c:7a:df:2c:ac:23:f1:6a:a2:cb:
99:63:ef:24:f6:d5:c3:45:0f:6f:3c:3c:25:45:c9:cb:ee:49:
c4:b1:03:2d:11:ba:b5:a7:c0:34:0e:fe:e7:e1:ca:f2:c7:3e:
69:9c:e2:e8:12:e1:9c:0f:e5:4a:a6:f1:9e:14:89:0f:d9:26:
7e:af:e2:20:65:d9:b0:30:aa:fd:e4:0b:8d:48:5f:fe:77:03:
44:c3:ed:61:94:e5:d3:7e:69:5b:82:5e:b6:bf:d3:6d:e0:6e:
72:30:3b:3f
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIDANNwMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA1MjYwMDQzNDRaFw0yNjA1MjYwMDQwMjZaMDMx
MTAvBgNVBAMTKDVFQjhDNTdENzJGNzk0NkREN0IyNDIwNTk5Mjg4RUNBMTUzQ0I3
MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMpU1oVnQacfW8Y5Sd
peFZey/L0dcWB2I8jywquts7z202is2geftzlIroRdKf5rvfu53LuHT0xt53lG/p
lIURIhoOA2DX9zdGxOEFRufOrTcRePrYsUafYAYl9bWCwcYc9HhOQaiYk7lqOzjh
yZXyd9lp/qZArteePDj8Srmsh7G2zt8gBySIcwI5RGuHOlCnqjUg4ldsbwlzz2Vn
RnDK/+Bhg3d1RrtbQKmxQr3xWaNkuStznUuf6nAEcHTCAEkcRmFczKdq3USjs2op
2BQI4G+hTtQSu3v0iZVKX/W+ULDeD8cTI6AyPucW/W0rvZr+yKm9B257dMHC1DdR
I1a7AgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUXrjFfXL3lG3XskIFmSiOyhU8twkw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzY0L1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIQYI
KwYBBQUHAQgBAf8EEjAQoA4wDAICJksCAkYrAgJdKTBhBggrBgEFBQcBBwEB/wRS
MFAwPwQCAAEwOQMEB3c9AAMEAtJOgAMEBdNj4AMEBdNkQDALAwMB05YDBAbTloAw
DAMEB9OdgAMEBNOdwAMEBdOd4DANBAIAAjAHAwUAJAKyADANBgkqhkiG9w0BAQsF
AAOCAQEAKnfWqWB5ncQ3NSIGgIwxZkO6FM6/WOqM4cOIem+wYMr3gI0TCr/ywJPo
QDT2VhkhxdvKrYuDOaTtz6TJFzcfTjtc03oib6NAV0ThAsQSt4zsXfwqqaMUfr0O
uyWa1Fuosf15HAxvju3yYmHTmRs5i0jtiQ7SmUvK7ceY82zYgodU6GyPZBlz0WFI
P48Ob6d/1QN6h6QbciUset8srCPxaqLLmWPvJPbVw0UPbzw8JUXJy+5JxLEDLRG6
tafANA7+5+HK8sc+aZzi6BLhnA/lSqbxnhSJD9kmfq/iIGXZsDCq/eQLjUhf/ncD
RMPtYZTl035pW4Jetr/TbeBucjA7Pw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:25:45 2025 by rpki-client