$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/aeIZ61u2_sIhJJFAsoBEtf5Fxxw.cer File: aeIZ61u2_sIhJJFAsoBEtf5Fxxw.cer (raw, json) Hash identifier: PVr4paUiMHWh+Q9EDlqjFxYqjEzNxhQw+DKesHvZTMk= Subject key identifier: 69:E2:19:EB:5B:B6:FE:C2:21:24:91:40:B2:80:44:B5:FE:45:C7:1C Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BCC3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/616/aeIZ61u2_sIhJJFAsoBEtf5Fxxw.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/616/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:57:32 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.249.244.0/22 IP: 163.53.60.0/22 IP: 218.245.48.0/20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48323 (0xbcc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:57:32 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=69E219EB5BB6FEC221249140B28044B5FE45C71C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:15:ab:37:1b:33:ac:d9:b6:0f:e9:41:e2:9e: 34:75:fa:1f:5d:b8:5f:0b:3a:23:85:f4:73:e5:95: de:c5:1a:55:84:e9:2f:58:71:66:91:08:6a:9e:f2: 21:e3:2a:c2:89:8c:09:5e:f6:41:6a:e5:ac:5f:fa: 61:b9:fa:72:0d:d8:0c:88:1f:65:2e:50:03:38:20: fd:5e:ab:bf:a4:99:d7:30:1f:7c:86:30:25:a0:cc: 13:25:2d:82:a7:a3:2b:91:9e:49:94:28:41:61:1f: 98:b4:1f:b6:a0:ea:0e:12:6f:75:4e:4f:f9:3b:03: fb:6b:8b:07:0d:23:56:91:bd:3f:ac:46:71:59:df: 34:bd:60:e5:1c:a8:26:42:77:94:be:b1:57:87:49: bf:32:44:03:0d:27:91:89:4d:ae:4c:63:81:ab:bf: a4:77:a1:38:aa:24:9f:13:6f:2e:93:bd:7f:2b:7f: 8f:56:55:d0:fb:7c:82:f8:59:fd:bd:72:89:15:26: 96:a4:5b:a1:20:d2:a6:9e:c3:9c:59:c8:36:52:a2: 02:38:db:97:6a:68:43:d3:b0:b3:3b:0e:c2:e7:a0: 15:09:26:89:49:bc:7c:f5:6e:1a:92:30:af:38:d2: 22:33:f4:a3:4a:0b:86:ed:79:5d:af:36:bb:aa:a8: b1:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:E2:19:EB:5B:B6:FE:C2:21:24:91:40:B2:80:44:B5:FE:45:C7:1C X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/616/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/616/aeIZ61u2_sIhJJFAsoBEtf5Fxxw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.249.244.0/22 163.53.60.0/22 218.245.48.0/20 Signature Algorithm: sha256WithRSAEncryption 87:a6:47:6a:f7:e7:7b:5f:5c:ec:74:f8:d3:c9:52:bf:55:fa: b7:b4:54:c6:ae:ea:4f:0c:bd:79:2b:30:38:dd:f2:81:47:1a: ac:8d:2c:d1:b5:a6:f2:ed:12:10:4b:3c:b6:b5:13:2a:19:00: 12:0b:e5:4c:ec:4b:e2:48:3c:22:70:1e:09:d9:98:65:1e:ae: 05:c4:67:31:51:4e:61:07:2b:c6:bd:21:81:de:a7:dc:bf:a6: d2:19:d3:c1:e0:48:f9:bc:c3:f6:7e:bf:9d:16:5d:be:1e:0d: c4:d9:4e:d5:67:de:26:8b:76:24:92:37:fc:fb:e7:9e:1f:f2: 54:20:62:26:8b:58:f5:2b:49:27:35:e1:13:28:47:73:60:da: d4:10:ed:ba:93:b7:38:19:57:ce:3c:5a:13:6b:8c:9d:68:e6: da:d2:17:d2:f0:fc:68:89:1d:98:3e:38:e8:12:39:e2:1e:02: 30:8a:14:60:cf:63:6c:95:56:56:28:1a:0b:96:95:c2:57:8b: 48:bd:59:68:b1:8d:c5:0e:67:a4:26:4e:76:0c:b2:43:eb:63: df:31:bc:7e:64:5a:f0:0c:58:d0:04:ae:0b:ab:62:59:5f:66: 39:00:91:df:ad:f0:63:9b:ef:a5:e1:cc:d5:87:9c:a0:84:fb: f7:b6:3d:ef -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgIDALzDMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU3MzJaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDY5RTIxOUVCNUJCNkZFQzIyMTI0OTE0MEIyODA0NEI1RkU0NUM3 MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Fas3GzOs2bYP6UHi njR1+h9duF8LOiOF9HPlld7FGlWE6S9YcWaRCGqe8iHjKsKJjAle9kFq5axf+mG5 +nIN2AyIH2UuUAM4IP1eq7+kmdcwH3yGMCWgzBMlLYKnoyuRnkmUKEFhH5i0H7ag 6g4Sb3VOT/k7A/triwcNI1aRvT+sRnFZ3zS9YOUcqCZCd5S+sVeHSb8yRAMNJ5GJ Ta5MY4Grv6R3oTiqJJ8Tby6TvX8rf49WVdD7fIL4Wf29cokVJpakW6Eg0qaew5xZ yDZSogI425dqaEPTsLM7DsLnoBUJJolJvHz1bhqSMK840iIz9KNKC4bteV2vNruq qLFVAgMBAAGjggJfMIICWzAdBgNVHQ4EFgQUaeIZ61u2/sIhJJFAsoBEtf5Fxxww HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYx Ni8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC82MTYvYWVJWjYxdTJfc0loSkpGQXNvQkV0ZjVGeHh3Lm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAr BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAmf59AMEAqM1PAMEBNr1MDANBgkq hkiG9w0BAQsFAAOCAQEAh6ZHavfne19c7HT408lSv1X6t7RUxq7qTwy9eSswON3y gUcarI0s0bWm8u0SEEs8trUTKhkAEgvlTOxL4kg8InAeCdmYZR6uBcRnMVFOYQcr xr0hgd6n3L+m0hnTweBI+bzD9n6/nRZdvh4NxNlO1WfeJot2JJI3/Pvnnh/yVCBi JotY9StJJzXhEyhHc2Da1BDtupO3OBlXzjxaE2uMnWjm2tIX0vD8aIkdmD446BI5 4h4CMIoUYM9jbJVWVigaC5aVwleLSL1ZaLGNxQ5npCZOdgyyQ+tj3zG8fmRa8AxY 0ASuC6tiWV9mOQCR363wY5vvpeHM1YecoIT797Y97w== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:27 2024 by rpki-client on console-fra.rpki-client.org