Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Zb_C4au4pROFT-AlpFB2SSgzVbc.cer
File: Zb_C4au4pROFT-AlpFB2SSgzVbc.cer (raw, json)
Hash identifier: 5eFnyqh/kOfzTRAS5iWRF+bi6S5tAqapwWxAFnY7S80=
Subject key identifier: 65:BF:C2:E1:AB:B8:A5:13:85:4F:E0:25:A4:50:76:49:28:33:55:B7
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AF4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/Zb_C4au4pROFT-AlpFB2SSgzVbc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:23:39 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 17965
AS: 24136
AS: 24151 -- 24152
AS: 24406
AS: 24408 -- 24409
AS: 58858
IP: 1.2.4.0/24
IP: 1.2.8.0/24
IP: 42.83.128.0/17
IP: 43.254.4.0/22
IP: 103.249.188.0/22
IP: 125.208.32.0/19
IP: 203.99.16.0/22
IP: 203.119.24.0 -- 203.119.35.255
IP: 210.2.4.0/24
IP: 218.241.96.0/19
IP: 2001:dc7::/32
IP: 2001:dd8:1::/48
IP: 2406:2700::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 May 2024 15:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44877 (0xaf4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:23:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=65BFC2E1ABB8A513854FE025A4507649283355B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:0f:6b:96:ca:88:05:c4:77:3c:65:c6:97:
97:6d:15:25:87:b0:25:0c:ef:49:c1:c5:e6:7e:bb:
26:f3:e7:c9:b5:22:29:94:45:a2:63:d2:9c:26:19:
c3:79:f9:3f:d9:74:c3:65:33:f7:82:27:da:96:df:
68:dd:ca:ff:1e:2f:06:16:34:71:c1:7a:32:e7:74:
01:a5:00:4d:9d:a3:c8:21:74:7c:7b:cd:e4:a5:b7:
b8:fe:d7:9b:c0:1d:96:43:fd:d7:1d:17:b6:49:a7:
4d:5a:b8:c3:8f:a3:7d:c8:a2:90:66:a1:14:38:8b:
74:15:d4:ab:1e:fe:e2:09:14:4d:75:d5:e7:5f:9e:
10:db:be:bf:fa:d4:99:ae:5c:74:df:56:fa:93:ef:
29:15:b7:c6:35:2e:9e:cf:98:25:39:dc:a3:da:8b:
67:6a:01:56:e6:f0:c8:3b:65:6b:4b:f5:a7:20:e3:
54:25:5d:cc:af:e8:6f:dc:90:59:9d:5e:b9:78:63:
c5:19:ef:3b:b9:3e:65:1c:0f:a7:92:d3:71:fc:9a:
aa:f2:7a:cf:b2:36:e4:2d:74:b7:45:0c:85:b8:16:
d8:b4:86:e7:87:71:a4:b5:36:2f:23:8a:14:10:99:
63:51:2b:55:a1:ab:6d:7c:13:9a:bb:03:46:01:29:
1e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BF:C2:E1:AB:B8:A5:13:85:4F:E0:25:A4:50:76:49:28:33:55:B7
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/Zb_C4au4pROFT-AlpFB2SSgzVbc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17965
24136
24151-24152
24406
24408-24409
58858
sbgp-ipAddrBlock: critical
IPv4:
1.2.4.0/24
1.2.8.0/24
42.83.128.0/17
43.254.4.0/22
103.249.188.0/22
125.208.32.0/19
203.99.16.0/22
203.119.24.0-203.119.35.255
210.2.4.0/24
218.241.96.0/19
IPv6:
2001:dc7::/32
2001:dd8:1::/48
2406:2700::/32
Signature Algorithm: sha256WithRSAEncryption
75:07:89:2c:dc:a6:06:b2:bd:9a:04:84:f9:3d:81:3a:cd:51:
55:f5:c1:89:cf:7f:23:42:4d:e8:da:7a:95:d9:34:99:c6:2c:
96:cc:e8:4b:4a:48:fd:c9:eb:01:cb:d9:87:ab:85:b8:dd:73:
68:42:17:66:be:29:55:eb:c5:f5:bc:4c:f3:76:b1:f1:e7:f0:
ca:2e:a2:c1:ab:0b:5f:01:2b:58:24:5d:46:4c:e7:ce:b3:5d:
5d:36:02:66:7e:fa:08:68:16:0a:3f:dd:89:15:8e:8f:ab:56:
10:c1:a0:d0:ed:72:7e:e7:c7:d3:34:c5:9a:a9:28:d3:bd:28:
ed:94:e6:07:e3:6b:9c:4c:ec:79:f2:88:b0:26:ba:b8:ca:0f:
4f:33:80:e1:ea:33:ed:3e:46:b8:d5:61:d1:54:6e:e2:44:71:
aa:8e:d8:65:8d:30:13:6c:8b:d4:b7:63:ea:92:6d:54:f5:00:
90:86:f4:49:f6:53:c3:a0:c6:7a:e5:0b:ca:6a:96:8d:de:d1:
cb:84:87:56:74:53:94:88:52:85:08:a4:0d:0b:18:0b:eb:e5:
57:19:fb:da:58:c7:68:5c:a6:77:af:f3:0d:76:2e:39:ca:81:
bc:1e:d0:1d:48:78:2e:6c:21:e0:b9:e9:f3:09:98:50:0a:13:
07:b8:86:63
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIDAK9NMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIzMzlaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDY1QkZDMkUxQUJCOEE1MTM4NTRGRTAyNUE0NTA3NjQ5MjgzMzU1
QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOOw9rlsqIBcR3PGXG
l5dtFSWHsCUM70nBxeZ+uybz58m1IimURaJj0pwmGcN5+T/ZdMNlM/eCJ9qW32jd
yv8eLwYWNHHBejLndAGlAE2do8ghdHx7zeSlt7j+15vAHZZD/dcdF7ZJp01auMOP
o33IopBmoRQ4i3QV1Kse/uIJFE111edfnhDbvr/61JmuXHTfVvqT7ykVt8Y1Lp7P
mCU53KPai2dqAVbm8Mg7ZWtL9acg41QlXcyv6G/ckFmdXrl4Y8UZ7zu5PmUcD6eS
03H8mqryes+yNuQtdLdFDIW4Fti0hueHcaS1Ni8jihQQmWNRK1Whq218E5q7A0YB
KR73AgMBAAGjggLsMIIC6DAdBgNVHQ4EFgQUZb/C4au4pROFT+AlpFB2SSgzVbcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIw
Ni8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yMDYvWmJfQzRhdTRwUk9GVC1BbHBGQjJTU2d6VmJjLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA6
BggrBgEFBQcBCAEB/wQrMCmgJzAlAgJGLQICXkgwCAICXlcCAl5YAgJfVjAIAgJf
WAICX1kCAwDl6jB8BggrBgEFBQcBBwEB/wRtMGswSgQCAAEwRAMEAAECBAMEAAEC
CAMEBypTgAMEAiv+BAMEAmf5vAMEBX3QIAMEAstjEDAMAwQDy3cYAwQCy3cgAwQA
0gIEAwQF2vFgMB0EAgACMBcDBQAgAQ3HAwcAIAEN2AABAwUAJAYnADANBgkqhkiG
9w0BAQsFAAOCAQEAdQeJLNymBrK9mgSE+T2BOs1RVfXBic9/I0JN6Np6ldk0mcYs
lszoS0pI/cnrAcvZh6uFuN1zaEIXZr4pVevF9bxM83ax8efwyi6iwasLXwErWCRd
RkznzrNdXTYCZn76CGgWCj/diRWOj6tWEMGg0O1yfufH0zTFmqko070o7ZTmB+Nr
nEzsefKIsCa6uMoPTzOA4eoz7T5GuNVh0VRu4kRxqo7YZY0wE2yL1Ldj6pJtVPUA
kIb0SfZTw6DGeuULymqWjd7Ry4SHVnRTlIhShQikDQsYC+vlVxn72ljHaFymd6/z
DXYuOcqBvB7QHUh4Lmwh4Lnp8wmYUAoTB7iGYw==
-----END CERTIFICATE-----
Generated at Sun May 19 10:14:57 2024 by rpki-client on console-fra.rpki-client.org