$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/_oQChpLxLQXu2qBVm09ecNjMNDA.cer File: _oQChpLxLQXu2qBVm09ecNjMNDA.cer (raw, json) Hash identifier: 5Q9NspGAgpdDvy6qvOMFZLQRrDt+AuFJ/zubVn12w7w= Subject key identifier: FE:84:02:86:92:F1:2D:05:EE:DA:A0:55:9B:4F:5E:70:D8:CC:34:30 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 38FA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/_oQChpLxLQXu2qBVm09ecNjMNDA.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 15 Nov 2024 10:06:02 +0000 Certificate not after: Sat 18 Oct 2025 02:16:55 +0000 Subordinate resources: IP: 160.250.14.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14586 (0x38fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Nov 15 10:06:02 2024 GMT Not After : Oct 18 02:16:55 2025 GMT Subject: CN=FE84028692F12D05EEDAA0559B4F5E70D8CC3430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:6e:32:cd:d4:45:ab:7a:f8:3e:67:12:84:77: f8:19:c1:e7:3b:a9:5f:95:7c:91:fd:d2:2b:a0:86: 4b:39:bd:22:b1:57:ff:c3:c5:41:f1:db:98:96:39: 23:dc:3f:5b:0b:8d:dd:79:ea:a9:d1:75:4f:0d:da: 6f:92:28:10:06:5e:cf:14:94:0c:79:8e:e5:e6:98: 7c:b0:49:61:e3:26:67:28:17:39:77:e9:14:c6:c8: e9:ce:93:47:a7:95:c9:ee:29:a8:a6:b8:0d:cc:be: 07:93:d7:51:db:fc:1f:af:96:2d:02:05:23:af:d9: 7f:04:11:5e:b5:8b:ef:6f:8d:74:04:bf:ab:be:7e: 91:70:f9:fc:06:5e:fb:6c:f3:54:e0:57:28:1f:3a: 26:90:e6:2c:4c:6d:2c:38:80:e5:fa:46:ad:42:2f: 63:87:12:59:18:02:1e:48:bd:0e:9b:7b:75:58:88: 7e:84:d2:b6:52:09:12:52:dc:c0:eb:d0:81:32:af: e7:75:12:49:01:d4:95:7c:07:a0:a6:72:7e:bd:90: bb:ec:38:d8:64:c5:da:9b:95:e4:19:6e:bd:2d:d8: 84:fb:25:5d:37:21:61:38:67:83:52:da:47:5b:63: a3:27:e4:78:15:17:8b:dc:15:70:d4:2f:14:79:75: 9c:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:84:02:86:92:F1:2D:05:EE:DA:A0:55:9B:4F:5E:70:D8:CC:34:30 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/_oQChpLxLQXu2qBVm09ecNjMNDA.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.250.14.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:73:9f:bc:9e:c6:6c:c2:99:7c:3e:f0:55:c8:3a:03:db:23: c0:47:f4:c0:2d:47:a3:ac:09:68:21:ba:0c:12:80:13:78:16: 83:c3:f3:57:8b:56:86:0c:33:c2:7b:f1:e9:96:9e:c1:36:c5: fa:e0:b9:bd:b2:02:39:9f:f8:c4:d8:59:d8:cd:c0:c6:47:a0: 0c:5a:9c:38:61:49:28:c4:e8:98:90:ad:92:45:a6:c4:a3:93: 02:fc:fb:ef:63:3f:3c:54:33:48:25:d1:ec:2c:b4:7d:e1:8b: 9d:7e:89:87:32:9b:f7:08:ed:e4:4c:db:54:34:6d:03:21:8a: dd:c9:4b:fa:d2:53:78:3c:cf:27:ce:d0:8f:61:a2:de:76:95: ca:df:3c:19:5a:9d:ba:62:d1:92:2f:b2:9a:f1:d2:25:a0:37: 75:58:7a:56:28:d5:6d:f3:03:0a:14:46:6c:d5:81:99:96:5e: ac:02:1d:ce:41:bd:75:2e:2b:dd:3e:7a:0c:46:1c:32:63:80: d5:20:b7:f8:b4:0c:7f:81:6b:61:df:38:aa:44:d9:f3:20:2a: 54:fb:51:38:83:8f:22:c8:1e:c3:24:91:e4:4d:a6:c1:7f:d4: 12:a9:af:e3:5d:a7:40:31:67:49:ce:d1:de:b8:a8:16:22:de: bc:b6:ee:e5 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICOPowDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MTExNTEwMDYwMloXDTI1MTAxODAyMTY1NVowMzEx MC8GA1UEAxMoRkU4NDAyODY5MkYxMkQwNUVFREFBMDU1OUI0RjVFNzBEOENDMzQz MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPluMs3URat6+D5nEoR3 +BnB5zupX5V8kf3SK6CGSzm9IrFX/8PFQfHbmJY5I9w/WwuN3XnqqdF1Tw3ab5Io EAZezxSUDHmO5eaYfLBJYeMmZygXOXfpFMbI6c6TR6eVye4pqKa4Dcy+B5PXUdv8 H6+WLQIFI6/ZfwQRXrWL72+NdAS/q75+kXD5/AZe+2zzVOBXKB86JpDmLExtLDiA 5fpGrUIvY4cSWRgCHki9Dpt7dViIfoTStlIJElLcwOvQgTKv53USSQHUlXwHoKZy fr2Qu+w42GTF2puV5BluvS3YhPslXTchYThng1LaR1tjoyfkeBUXi9wVcNQvFHl1 nK8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBT+hAKGkvEtBe7aoFWbT15w2Mw0MDAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy NC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzI0L19vUUNocEx4TFFYdTJxQlZtMDllY05qTU5EQS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg+g4wDQYJKoZIhvcNAQELBQAD ggEBAFpzn7yexmzCmXw+8FXIOgPbI8BH9MAtR6OsCWghugwSgBN4FoPD81eLVoYM M8J78emWnsE2xfrgub2yAjmf+MTYWdjNwMZHoAxanDhhSSjE6JiQrZJFpsSjkwL8 ++9jPzxUM0gl0ewstH3hi51+iYcym/cI7eRM21Q0bQMhit3JS/rSU3g8zyfO0I9h ot52lcrfPBlanbpi0ZIvsprx0iWgN3VYelYo1W3zAwoURmzVgZmWXqwCHc5BvXUu K90+egxGHDJjgNUgt/i0DH+Ba2HfOKpE2fMgKlT7UTiDjyLIHsMkkeRNpsF/1BKp r+Ndp0AxZ0nO0d64qBYi3ry27uU= -----END CERTIFICATE-----Generated at Sat Nov 23 01:15:53 2024 by rpki-client on console-fra.rpki-client.org