Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.cer
File: ZFhvs0ONdhVEVAgv-FVrPRPxcbc.cer (raw, json)
Hash identifier: n5HDxJhrKRBHu3y/vU9vppqHX5rNcdQxbk7lKn2LFeg=
Subject key identifier: 64:58:6F:B3:43:8D:76:15:44:54:08:2F:F8:55:6B:3D:13:F1:71:B7
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CCAF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:05:43 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 58844
IP: 103.64.24.0/21
IP: 103.64.140.0 -- 103.64.147.255
IP: 103.64.152.0/22
IP: 103.64.208.0/22
IP: 103.67.100.0 -- 103.67.151.255
IP: 103.67.212.0/22
IP: 103.222.112.0 -- 103.222.143.255
IP: 103.222.216.0 -- 103.222.235.255
IP: 103.222.240.0/22
IP: 103.223.16.0/20
IP: 103.223.64.0 -- 103.223.103.255
IP: 103.223.124.0/22
IP: 103.251.128.0/22
IP: 121.46.0.0/18
IP: 121.46.128.0/18
IP: 2406:5880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52399 (0xccaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:05:43 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=64586FB3438D76154454082FF8556B3D13F171B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:f5:5b:9a:4e:37:96:3f:d4:a7:64:39:88:
94:62:eb:79:48:24:5a:3d:2e:27:db:83:ef:d9:e9:
f6:6d:c1:ec:b8:16:65:f1:82:01:92:e5:91:80:36:
72:3a:39:0f:b3:e9:9e:16:7e:c3:8b:54:87:31:d9:
a8:7e:bd:ec:7b:c4:61:32:22:80:3f:36:5c:1e:e5:
fe:d9:fd:1c:62:0b:90:16:98:97:92:ab:0a:43:4c:
86:e2:dc:a0:a0:11:69:11:24:db:42:2f:f0:f0:67:
71:07:41:06:24:38:c1:7b:2b:2c:5f:a2:7f:56:e4:
1b:a7:04:93:01:ab:1e:6c:75:c9:63:6c:be:4e:ef:
ad:c1:3d:cd:53:05:07:f6:03:01:39:c9:73:58:ed:
d1:9f:6d:5f:63:d5:46:eb:de:12:60:d7:9d:89:64:
58:2c:25:d8:16:6b:53:ad:b7:7b:d9:37:97:6d:86:
25:85:38:c5:60:19:bc:39:1d:d6:69:74:75:d9:4d:
db:d6:9a:72:bc:4f:5d:c3:88:5a:39:66:1d:a7:02:
19:f0:14:e1:ec:7a:05:1f:82:06:2c:86:bc:9f:3a:
bc:14:4a:1a:7d:e9:ac:25:ab:4d:94:10:e9:96:06:
c3:2c:d2:e6:33:ad:47:46:b8:e1:0d:b3:5d:c1:54:
9a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:58:6F:B3:43:8D:76:15:44:54:08:2F:F8:55:6B:3D:13:F1:71:B7
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58844
sbgp-ipAddrBlock: critical
IPv4:
103.64.24.0/21
103.64.140.0-103.64.147.255
103.64.152.0/22
103.64.208.0/22
103.67.100.0-103.67.151.255
103.67.212.0/22
103.222.112.0-103.222.143.255
103.222.216.0-103.222.235.255
103.222.240.0/22
103.223.16.0/20
103.223.64.0-103.223.103.255
103.223.124.0/22
103.251.128.0/22
121.46.0.0/18
121.46.128.0/18
IPv6:
2406:5880::/32
Signature Algorithm: sha256WithRSAEncryption
10:9d:5f:8a:c2:55:cd:74:79:8d:9c:c3:dc:de:da:24:83:7c:
49:d2:c4:37:d6:5c:54:7a:f8:b5:35:cc:f3:0d:73:fe:49:b5:
08:b9:87:fe:f6:a9:76:5a:ef:69:51:ea:5d:db:2f:ad:52:ed:
62:04:2e:d7:51:1d:82:fa:00:c6:93:a5:93:40:13:b4:72:03:
89:cd:a6:f6:73:85:a8:45:a3:48:f5:6d:ef:95:67:36:40:99:
f0:2a:66:90:1e:ae:cd:4e:96:f4:d1:57:c2:30:7f:57:9e:74:
10:21:59:b3:63:ff:62:68:31:59:3f:a3:5e:aa:36:73:e3:f4:
d0:90:91:35:69:3d:8e:f5:09:38:0b:6c:10:01:9b:1c:f1:64:
d6:e5:61:8b:a6:47:70:24:30:38:9a:8b:15:71:b6:18:1f:34:
cd:45:78:82:b0:f0:df:14:95:1b:64:bc:b5:85:a2:99:7e:e1:
68:41:05:af:4a:98:d7:70:25:6c:f7:1d:78:4f:eb:d1:69:95:
63:12:92:d2:ea:5b:00:bd:06:4a:d0:f9:d4:11:ad:c9:cf:94:
73:b8:07:61:91:79:fe:85:a4:61:cd:e7:6c:c9:ff:57:50:fe:
d5:db:db:7a:65:a8:04:dd:ee:91:d2:bb:48:73:9a:e1:05:50:
e1:8b:8a:c4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIDAMyvMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA1NDNaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDY0NTg2RkIzNDM4RDc2MTU0NDU0MDgyRkY4NTU2QjNEMTNGMTcx
QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu9/Vbmk43lj/Up2Q5
iJRi63lIJFo9Lifbg+/Z6fZtwey4FmXxggGS5ZGANnI6OQ+z6Z4WfsOLVIcx2ah+
vex7xGEyIoA/Nlwe5f7Z/RxiC5AWmJeSqwpDTIbi3KCgEWkRJNtCL/DwZ3EHQQYk
OMF7Kyxfon9W5BunBJMBqx5sdcljbL5O763BPc1TBQf2AwE5yXNY7dGfbV9j1Ubr
3hJg152JZFgsJdgWa1Ott3vZN5dthiWFOMVgGbw5HdZpdHXZTdvWmnK8T13DiFo5
Zh2nAhnwFOHsegUfggYshryfOrwUShp96awlq02UEOmWBsMs0uYzrUdGuOENs13B
VJpxAgMBAAGjggL/MIIC+zAdBgNVHQ4EFgQUZFhvs0ONdhVEVAgv+FVrPRPxcbcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYz
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC82MzAvWkZodnMwT05kaFZFVkFndi1GVnJQUlB4Y2JjLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA5dwwga4GCCsGAQUFBwEHAQH/BIGeMIGb
MIGJBAIAATCBggMEA2dAGDAMAwQCZ0CMAwQCZ0CQAwQCZ0CYAwQCZ0DQMAwDBAJn
Q2QDBANnQ5ADBAJnQ9QwDAMEBGfecAMEBGfegDAMAwQDZ97YAwQCZ97oAwQCZ97w
AwQEZ98QMAwDBAZn30ADBANn32ADBAJn33wDBAJn+4ADBAZ5LgADBAZ5LoAwDQQC
AAIwBwMFACQGWIAwDQYJKoZIhvcNAQELBQADggEBABCdX4rCVc10eY2cw9ze2iSD
fEnSxDfWXFR6+LU1zPMNc/5JtQi5h/72qXZa72lR6l3bL61S7WIELtdRHYL6AMaT
pZNAE7RyA4nNpvZzhahFo0j1be+VZzZAmfAqZpAers1OlvTRV8Iwf1eedBAhWbNj
/2JoMVk/o16qNnPj9NCQkTVpPY71CTgLbBABmxzxZNblYYumR3AkMDiaixVxthgf
NM1FeIKw8N8UlRtkvLWFopl+4WhBBa9KmNdwJWz3HXhP69FplWMSktLqWwC9BkrQ
+dQRrcnPlHO4B2GRef6FpGHN52zJ/1dQ/tXb23plqATd7pHSu0hzmuEFUOGLisQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:18:52 2025 by rpki-client