$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer File: Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer (raw, json) Hash identifier: BHnz/8zX/BnfCfatHviO0Zm7fwzyMXHXX4yfYgcoD9U= Subject key identifier: 63:D6:C9:D8:94:17:44:BA:15:48:00:50:C0:4E:F5:33:20:CA:0F:C3 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BAA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:48:35 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.125.236.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47783 (0xbaa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:48:35 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=63D6C9D8941744BA15480050C04EF53320CA0FC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:e0:8c:f1:7e:31:a0:64:44:fc:77:af:de:fc: 5f:50:59:e6:7d:b4:f2:36:b6:53:a8:d2:df:17:59: 00:49:a9:74:14:7c:33:63:de:f6:63:13:17:a2:12: a1:a7:a8:7b:ee:1b:9e:87:5a:72:4f:f3:89:ae:37: f8:63:d0:29:ce:45:41:56:24:5d:d1:b5:b9:88:d2: 98:7c:d9:2d:93:36:3b:eb:14:22:db:d7:ac:6b:b7: c8:a5:25:fa:ba:d3:ac:cd:a6:9e:84:83:c1:ad:9b: 7f:5b:64:4f:6f:cf:57:97:03:ce:72:46:e0:7a:98: 4d:77:91:d5:07:d6:90:65:1b:2b:54:57:30:d9:44: 9c:30:7d:56:8f:42:76:0c:3f:6d:fc:32:dc:ce:89: e1:ad:9a:1b:9e:3e:27:69:97:53:d1:47:6e:cb:1e: 47:39:43:4a:b6:62:ee:78:ac:b8:bf:ac:c1:fe:d3: 44:21:04:9b:14:cf:94:f4:d4:c9:cd:ad:eb:2c:e7: d7:b0:36:95:e7:fe:12:af:e0:08:bc:81:e2:c3:8f: 42:cf:52:d2:d4:2e:34:19:ad:db:33:c2:e0:22:20: e3:20:ab:57:d8:2f:60:5d:63:b3:b1:b6:bb:04:ca: 6d:9f:1a:85:78:ce:b0:80:aa:a0:9a:52:a1:8c:8f: 50:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D6:C9:D8:94:17:44:BA:15:48:00:50:C0:4E:F5:33:20:CA:0F:C3 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.125.236.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:6b:23:bc:23:bd:2c:72:c3:85:3b:f1:ca:91:ec:54:6a:76: af:ed:52:a6:f8:2c:d5:49:be:32:95:70:8a:9c:2a:90:9d:12: 70:31:48:7e:ad:d3:f7:00:2d:1d:58:78:42:28:b9:ed:90:3b: 03:b8:99:2f:96:c3:06:42:63:b7:22:ba:76:8e:c3:93:3b:8b: 3b:73:c9:34:e1:87:a8:97:78:03:5e:b5:46:3d:b5:bb:f3:2a: 59:05:22:1b:38:a3:53:7c:ab:20:24:f7:a1:fe:6e:0a:ef:73: 5f:e9:71:31:ad:43:3e:5c:ca:93:8e:bf:d3:3f:b6:9e:e3:ce: 74:3b:7d:f0:e4:13:14:40:3f:25:ec:d2:59:5f:86:da:ab:f7: 58:82:2a:be:cd:76:b8:a8:36:c3:72:a4:e8:f2:c0:d5:55:d7: c5:2f:72:8f:8b:db:5c:21:3a:db:c3:b1:fd:bc:91:02:51:95: b0:55:f4:ef:df:6b:07:05:46:cc:a6:e5:fb:6f:26:28:16:a6: 38:d1:a5:fa:85:df:28:66:be:50:79:aa:df:30:0e:26:2c:93: a8:83:00:95:b4:97:cb:a3:12:f6:e7:9b:01:26:ad:fa:66:f1: cf:17:46:04:48:7e:cd:49:98:fa:67:e2:89:7d:0e:9a:f5:d7: 13:a3:75:0e -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALqnMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjQ4MzVaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDYzRDZDOUQ4OTQxNzQ0QkExNTQ4MDA1MEMwNEVGNTMzMjBDQTBG QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo4IzxfjGgZET8d6/e /F9QWeZ9tPI2tlOo0t8XWQBJqXQUfDNj3vZjExeiEqGnqHvuG56HWnJP84muN/hj 0CnORUFWJF3RtbmI0ph82S2TNjvrFCLb16xrt8ilJfq606zNpp6Eg8Gtm39bZE9v z1eXA85yRuB6mE13kdUH1pBlGytUVzDZRJwwfVaPQnYMP238MtzOieGtmhuePidp l1PRR27LHkc5Q0q2Yu54rLi/rMH+00QhBJsUz5T01MnNress59ewNpXn/hKv4Ai8 geLDj0LPUtLULjQZrdszwuAiIOMgq1fYL2BdY7OxtrsEym2fGoV4zrCAqqCaUqGM j1BtAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUY9bJ2JQXRLoVSABQwE71MyDKD8Mw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 MzMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjgzMy9ZOWJKMkpRWFJMb1ZTQUJRd0U3MU15REtEOE0ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ33sMA0GCSqGSIb3DQEBCwUA A4IBAQCOayO8I70scsOFO/HKkexUanav7VKm+CzVSb4ylXCKnCqQnRJwMUh+rdP3 AC0dWHhCKLntkDsDuJkvlsMGQmO3Irp2jsOTO4s7c8k04Yeol3gDXrVGPbW78ypZ BSIbOKNTfKsgJPeh/m4K73Nf6XExrUM+XMqTjr/TP7ae4850O33w5BMUQD8l7NJZ X4baq/dYgiq+zXa4qDbDcqTo8sDVVdfFL3KPi9tcITrbw7H9vJECUZWwVfTv32sH BUbMpuX7byYoFqY40aX6hd8oZr5QearfMA4mLJOogwCVtJfLoxL255sBJq36ZvHP F0YESH7NSZj6Z+KJfQ6a9dcTo3UO -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:26 2024 by rpki-client on console-fra.rpki-client.org