$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/_70kcyBFw5hrQE607oXp9AdJ-ms.cer File: _70kcyBFw5hrQE607oXp9AdJ-ms.cer (raw, json) Hash identifier: bPG+p5ZDBvyfCu8vkcqRTygoBr2MbnFPY6s53S9TVgc= Subject key identifier: FF:BD:24:73:20:45:C3:98:6B:40:4E:B4:EE:85:E9:F4:07:49:FA:6B Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AEDD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3217/_70kcyBFw5hrQE607oXp9AdJ-ms.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3217/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:21:42 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 103.134.232.0/23 IP: 2400:fb60::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 10:56:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44765 (0xaedd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:21:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=FFBD24732045C3986B404EB4EE85E9F40749FA6B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:72:e8:2d:1e:3d:d2:b1:aa:d1:3a:73:1f:a5: 7f:67:5d:db:6b:4f:fe:33:d2:eb:55:c1:31:6b:c1: e8:88:44:f1:44:47:33:fa:5c:b0:aa:5c:cb:5f:7c: fb:08:d3:ef:45:5b:c5:6a:0c:ed:cf:11:2d:3a:4c: aa:eb:40:cc:fd:bb:53:c1:c0:ef:a8:6b:02:e8:70: e7:9f:6f:c2:d1:e9:c7:b8:22:8f:45:0d:9f:85:c0: af:3d:e6:a1:d9:21:30:d4:26:a8:5f:45:00:f3:af: 87:cb:20:a1:8c:2e:1f:be:82:e4:46:2e:8f:a6:d2: 4a:21:66:9e:8f:84:36:63:2d:fe:25:cc:a0:44:c4: b0:58:bb:02:14:77:33:5b:79:b8:bf:aa:72:b1:5e: e3:7b:f7:e5:c2:1a:6e:ed:cb:e4:9c:e8:75:db:9c: d9:21:5b:57:82:92:bc:75:af:9e:72:40:d6:dc:55: 62:99:da:c6:46:09:49:0f:89:03:1d:a9:0b:17:cd: a7:71:2b:6a:b6:2a:55:8b:24:d5:01:bd:4c:13:79: 8f:ba:ec:bf:d4:6a:d4:f6:e6:af:59:19:c1:40:55: f2:8b:76:64:6b:aa:a3:95:38:5f:59:5b:77:98:94: 45:8a:be:36:42:d7:0b:b4:5f:db:72:eb:8e:54:81: 5f:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:BD:24:73:20:45:C3:98:6B:40:4E:B4:EE:85:E9:F4:07:49:FA:6B X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3217/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3217/_70kcyBFw5hrQE607oXp9AdJ-ms.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.134.232.0/23 IPv6: 2400:fb60::/32 Signature Algorithm: sha256WithRSAEncryption 56:03:d8:73:89:b6:89:fb:f0:1b:78:6e:4a:80:d9:01:93:d6: 12:0c:63:71:32:ff:5d:0a:9b:b1:1b:5f:f5:d5:c1:5d:97:94: cb:13:2f:62:2a:52:a4:0e:4a:d9:bc:2f:6c:ff:79:00:b9:97: 53:ea:ca:45:4b:9e:1b:0b:90:35:1c:42:f2:f6:96:a9:82:ea: 10:82:23:b4:78:9e:80:a1:c5:e5:14:32:e3:ad:0f:f7:a1:82: 96:bd:c1:cf:63:04:c7:6f:14:10:a0:5d:62:cc:5e:c8:ae:d8: 09:ec:2d:da:59:29:88:c1:fa:12:6a:8b:1f:5f:dc:ba:15:a3: fe:1e:b3:6f:ad:3b:8b:79:34:19:f7:92:64:60:1d:8f:97:b0: da:a9:f4:30:4e:66:11:77:0b:f4:ee:4a:6e:0e:cc:c8:1c:cb: d6:f7:84:e2:da:a7:66:ee:48:80:55:f7:74:3f:a8:95:5b:f6: aa:aa:f5:d0:36:50:a8:46:4b:f2:7a:0e:b6:9b:7c:95:96:b9: a6:5e:a7:b6:50:22:59:de:2d:50:ae:c1:a3:9f:a7:11:05:ee: b6:40:f1:93:81:67:a8:d5:50:f4:41:fe:25:33:9c:91:c2:b7: 92:2a:9d:06:da:35:e4:66:b6:39:4d:ae:a7:ba:14:0c:dc:3d: df:b0:55:c8 -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIDAK7dMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIxNDJaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKEZGQkQyNDczMjA0NUMzOTg2QjQwNEVCNEVFODVFOUY0MDc0OUZB NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzcugtHj3SsarROnMf pX9nXdtrT/4z0utVwTFrweiIRPFERzP6XLCqXMtffPsI0+9FW8VqDO3PES06TKrr QMz9u1PBwO+oawLocOefb8LR6ce4Io9FDZ+FwK895qHZITDUJqhfRQDzr4fLIKGM Lh++guRGLo+m0kohZp6PhDZjLf4lzKBExLBYuwIUdzNbebi/qnKxXuN79+XCGm7t y+Sc6HXbnNkhW1eCkrx1r55yQNbcVWKZ2sZGCUkPiQMdqQsXzadxK2q2KlWLJNUB vUwTeY+67L/UatT25q9ZGcFAVfKLdmRrqqOVOF9ZW3eYlEWKvjZC1wu0X9ty645U gV+FAgMBAAGjggJkMIICYDAdBgNVHQ4EFgQU/70kcyBFw5hrQE607oXp9AdJ+msw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MTcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIxNy9fNzBrY3lCRnc1aHJRRTYwN29YcDlBZEotbXMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ4boMA0EAgACMAcDBQAkAPtg MA0GCSqGSIb3DQEBCwUAA4IBAQBWA9hzibaJ+/AbeG5KgNkBk9YSDGNxMv9dCpux G1/11cFdl5TLEy9iKlKkDkrZvC9s/3kAuZdT6spFS54bC5A1HELy9papguoQgiO0 eJ6AocXlFDLjrQ/3oYKWvcHPYwTHbxQQoF1izF7IrtgJ7C3aWSmIwfoSaosfX9y6 FaP+HrNvrTuLeTQZ95JkYB2Pl7DaqfQwTmYRdwv07kpuDszIHMvW94Ti2qdm7kiA Vfd0P6iVW/aqqvXQNlCoRkvyeg62m3yVlrmmXqe2UCJZ3i1QrsGjn6cRBe62QPGT gWeo1VD0Qf4lM5yRwreSKp0G2jXkZrY5Ta6nuhQM3D3fsFXI -----END CERTIFICATE-----Generated at Sun May 19 05:49:00 2024 by rpki-client on console-fra.rpki-client.org