$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/YLPIasbP0CN84cnspVtYB15oi9A.cer File: YLPIasbP0CN84cnspVtYB15oi9A.cer (raw, json) Hash identifier: YWkBRtboyKbBSRG8MZrV+8k2VmSMyWGxkNp9i7Zfewk= Subject key identifier: 60:B3:C8:6A:C6:CF:D0:23:7C:E1:C9:EC:A5:5B:58:07:5E:68:8B:D0 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: ADEB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3213/YLPIasbP0CN84cnspVtYB15oi9A.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3213/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:18:59 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 202.38.8.0/21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 15:26:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44523 (0xadeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:18:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=60B3C86AC6CFD0237CE1C9ECA55B58075E688BD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:81:69:2a:48:97:9b:7a:ec:d4:2f:57:b3:47: 9c:dd:22:b7:c6:1d:c5:c9:00:9a:e2:bd:db:89:d7: 49:40:33:00:29:7f:31:e9:98:dd:e6:b8:35:09:5a: a4:0a:19:c1:f5:6f:01:54:f1:f6:ac:01:7f:34:92: 69:99:01:8a:da:ea:09:82:72:5b:34:d4:e8:89:3d: 96:39:35:ef:c7:bf:44:97:d1:d6:40:1b:48:7c:13: 83:6b:d5:5d:db:33:1e:9a:85:21:4b:0d:5d:ad:34: 30:33:eb:37:21:6e:cc:ed:ca:94:a4:f9:67:c4:5d: 32:ef:ac:62:33:aa:05:8b:a7:ab:4a:f9:70:03:c8: 57:f9:19:87:c2:31:88:24:27:50:24:9b:d8:8d:6b: 9b:f6:23:ad:71:2b:59:85:0a:89:72:f7:f6:10:b2: 0f:92:70:27:d8:e1:a0:63:bc:a2:f7:ff:4e:08:91: f9:04:0b:59:29:89:8b:1a:60:a6:d0:d7:71:9f:b3: 4c:3a:fc:e8:3e:78:ae:bd:4e:2a:e3:78:71:e1:f9: b3:84:f2:10:7d:00:03:04:8b:db:1e:92:76:3b:38: f1:a8:f1:71:5a:e5:f1:b6:fc:1d:e4:4c:71:f4:1d: 30:f9:ec:30:31:6a:fb:f7:49:19:40:05:3d:eb:98: 2b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:B3:C8:6A:C6:CF:D0:23:7C:E1:C9:EC:A5:5B:58:07:5E:68:8B:D0 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3213/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3213/YLPIasbP0CN84cnspVtYB15oi9A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.38.8.0/21 Signature Algorithm: sha256WithRSAEncryption 8a:bf:fa:81:2c:8a:a9:84:18:79:88:67:dc:99:1a:a9:e4:18: 83:05:19:30:c6:1f:8e:77:8f:53:f8:b8:cb:a0:09:54:ff:44: 91:86:d3:0d:9c:2f:c1:6d:e1:39:0e:be:69:5c:ad:f0:75:93: 92:b1:7d:9e:5b:d8:39:f4:91:8c:3f:0d:0b:d6:8c:18:ce:cf: da:d4:90:11:02:fd:27:93:a3:0b:00:42:31:73:e3:f2:77:55: 32:e8:00:38:fa:be:a3:2c:ed:e8:bf:9d:02:57:90:77:8a:fe: ab:40:fd:36:9b:95:84:2c:93:85:15:8b:83:7c:88:8d:1c:55: fe:8f:f0:d3:50:c0:7a:82:40:b5:16:f9:4d:11:a8:bd:a0:8c: 16:26:08:e7:b5:e3:62:4f:54:62:b4:0a:f0:69:36:13:c1:06: cd:4c:27:5c:8f:a5:02:9a:1e:e4:71:12:a7:f9:9d:ed:84:a9: 08:73:5d:69:87:c4:e1:7d:f7:72:69:de:bd:18:5f:5b:73:d3: 53:c6:20:ba:c1:e5:88:85:e3:0f:8b:f8:1d:cb:9d:3b:70:0d: 40:1c:d2:9a:09:b1:e2:c8:45:06:98:88:20:b3:1f:21:af:b2: 7f:41:47:e4:4f:23:e4:9d:c7:93:a0:95:9f:09:c3:58:e8:82: dc:df:67:8f -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAK3rMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTE4NTlaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDYwQjNDODZBQzZDRkQwMjM3Q0UxQzlFQ0E1NUI1ODA3NUU2ODhC RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCagWkqSJebeuzUL1ez R5zdIrfGHcXJAJrivduJ10lAMwApfzHpmN3muDUJWqQKGcH1bwFU8fasAX80kmmZ AYra6gmCcls01OiJPZY5Ne/Hv0SX0dZAG0h8E4Nr1V3bMx6ahSFLDV2tNDAz6zch bsztypSk+WfEXTLvrGIzqgWLp6tK+XADyFf5GYfCMYgkJ1Akm9iNa5v2I61xK1mF Coly9/YQsg+ScCfY4aBjvKL3/04IkfkEC1kpiYsaYKbQ13Gfs0w6/Og+eK69Tirj eHHh+bOE8hB9AAMEi9seknY7OPGo8XFa5fG2/B3kTHH0HTD57DAxavv3SRlABT3r mCsjAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUYLPIasbP0CN84cnspVtYB15oi9Aw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MTMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIxMy9ZTFBJYXNiUDBDTjg0Y25zcFZ0WUIxNW9pOUEubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyiYIMA0GCSqGSIb3DQEBCwUA A4IBAQCKv/qBLIqphBh5iGfcmRqp5BiDBRkwxh+Od49T+LjLoAlU/0SRhtMNnC/B beE5Dr5pXK3wdZOSsX2eW9g59JGMPw0L1owYzs/a1JARAv0nk6MLAEIxc+Pyd1Uy 6AA4+r6jLO3ov50CV5B3iv6rQP02m5WELJOFFYuDfIiNHFX+j/DTUMB6gkC1FvlN Eai9oIwWJgjnteNiT1RitArwaTYTwQbNTCdcj6UCmh7kcRKn+Z3thKkIc11ph8Th ffdyad69GF9bc9NTxiC6weWIheMPi/gdy507cA1AHNKaCbHiyEUGmIggsx8hr7J/ QUfkTyPknceToJWfCcNY6ILc32eP -----END CERTIFICATE-----Generated at Sun May 19 10:28:33 2024 by rpki-client on console-ams.rpki-client.org