$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/_i1c0c9OKHJuJ3MPCnRmYEf68K4.cer File: _i1c0c9OKHJuJ3MPCnRmYEf68K4.cer (raw, json) Hash identifier: t/qsTDDY5dJdOCDk7SIRwJ3zu8Y2PpJ3rjTHFJ1W2Mw= Subject key identifier: FE:2D:5C:D1:CF:4E:28:72:6E:27:73:0F:0A:74:66:60:47:FA:F0:AE Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BBA3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/_i1c0c9OKHJuJ3MPCnRmYEf68K4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:52:09 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 2400:6da0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48035 (0xbba3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:52:09 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=FE2D5CD1CF4E28726E27730F0A74666047FAF0AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:bc:38:b9:d0:94:29:89:95:83:4b:59:06:b9: 72:86:0e:d4:db:ed:cd:b7:09:1b:9c:41:1f:26:bb: 4d:01:c5:85:cd:56:c1:6d:b6:55:d7:bf:30:4e:25: 24:e8:79:64:4c:0d:33:14:e3:c7:68:1e:e4:d3:cc: d3:0e:7b:92:55:0b:d4:73:8c:5e:1b:de:d8:e1:6e: dd:28:49:7f:da:27:8a:60:07:9e:c8:f9:0d:bf:1e: bb:74:74:7b:d6:b3:0f:d3:2f:6f:52:71:ba:c9:f5: a2:13:cd:d2:99:b4:e9:cb:a1:25:da:b0:b4:7a:54: 12:99:51:1d:c1:20:76:8c:56:75:d7:35:1e:e2:a4: bb:19:ab:4d:cb:da:cc:e4:3d:cd:8e:ef:17:fa:03: 77:b9:56:d3:d7:78:85:04:12:3c:b8:45:ea:b3:0e: 75:c6:27:af:2c:33:4b:c6:77:bf:32:cb:d9:7f:0a: 05:d0:e2:2a:50:e0:d3:0a:ff:96:11:dc:3e:92:e4: bf:13:7d:e9:2b:2d:3b:83:c2:29:34:6d:52:5e:a5: 56:27:87:f8:20:bf:f6:5e:1d:55:c7:f5:d1:63:0d: 4a:d5:ad:16:c0:71:f3:e2:97:bc:f0:ce:bf:e1:a3: 18:4d:d3:f1:e1:7c:05:57:47:00:9d:c1:1c:44:95: 00:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:2D:5C:D1:CF:4E:28:72:6E:27:73:0F:0A:74:66:60:47:FA:F0:AE X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/_i1c0c9OKHJuJ3MPCnRmYEf68K4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:6da0::/32 Signature Algorithm: sha256WithRSAEncryption b6:0e:2a:6e:f6:fe:0d:99:d5:ed:89:9f:a5:dd:42:47:3f:3c: 0e:aa:24:2c:d5:29:f0:26:95:14:51:5c:79:9a:8a:12:b2:4b: 45:f8:d8:e5:c2:c2:20:68:0a:49:9d:62:11:78:a4:05:7e:11: f9:07:a4:1d:22:94:3f:fc:71:4d:7d:4f:3e:ec:c1:bd:1c:28: a9:6d:5d:65:82:83:38:e9:32:ca:0d:3c:96:6a:9d:8f:67:40: e7:11:c0:96:15:1f:a9:28:2c:5f:09:f8:8c:b8:26:4c:45:96: b2:eb:ab:2f:22:a1:1a:16:46:50:b2:e5:b8:d4:b1:d1:4b:ef: f8:92:60:4d:4e:71:ab:41:c2:9c:68:4e:c2:2b:17:78:58:a7: 79:38:0d:ba:04:2d:9e:20:4b:07:cc:d0:2f:60:f3:c7:98:5f: c7:f6:74:30:cb:5c:b7:73:60:a5:00:52:36:99:43:57:46:a0: 0f:32:96:33:3a:a8:69:b8:b1:41:63:b7:28:42:64:c7:a1:fd: d8:8f:e6:b1:3a:65:4a:50:a5:7d:5a:3d:1d:a4:70:db:e1:8a: 5e:d1:8d:ee:60:b3:c9:a1:54:d2:83:fa:4a:af:8f:87:5d:ca: 71:a4:56:aa:98:f4:d5:9e:f9:b4:5b:f4:98:60:3a:d1:65:35: b6:54:d7:85 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDALujMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUyMDlaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKEZFMkQ1Q0QxQ0Y0RTI4NzI2RTI3NzMwRjBBNzQ2NjYwNDdGQUYw QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4vDi50JQpiZWDS1kG uXKGDtTb7c23CRucQR8mu00BxYXNVsFttlXXvzBOJSToeWRMDTMU48doHuTTzNMO e5JVC9RzjF4b3tjhbt0oSX/aJ4pgB57I+Q2/Hrt0dHvWsw/TL29ScbrJ9aITzdKZ tOnLoSXasLR6VBKZUR3BIHaMVnXXNR7ipLsZq03L2szkPc2O7xf6A3e5VtPXeIUE Ejy4ReqzDnXGJ68sM0vGd78yy9l/CgXQ4ipQ4NMK/5YR3D6S5L8TfekrLTuDwik0 bVJepVYnh/ggv/ZeHVXH9dFjDUrVrRbAcfPil7zwzr/hoxhN0/HhfAVXRwCdwRxE lQDvAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQU/i1c0c9OKHJuJ3MPCnRmYEf68K4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMx NDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzE0My9faTFjMGM5T0tISnVKM01QQ25SbVlFZjY4SzQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJABtoDANBgkqhkiG9w0BAQsF AAOCAQEAtg4qbvb+DZnV7Ymfpd1CRz88DqokLNUp8CaVFFFceZqKErJLRfjY5cLC IGgKSZ1iEXikBX4R+QekHSKUP/xxTX1PPuzBvRwoqW1dZYKDOOkyyg08lmqdj2dA 5xHAlhUfqSgsXwn4jLgmTEWWsuurLyKhGhZGULLluNSx0Uvv+JJgTU5xq0HCnGhO wisXeFineTgNugQtniBLB8zQL2Dzx5hfx/Z0MMtct3NgpQBSNplDV0agDzKWMzqo abixQWO3KEJkx6H92I/msTplSlClfVo9HaRw2+GKXtGN7mCzyaFU0oP6Sq+Ph13K caRWqpj01Z75tFv0mGA60WU1tlTXhQ== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:40 2024 by rpki-client on console-ams.rpki-client.org