Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Zb_C4au4pROFT-AlpFB2SSgzVbc.cer
File: Zb_C4au4pROFT-AlpFB2SSgzVbc.cer (raw, json)
Hash identifier: 0QAOqOJZ2YdGCCscvQyrmL006WORtMrLtTahCLVyKfs=
Subject key identifier: 65:BF:C2:E1:AB:B8:A5:13:85:4F:E0:25:A4:50:76:49:28:33:55:B7
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BC71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/Zb_C4au4pROFT-AlpFB2SSgzVbc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:56:12 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 17965
AS: 24136
AS: 24151 -- 24152
AS: 24406
AS: 24408 -- 24409
AS: 58858
IP: 1.2.4.0/24
IP: 1.2.8.0/24
IP: 42.83.128.0/17
IP: 43.254.4.0/22
IP: 103.249.188.0/22
IP: 125.208.32.0/19
IP: 203.99.16.0/22
IP: 203.119.24.0 -- 203.119.35.255
IP: 210.2.4.0/24
IP: 218.241.96.0/19
IP: 2001:dc7::/32
IP: 2001:dd8:1::/48
IP: 2406:2700::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48241 (0xbc71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:56:12 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=65BFC2E1ABB8A513854FE025A4507649283355B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:0f:6b:96:ca:88:05:c4:77:3c:65:c6:97:
97:6d:15:25:87:b0:25:0c:ef:49:c1:c5:e6:7e:bb:
26:f3:e7:c9:b5:22:29:94:45:a2:63:d2:9c:26:19:
c3:79:f9:3f:d9:74:c3:65:33:f7:82:27:da:96:df:
68:dd:ca:ff:1e:2f:06:16:34:71:c1:7a:32:e7:74:
01:a5:00:4d:9d:a3:c8:21:74:7c:7b:cd:e4:a5:b7:
b8:fe:d7:9b:c0:1d:96:43:fd:d7:1d:17:b6:49:a7:
4d:5a:b8:c3:8f:a3:7d:c8:a2:90:66:a1:14:38:8b:
74:15:d4:ab:1e:fe:e2:09:14:4d:75:d5:e7:5f:9e:
10:db:be:bf:fa:d4:99:ae:5c:74:df:56:fa:93:ef:
29:15:b7:c6:35:2e:9e:cf:98:25:39:dc:a3:da:8b:
67:6a:01:56:e6:f0:c8:3b:65:6b:4b:f5:a7:20:e3:
54:25:5d:cc:af:e8:6f:dc:90:59:9d:5e:b9:78:63:
c5:19:ef:3b:b9:3e:65:1c:0f:a7:92:d3:71:fc:9a:
aa:f2:7a:cf:b2:36:e4:2d:74:b7:45:0c:85:b8:16:
d8:b4:86:e7:87:71:a4:b5:36:2f:23:8a:14:10:99:
63:51:2b:55:a1:ab:6d:7c:13:9a:bb:03:46:01:29:
1e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BF:C2:E1:AB:B8:A5:13:85:4F:E0:25:A4:50:76:49:28:33:55:B7
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/206/Zb_C4au4pROFT-AlpFB2SSgzVbc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17965
24136
24151-24152
24406
24408-24409
58858
sbgp-ipAddrBlock: critical
IPv4:
1.2.4.0/24
1.2.8.0/24
42.83.128.0/17
43.254.4.0/22
103.249.188.0/22
125.208.32.0/19
203.99.16.0/22
203.119.24.0-203.119.35.255
210.2.4.0/24
218.241.96.0/19
IPv6:
2001:dc7::/32
2001:dd8:1::/48
2406:2700::/32
Signature Algorithm: sha256WithRSAEncryption
26:c2:64:5c:e2:d1:05:47:84:ae:34:6a:66:9a:d9:42:42:44:
88:26:3d:43:9b:be:f9:9c:f2:94:5b:c1:5c:4b:0a:84:91:b1:
46:f1:02:14:9d:68:b2:3b:5d:dd:2e:06:84:aa:52:95:08:f9:
8a:37:45:7a:34:1f:8f:81:84:12:c3:f7:3e:ed:55:01:f1:8c:
5a:54:d2:c5:1f:6b:d4:b4:7f:ac:6a:a9:2f:fd:2f:5e:c5:39:
28:e1:ad:a3:23:26:a8:e6:2f:64:62:a2:83:b8:3a:1f:9f:8c:
47:f8:c7:41:42:31:9f:98:5a:32:1f:0e:35:01:82:72:79:c7:
35:67:3f:f8:38:71:db:39:c2:a7:2d:6e:00:5a:66:26:b0:41:
02:f1:64:2a:5b:8e:46:fb:3e:85:b9:61:2e:a1:68:33:a7:39:
14:a1:ea:70:2a:e5:46:67:ab:6c:59:b9:36:53:b1:88:25:83:
47:28:81:b5:3e:79:03:8d:07:83:c3:2c:56:e7:e2:06:dc:48:
79:e2:43:4e:08:32:d8:07:83:b6:39:25:d5:2a:75:44:15:9c:
bd:f4:96:b6:71:a4:86:50:16:9c:14:5a:a8:96:e0:43:90:cb:
c9:85:bb:5b:be:6e:7c:45:bb:39:9d:47:be:80:01:6c:8d:3a:
a2:bc:e3:17
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIDALxxMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU2MTJaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDY1QkZDMkUxQUJCOEE1MTM4NTRGRTAyNUE0NTA3NjQ5MjgzMzU1
QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOOw9rlsqIBcR3PGXG
l5dtFSWHsCUM70nBxeZ+uybz58m1IimURaJj0pwmGcN5+T/ZdMNlM/eCJ9qW32jd
yv8eLwYWNHHBejLndAGlAE2do8ghdHx7zeSlt7j+15vAHZZD/dcdF7ZJp01auMOP
o33IopBmoRQ4i3QV1Kse/uIJFE111edfnhDbvr/61JmuXHTfVvqT7ykVt8Y1Lp7P
mCU53KPai2dqAVbm8Mg7ZWtL9acg41QlXcyv6G/ckFmdXrl4Y8UZ7zu5PmUcD6eS
03H8mqryes+yNuQtdLdFDIW4Fti0hueHcaS1Ni8jihQQmWNRK1Whq218E5q7A0YB
KR73AgMBAAGjggLsMIIC6DAdBgNVHQ4EFgQUZb/C4au4pROFT+AlpFB2SSgzVbcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIw
Ni8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yMDYvWmJfQzRhdTRwUk9GVC1BbHBGQjJTU2d6VmJjLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA6
BggrBgEFBQcBCAEB/wQrMCmgJzAlAgJGLQICXkgwCAICXlcCAl5YAgJfVjAIAgJf
WAICX1kCAwDl6jB8BggrBgEFBQcBBwEB/wRtMGswSgQCAAEwRAMEAAECBAMEAAEC
CAMEBypTgAMEAiv+BAMEAmf5vAMEBX3QIAMEAstjEDAMAwQDy3cYAwQCy3cgAwQA
0gIEAwQF2vFgMB0EAgACMBcDBQAgAQ3HAwcAIAEN2AABAwUAJAYnADANBgkqhkiG
9w0BAQsFAAOCAQEAJsJkXOLRBUeErjRqZprZQkJEiCY9Q5u++ZzylFvBXEsKhJGx
RvECFJ1osjtd3S4GhKpSlQj5ijdFejQfj4GEEsP3Pu1VAfGMWlTSxR9r1LR/rGqp
L/0vXsU5KOGtoyMmqOYvZGKig7g6H5+MR/jHQUIxn5haMh8ONQGCcnnHNWc/+Dhx
2znCpy1uAFpmJrBBAvFkKluORvs+hblhLqFoM6c5FKHqcCrlRmerbFm5NlOxiCWD
RyiBtT55A40Hg8MsVufiBtxIeeJDTggy2AeDtjkl1Sp1RBWcvfSWtnGkhlAWnBRa
qJbgQ5DLyYW7W75ufEW7OZ1HvoABbI06orzjFw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:27 2024 by rpki-client on console-fra.rpki-client.org