Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/YF6gmzeBaelt3yEXV4Lf6hFW-uE.cer
File: YF6gmzeBaelt3yEXV4Lf6hFW-uE.cer (raw, json)
Hash identifier: gISQ6OD0iDoKREV08+PhZY9CzqmNzMZaWeWHr5nmLj8=
Subject key identifier: 60:5E:A0:9B:37:81:69:E9:6D:DF:21:17:57:82:DF:EA:11:56:FA:E1
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: 77EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/378/YF6gmzeBaelt3yEXV4Lf6hFW-uE.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/378/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 27 May 2021 05:06:41 +0000
Certificate not after: Fri 27 May 2022 04:59:52 +0000
Subordinate resources: IP: 43.240.220.0/22
IP: 101.96.144.0 -- 101.96.255.255
IP: 103.36.220.0/22
IP: 2401:da00::/32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30700 (0x77ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: May 27 05:06:41 2021 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=605EA09B378169E96DDF21175782DFEA1156FAE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:f3:4f:07:3b:5a:b8:d4:4b:44:87:51:99:
85:e5:69:39:e1:45:37:d0:db:92:97:74:82:09:5f:
47:c9:ef:77:51:1d:37:4c:f1:03:39:d3:d4:d2:c5:
cb:15:be:62:10:cd:a8:77:b1:63:33:17:c3:24:03:
1a:5f:d4:b9:25:8f:89:3d:69:d7:63:0a:2d:4c:64:
b6:36:81:e1:29:13:8e:25:26:ba:08:66:f8:b2:26:
71:9b:d1:5e:7e:e6:70:d5:b8:99:5a:ae:03:33:7c:
b8:12:c6:4c:7c:d1:48:76:74:fa:62:86:1e:c7:fe:
c7:94:5f:e0:e5:b1:75:d8:83:dc:7a:cb:89:9c:b8:
7e:70:3c:b4:42:3c:ab:e1:cc:16:c1:51:5c:2b:b4:
20:03:e2:3e:6d:f7:24:a2:5a:99:a2:42:fe:96:5c:
51:16:52:c4:98:28:4d:4f:fd:5a:1a:f6:3a:4a:45:
63:7c:5d:17:2c:e4:c7:3a:29:66:07:60:ed:77:6c:
fe:10:d9:0f:b3:b7:eb:1b:9d:8f:0b:4d:6e:c5:d6:
b3:d0:b9:9b:70:4e:e1:c7:4e:16:0c:31:7c:1e:8b:
c6:e8:73:96:2b:9e:a8:70:ff:27:cc:b0:3c:be:6e:
a3:f4:9c:60:40:38:72:44:5f:d8:a1:c8:36:b2:a2:
4b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5E:A0:9B:37:81:69:E9:6D:DF:21:17:57:82:DF:EA:11:56:FA:E1
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/378/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/378/YF6gmzeBaelt3yEXV4Lf6hFW-uE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.220.0/22
101.96.144.0-101.96.255.255
103.36.220.0/22
IPv6:
2401:da00::/32
Signature Algorithm: sha256WithRSAEncryption
49:a0:20:49:54:04:c5:89:d3:0e:4d:1c:46:6c:e2:95:64:65:
ec:44:ac:df:8f:f2:07:91:c6:d8:b2:e0:e2:ef:b7:35:0c:c2:
af:b1:34:15:de:b1:e8:69:e2:26:1b:94:23:54:98:b0:46:5f:
0d:fe:fe:80:2f:d2:58:93:7c:77:90:9a:f0:85:27:eb:89:44:
da:dc:61:51:ad:35:3e:07:44:61:33:26:26:8b:8b:5e:86:b6:
99:ef:6f:8a:9a:fe:33:b1:e5:0e:7b:39:e4:51:87:91:1a:11:
73:08:0f:21:61:b7:2c:b8:c2:9a:9c:72:f7:85:11:0f:2f:73:
54:a5:05:68:3a:bf:c1:90:7b:16:4f:bf:99:9e:55:df:27:b4:
59:aa:2d:56:22:c9:8a:b3:71:bd:77:3c:1e:dc:e6:73:87:90:
34:7e:6a:83:05:2e:e2:6f:cd:11:cb:b0:9b:66:84:5e:73:1a:
20:ca:a6:49:d2:a6:ea:11:f7:17:ca:a2:fa:e5:5b:96:54:f4:
1a:29:2e:77:14:ef:67:9f:97:16:8a:b5:bd:a4:07:03:19:bc:
59:ef:ad:5b:bd:fd:3f:63:1d:97:fc:2d:85:12:74:d1:e0:75:
f3:ea:69:27:78:38:47:6d:65:dd:d6:a0:f4:94:e8:15:41:be:
de:bf:1e:0d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICd+wwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEygwNDE2MjlCNkE5RUFCN0NCMTMyNEVBMzk3OEYw
Mzc5NkY4ODlCNTQwMB4XDTIxMDUyNzA1MDY0MVoXDTIyMDUyNzA0NTk1MlowMzEx
MC8GA1UEAxMoNjA1RUEwOUIzNzgxNjlFOTZEREYyMTE3NTc4MkRGRUExMTU2RkFF
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALge808HO1q41EtEh1GZ
heVpOeFFN9Dbkpd0gglfR8nvd1EdN0zxAznT1NLFyxW+YhDNqHexYzMXwyQDGl/U
uSWPiT1p12MKLUxktjaB4SkTjiUmughm+LImcZvRXn7mcNW4mVquAzN8uBLGTHzR
SHZ0+mKGHsf+x5Rf4OWxddiD3HrLiZy4fnA8tEI8q+HMFsFRXCu0IAPiPm33JKJa
maJC/pZcURZSxJgoTU/9Whr2OkpFY3xdFyzkxzopZgdg7Xds/hDZD7O36xudjwtN
bsXWs9C5m3BO4cdOFgwxfB6LxuhzliueqHD/J8ywPL5uo/ScYEA4ckRf2KHINrKi
S00CAwEAAaOCAnUwggJxMB0GA1UdDgQWBBRgXqCbN4Fp6W3fIRdXgt/qEVb64TAf
BgNVHSMEGDAWgBQEFim2qeq3yxMk6jl48DeW+Im1QDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQx
RkYyL0JCWXB0cW5xdDhzVEpPbzVlUEEzbHZpSnRVQS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF
BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzc4
LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzM3OC9ZRjZnbXplQmFlbHQzeUVYVjRMZjZoRlctdUUubWZ0MDEGCCsG
AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMEEG
CCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQCK/DcMAsDBARlYJADAwBlYAMEAmck
3DANBAIAAjAHAwUAJAHaADANBgkqhkiG9w0BAQsFAAOCAQEASaAgSVQExYnTDk0c
RmzilWRl7ESs34/yB5HG2LLg4u+3NQzCr7E0Fd6x6GniJhuUI1SYsEZfDf7+gC/S
WJN8d5Ca8IUn64lE2txhUa01PgdEYTMmJouLXoa2me9vipr+M7HlDns55FGHkRoR
cwgPIWG3LLjCmpxy94URDy9zVKUFaDq/wZB7Fk+/mZ5V3ye0WaotViLJirNxvXc8
Htzmc4eQNH5qgwUu4m/NEcuwm2aEXnMaIMqmSdKm6hH3F8qi+uVbllT0GikudxTv
Z5+XFoq1vaQHAxm8We+tW739P2Mdl/wthRJ00eB18+ppJ3g4R21l3dag9JToFUG+
3r8eDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:25 2023 by rpki-client on console-fra.rpki-client.org