Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Zb_C4au4pROFT-AlpFB2SSgzVbc.cer
File: Zb_C4au4pROFT-AlpFB2SSgzVbc.cer (raw, json)
Hash identifier: XJcUZuctt3Ln5ysGdn9zLygMknP38Xv/WLol+0GlRAc=
Subject key identifier: 65:BF:C2:E1:AB:B8:A5:13:85:4F:E0:25:A4:50:76:49:28:33:55:B7
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CE85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/Zb_C4au4pROFT-AlpFB2SSgzVbc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:15:02 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 17965
AS: 24136
AS: 24151 -- 24152
AS: 24406
AS: 24408 -- 24409
AS: 58858
IP: 1.2.4.0/24
IP: 1.2.8.0/24
IP: 42.83.128.0/17
IP: 43.254.4.0/22
IP: 103.249.188.0/22
IP: 125.208.32.0/19
IP: 203.99.16.0/22
IP: 203.119.24.0 -- 203.119.35.255
IP: 210.2.4.0/24
IP: 218.241.96.0/19
IP: 2001:dc7::/32
IP: 2001:dd8:1::/48
IP: 2406:2700::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52869 (0xce85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:15:02 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=65BFC2E1ABB8A513854FE025A4507649283355B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:0f:6b:96:ca:88:05:c4:77:3c:65:c6:97:
97:6d:15:25:87:b0:25:0c:ef:49:c1:c5:e6:7e:bb:
26:f3:e7:c9:b5:22:29:94:45:a2:63:d2:9c:26:19:
c3:79:f9:3f:d9:74:c3:65:33:f7:82:27:da:96:df:
68:dd:ca:ff:1e:2f:06:16:34:71:c1:7a:32:e7:74:
01:a5:00:4d:9d:a3:c8:21:74:7c:7b:cd:e4:a5:b7:
b8:fe:d7:9b:c0:1d:96:43:fd:d7:1d:17:b6:49:a7:
4d:5a:b8:c3:8f:a3:7d:c8:a2:90:66:a1:14:38:8b:
74:15:d4:ab:1e:fe:e2:09:14:4d:75:d5:e7:5f:9e:
10:db:be:bf:fa:d4:99:ae:5c:74:df:56:fa:93:ef:
29:15:b7:c6:35:2e:9e:cf:98:25:39:dc:a3:da:8b:
67:6a:01:56:e6:f0:c8:3b:65:6b:4b:f5:a7:20:e3:
54:25:5d:cc:af:e8:6f:dc:90:59:9d:5e:b9:78:63:
c5:19:ef:3b:b9:3e:65:1c:0f:a7:92:d3:71:fc:9a:
aa:f2:7a:cf:b2:36:e4:2d:74:b7:45:0c:85:b8:16:
d8:b4:86:e7:87:71:a4:b5:36:2f:23:8a:14:10:99:
63:51:2b:55:a1:ab:6d:7c:13:9a:bb:03:46:01:29:
1e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BF:C2:E1:AB:B8:A5:13:85:4F:E0:25:A4:50:76:49:28:33:55:B7
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/Zb_C4au4pROFT-AlpFB2SSgzVbc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17965
24136
24151-24152
24406
24408-24409
58858
sbgp-ipAddrBlock: critical
IPv4:
1.2.4.0/24
1.2.8.0/24
42.83.128.0/17
43.254.4.0/22
103.249.188.0/22
125.208.32.0/19
203.99.16.0/22
203.119.24.0-203.119.35.255
210.2.4.0/24
218.241.96.0/19
IPv6:
2001:dc7::/32
2001:dd8:1::/48
2406:2700::/32
Signature Algorithm: sha256WithRSAEncryption
76:4c:53:68:33:d3:71:6e:a2:7c:a8:c1:a2:f6:fe:dd:fa:ba:
ab:23:8f:9b:9e:92:96:43:9d:f5:b8:cf:2c:06:76:c4:de:aa:
05:0f:98:42:74:25:77:83:13:33:c2:f5:ec:73:9c:df:0c:5a:
f6:8c:05:d3:a9:17:c3:35:05:df:f6:0e:4c:ba:5e:b5:90:46:
56:b6:41:be:74:ae:05:22:a5:c3:d8:e4:28:09:cc:c3:14:db:
fe:13:1c:a3:3d:76:9b:d6:1c:24:65:ef:f4:5f:c0:db:ae:e4:
d3:14:94:d8:ce:04:60:bb:46:ec:32:99:cb:19:e8:61:5a:43:
48:24:29:d6:32:f9:ee:d0:2d:9b:d4:f5:06:f7:a4:2b:1f:5a:
c3:49:69:e8:b7:82:89:bd:33:e6:6b:1d:a9:37:a2:f3:38:ca:
66:de:a6:99:6a:d1:fb:f0:f7:69:9b:5f:77:ef:16:76:3d:22:
12:95:69:65:0f:da:56:12:bf:dc:c1:f3:14:5a:49:ec:5a:f7:
42:ac:82:8c:15:51:76:2c:9b:03:9d:7e:f0:aa:d2:46:d7:26:
5a:da:30:90:ef:3e:5e:47:a8:bc:3f:da:93:fe:ad:72:c8:53:
06:7c:fd:9e:4d:32:3d:73:ba:c0:e8:19:87:b6:82:d0:b9:48:
0a:96:11:64
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIDAM6FMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE1MDJaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDY1QkZDMkUxQUJCOEE1MTM4NTRGRTAyNUE0NTA3NjQ5MjgzMzU1
QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOOw9rlsqIBcR3PGXG
l5dtFSWHsCUM70nBxeZ+uybz58m1IimURaJj0pwmGcN5+T/ZdMNlM/eCJ9qW32jd
yv8eLwYWNHHBejLndAGlAE2do8ghdHx7zeSlt7j+15vAHZZD/dcdF7ZJp01auMOP
o33IopBmoRQ4i3QV1Kse/uIJFE111edfnhDbvr/61JmuXHTfVvqT7ykVt8Y1Lp7P
mCU53KPai2dqAVbm8Mg7ZWtL9acg41QlXcyv6G/ckFmdXrl4Y8UZ7zu5PmUcD6eS
03H8mqryes+yNuQtdLdFDIW4Fti0hueHcaS1Ni8jihQQmWNRK1Whq218E5q7A0YB
KR73AgMBAAGjggLsMIIC6DAdBgNVHQ4EFgQUZb/C4au4pROFT+AlpFB2SSgzVbcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIw
Ni8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yMDYvWmJfQzRhdTRwUk9GVC1BbHBGQjJTU2d6VmJjLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA6
BggrBgEFBQcBCAEB/wQrMCmgJzAlAgJGLQICXkgwCAICXlcCAl5YAgJfVjAIAgJf
WAICX1kCAwDl6jB8BggrBgEFBQcBBwEB/wRtMGswSgQCAAEwRAMEAAECBAMEAAEC
CAMEBypTgAMEAiv+BAMEAmf5vAMEBX3QIAMEAstjEDAMAwQDy3cYAwQCy3cgAwQA
0gIEAwQF2vFgMB0EAgACMBcDBQAgAQ3HAwcAIAEN2AABAwUAJAYnADANBgkqhkiG
9w0BAQsFAAOCAQEAdkxTaDPTcW6ifKjBovb+3fq6qyOPm56SlkOd9bjPLAZ2xN6q
BQ+YQnQld4MTM8L17HOc3wxa9owF06kXwzUF3/YOTLpetZBGVrZBvnSuBSKlw9jk
KAnMwxTb/hMcoz12m9YcJGXv9F/A267k0xSU2M4EYLtG7DKZyxnoYVpDSCQp1jL5
7tAtm9T1BvekKx9aw0lp6LeCib0z5msdqTei8zjKZt6mmWrR+/D3aZtfd+8Wdj0i
EpVpZQ/aVhK/3MHzFFpJ7Fr3QqyCjBVRdiybA51+8KrSRtcmWtowkO8+XkeovD/a
k/6tcshTBnz9nk0yPXO6wOgZh7aC0LlICpYRZA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:16:33 2025 by rpki-client