Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.cer
File: ZFhvs0ONdhVEVAgv-FVrPRPxcbc.cer (raw, json)
Hash identifier: Vo0pk4Q0j3kKjunMq2L16kyVQWnXUSArCAbCfwBQZS0=
Subject key identifier: 64:58:6F:B3:43:8D:76:15:44:54:08:2F:F8:55:6B:3D:13:F1:71:B7
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: C01F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 15 Nov 2024 05:53:52 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 58844
IP: 103.64.24.0/21
IP: 103.64.140.0 -- 103.64.147.255
IP: 103.64.152.0/22
IP: 103.64.208.0/22
IP: 103.67.100.0 -- 103.67.151.255
IP: 103.67.212.0/22
IP: 103.222.112.0 -- 103.222.143.255
IP: 103.222.216.0 -- 103.222.235.255
IP: 103.222.240.0/22
IP: 103.223.16.0/20
IP: 103.223.64.0 -- 103.223.103.255
IP: 103.223.124.0/22
IP: 103.251.128.0/22
IP: 121.46.0.0/18
IP: 121.46.128.0/18
IP: 2406:5880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49183 (0xc01f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Nov 15 05:53:52 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=64586FB3438D76154454082FF8556B3D13F171B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:f5:5b:9a:4e:37:96:3f:d4:a7:64:39:88:
94:62:eb:79:48:24:5a:3d:2e:27:db:83:ef:d9:e9:
f6:6d:c1:ec:b8:16:65:f1:82:01:92:e5:91:80:36:
72:3a:39:0f:b3:e9:9e:16:7e:c3:8b:54:87:31:d9:
a8:7e:bd:ec:7b:c4:61:32:22:80:3f:36:5c:1e:e5:
fe:d9:fd:1c:62:0b:90:16:98:97:92:ab:0a:43:4c:
86:e2:dc:a0:a0:11:69:11:24:db:42:2f:f0:f0:67:
71:07:41:06:24:38:c1:7b:2b:2c:5f:a2:7f:56:e4:
1b:a7:04:93:01:ab:1e:6c:75:c9:63:6c:be:4e:ef:
ad:c1:3d:cd:53:05:07:f6:03:01:39:c9:73:58:ed:
d1:9f:6d:5f:63:d5:46:eb:de:12:60:d7:9d:89:64:
58:2c:25:d8:16:6b:53:ad:b7:7b:d9:37:97:6d:86:
25:85:38:c5:60:19:bc:39:1d:d6:69:74:75:d9:4d:
db:d6:9a:72:bc:4f:5d:c3:88:5a:39:66:1d:a7:02:
19:f0:14:e1:ec:7a:05:1f:82:06:2c:86:bc:9f:3a:
bc:14:4a:1a:7d:e9:ac:25:ab:4d:94:10:e9:96:06:
c3:2c:d2:e6:33:ad:47:46:b8:e1:0d:b3:5d:c1:54:
9a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:58:6F:B3:43:8D:76:15:44:54:08:2F:F8:55:6B:3D:13:F1:71:B7
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/630/ZFhvs0ONdhVEVAgv-FVrPRPxcbc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58844
sbgp-ipAddrBlock: critical
IPv4:
103.64.24.0/21
103.64.140.0-103.64.147.255
103.64.152.0/22
103.64.208.0/22
103.67.100.0-103.67.151.255
103.67.212.0/22
103.222.112.0-103.222.143.255
103.222.216.0-103.222.235.255
103.222.240.0/22
103.223.16.0/20
103.223.64.0-103.223.103.255
103.223.124.0/22
103.251.128.0/22
121.46.0.0/18
121.46.128.0/18
IPv6:
2406:5880::/32
Signature Algorithm: sha256WithRSAEncryption
67:9b:9f:e8:13:f5:d3:8e:82:50:df:09:40:3c:d3:04:8e:9f:
95:e5:78:a2:c2:88:24:3d:75:35:8c:b6:77:4b:3d:f0:08:2c:
95:90:4f:70:22:46:20:90:00:5a:2f:b2:c5:21:33:f2:99:d4:
60:77:0e:aa:76:12:97:20:25:d4:ad:f4:1a:fa:0d:b2:be:7d:
52:a3:53:38:4e:74:63:f1:f1:84:8b:84:5d:21:66:8a:df:6e:
6a:35:60:7d:94:8d:62:c6:ad:8a:c3:51:8d:d9:d2:39:03:13:
bb:04:1a:cd:82:7b:32:c8:f0:fd:97:31:75:c6:72:fb:19:e3:
66:d5:5b:25:20:ad:0e:8a:02:f6:4a:ff:44:5b:88:96:54:4d:
a2:14:6e:55:24:ae:f0:69:a6:41:82:03:44:cc:74:b7:8b:94:
e2:e9:8f:65:f0:d6:81:2c:57:d5:11:e6:3d:85:dc:3c:52:94:
ef:52:1e:43:b7:fd:3c:82:24:65:bf:6a:fc:71:79:2b:44:78:
04:02:1e:37:a2:56:16:c2:e5:76:67:33:0a:b2:ed:c5:98:73:
dc:c2:2d:9b:be:5c:c8:fd:00:7f:eb:05:73:83:e4:01:08:5f:
1e:b7:14:e7:b6:84:1a:88:83:60:72:6a:7e:25:7d:a3:c2:a3:
ab:be:60:8e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIDAMAfMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDExMTUwNTUzNTJaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDY0NTg2RkIzNDM4RDc2MTU0NDU0MDgyRkY4NTU2QjNEMTNGMTcx
QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu9/Vbmk43lj/Up2Q5
iJRi63lIJFo9Lifbg+/Z6fZtwey4FmXxggGS5ZGANnI6OQ+z6Z4WfsOLVIcx2ah+
vex7xGEyIoA/Nlwe5f7Z/RxiC5AWmJeSqwpDTIbi3KCgEWkRJNtCL/DwZ3EHQQYk
OMF7Kyxfon9W5BunBJMBqx5sdcljbL5O763BPc1TBQf2AwE5yXNY7dGfbV9j1Ubr
3hJg152JZFgsJdgWa1Ott3vZN5dthiWFOMVgGbw5HdZpdHXZTdvWmnK8T13DiFo5
Zh2nAhnwFOHsegUfggYshryfOrwUShp96awlq02UEOmWBsMs0uYzrUdGuOENs13B
VJpxAgMBAAGjggL/MIIC+zAdBgNVHQ4EFgQUZFhvs0ONdhVEVAgv+FVrPRPxcbcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYz
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC82MzAvWkZodnMwT05kaFZFVkFndi1GVnJQUlB4Y2JjLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA5dwwga4GCCsGAQUFBwEHAQH/BIGeMIGb
MIGJBAIAATCBggMEA2dAGDAMAwQCZ0CMAwQCZ0CQAwQCZ0CYAwQCZ0DQMAwDBAJn
Q2QDBANnQ5ADBAJnQ9QwDAMEBGfecAMEBGfegDAMAwQDZ97YAwQCZ97oAwQCZ97w
AwQEZ98QMAwDBAZn30ADBANn32ADBAJn33wDBAJn+4ADBAZ5LgADBAZ5LoAwDQQC
AAIwBwMFACQGWIAwDQYJKoZIhvcNAQELBQADggEBAGebn+gT9dOOglDfCUA80wSO
n5XleKLCiCQ9dTWMtndLPfAILJWQT3AiRiCQAFovssUhM/KZ1GB3Dqp2EpcgJdSt
9Br6DbK+fVKjUzhOdGPx8YSLhF0hZorfbmo1YH2UjWLGrYrDUY3Z0jkDE7sEGs2C
ezLI8P2XMXXGcvsZ42bVWyUgrQ6KAvZK/0RbiJZUTaIUblUkrvBppkGCA0TMdLeL
lOLpj2Xw1oEsV9UR5j2F3DxSlO9SHkO3/TyCJGW/avxxeStEeAQCHjeiVhbC5XZn
Mwqy7cWYc9zCLZu+XMj9AH/rBXOD5AEIXx63FOe2hBqIg2Byan4lfaPCo6u+YI4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:14:39 2024 by rpki-client on console-ams.rpki-client.org