Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.cer
File: ZFhvs0ONdhVEVAgv-FVrPRPxcbc.cer (raw, json)
Hash identifier: j/tQE0bOfp5X7a0r9Pg8r3KfsHMlI7utECtWxBWfLa8=
Subject key identifier: 64:58:6F:B3:43:8D:76:15:44:54:08:2F:F8:55:6B:3D:13:F1:71:B7
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AF93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:24:33 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 58844
IP: 103.64.24.0 -- 103.64.127.255
IP: 103.64.140.0 -- 103.64.147.255
IP: 103.64.152.0/22
IP: 103.64.208.0/22
IP: 103.67.100.0 -- 103.67.151.255
IP: 103.67.212.0/22
IP: 103.222.112.0 -- 103.222.143.255
IP: 103.222.216.0 -- 103.222.235.255
IP: 103.222.240.0/22
IP: 103.223.16.0 -- 103.223.103.255
IP: 103.223.124.0/22
IP: 103.251.128.0/22
IP: 121.46.0.0/18
IP: 121.46.128.0/18
IP: 2406:5880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 17 May 2024 11:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44947 (0xaf93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:24:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=64586FB3438D76154454082FF8556B3D13F171B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:f5:5b:9a:4e:37:96:3f:d4:a7:64:39:88:
94:62:eb:79:48:24:5a:3d:2e:27:db:83:ef:d9:e9:
f6:6d:c1:ec:b8:16:65:f1:82:01:92:e5:91:80:36:
72:3a:39:0f:b3:e9:9e:16:7e:c3:8b:54:87:31:d9:
a8:7e:bd:ec:7b:c4:61:32:22:80:3f:36:5c:1e:e5:
fe:d9:fd:1c:62:0b:90:16:98:97:92:ab:0a:43:4c:
86:e2:dc:a0:a0:11:69:11:24:db:42:2f:f0:f0:67:
71:07:41:06:24:38:c1:7b:2b:2c:5f:a2:7f:56:e4:
1b:a7:04:93:01:ab:1e:6c:75:c9:63:6c:be:4e:ef:
ad:c1:3d:cd:53:05:07:f6:03:01:39:c9:73:58:ed:
d1:9f:6d:5f:63:d5:46:eb:de:12:60:d7:9d:89:64:
58:2c:25:d8:16:6b:53:ad:b7:7b:d9:37:97:6d:86:
25:85:38:c5:60:19:bc:39:1d:d6:69:74:75:d9:4d:
db:d6:9a:72:bc:4f:5d:c3:88:5a:39:66:1d:a7:02:
19:f0:14:e1:ec:7a:05:1f:82:06:2c:86:bc:9f:3a:
bc:14:4a:1a:7d:e9:ac:25:ab:4d:94:10:e9:96:06:
c3:2c:d2:e6:33:ad:47:46:b8:e1:0d:b3:5d:c1:54:
9a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:58:6F:B3:43:8D:76:15:44:54:08:2F:F8:55:6B:3D:13:F1:71:B7
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58844
sbgp-ipAddrBlock: critical
IPv4:
103.64.24.0-103.64.127.255
103.64.140.0-103.64.147.255
103.64.152.0/22
103.64.208.0/22
103.67.100.0-103.67.151.255
103.67.212.0/22
103.222.112.0-103.222.143.255
103.222.216.0-103.222.235.255
103.222.240.0/22
103.223.16.0-103.223.103.255
103.223.124.0/22
103.251.128.0/22
121.46.0.0/18
121.46.128.0/18
IPv6:
2406:5880::/32
Signature Algorithm: sha256WithRSAEncryption
60:84:e3:ea:c3:4f:af:94:d4:fc:15:93:7f:d5:41:45:ad:53:
7d:5c:cf:9f:6a:96:35:47:bf:8e:9b:b1:88:0f:82:6f:0f:e0:
6b:25:6f:0d:1a:40:e9:9d:18:61:13:16:b6:81:de:78:f2:70:
98:c8:e7:9d:94:94:e5:b7:50:10:48:2c:cd:ab:67:8b:64:01:
86:b2:6d:86:e5:e7:99:13:e6:3c:f6:fa:79:4c:78:a5:6c:90:
6d:f3:51:41:98:be:f9:23:d3:52:5e:02:7d:1a:47:48:f6:4b:
a1:28:e4:9a:c9:03:08:73:ce:51:c7:bc:6f:a7:44:2a:20:6b:
22:84:ef:e3:c6:3e:3c:92:a2:10:40:56:b1:7d:19:80:33:fc:
7e:0b:1e:83:56:ee:71:00:61:78:6c:f3:83:a9:60:47:b9:d9:
b2:06:5c:8f:a7:24:f1:24:84:27:eb:b4:69:c6:8d:53:69:cb:
32:64:a8:f7:45:41:b7:85:46:7e:a2:4d:34:a8:77:dc:9b:3b:
8c:b0:63:33:3f:49:34:3e:3a:66:01:96:61:c1:7d:b1:fb:84:
4d:c2:e1:4c:70:8a:72:10:75:8e:84:6c:eb:63:4f:1b:a6:d8:
95:14:00:c6:d7:64:b0:8f:e3:66:5a:e2:09:e1:c1:2e:d1:40:
d2:4b:ed:d4
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgIDAK+TMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTI0MzNaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDY0NTg2RkIzNDM4RDc2MTU0NDU0MDgyRkY4NTU2QjNEMTNGMTcx
QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu9/Vbmk43lj/Up2Q5
iJRi63lIJFo9Lifbg+/Z6fZtwey4FmXxggGS5ZGANnI6OQ+z6Z4WfsOLVIcx2ah+
vex7xGEyIoA/Nlwe5f7Z/RxiC5AWmJeSqwpDTIbi3KCgEWkRJNtCL/DwZ3EHQQYk
OMF7Kyxfon9W5BunBJMBqx5sdcljbL5O763BPc1TBQf2AwE5yXNY7dGfbV9j1Ubr
3hJg152JZFgsJdgWa1Ott3vZN5dthiWFOMVgGbw5HdZpdHXZTdvWmnK8T13DiFo5
Zh2nAhnwFOHsegUfggYshryfOrwUShp96awlq02UEOmWBsMs0uYzrUdGuOENs13B
VJpxAgMBAAGjggMBMIIC/TAdBgNVHQ4EFgQUZFhvs0ONdhVEVAgv+FVrPRPxcbcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYz
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC82MzAvWkZodnMwT05kaFZFVkFndi1GVnJQUlB4Y2JjLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA5dwwgbAGCCsGAQUFBwEHAQH/BIGgMIGd
MIGLBAIAATCBhDAMAwQDZ0AYAwQHZ0AAMAwDBAJnQIwDBAJnQJADBAJnQJgDBAJn
QNAwDAMEAmdDZAMEA2dDkAMEAmdD1DAMAwQEZ95wAwQEZ96AMAwDBANn3tgDBAJn
3ugDBAJn3vAwDAMEBGffEAMEA2ffYAMEAmfffAMEAmf7gAMEBnkuAAMEBnkugDAN
BAIAAjAHAwUAJAZYgDANBgkqhkiG9w0BAQsFAAOCAQEAYITj6sNPr5TU/BWTf9VB
Ra1TfVzPn2qWNUe/jpuxiA+Cbw/gayVvDRpA6Z0YYRMWtoHeePJwmMjnnZSU5bdQ
EEgszatni2QBhrJthuXnmRPmPPb6eUx4pWyQbfNRQZi++SPTUl4CfRpHSPZLoSjk
mskDCHPOUce8b6dEKiBrIoTv48Y+PJKiEEBWsX0ZgDP8fgseg1bucQBheGzzg6lg
R7nZsgZcj6ck8SSEJ+u0acaNU2nLMmSo90VBt4VGfqJNNKh33Js7jLBjMz9JND46
ZgGWYcF9sfuETcLhTHCKchB1joRs62NPG6bYlRQAxtdksI/jZlriCeHBLtFA0kvt
1A==
-----END CERTIFICATE-----
Generated at Fri May 17 06:19:02 2024 by rpki-client on console-fra.rpki-client.org