$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer File: cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer (raw, json) Hash identifier: VEigzEw8mePMHIEFYAzV/LJKbQUqa5+4hWIMmZHaDaY= Subject key identifier: 70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BCA3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:56:56 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 110.173.96.0/19 IP: 202.173.224.0/19 IP: 211.148.128.0/19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48291 (0xbca3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:56:56 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=706580629A7148E4B22189E7B91F146791116370 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e7:ae:5e:61:75:c0:a9:17:47:ae:80:d9:6b: b0:a8:84:4f:87:21:d0:c6:27:d1:c5:94:f3:88:5b: 88:8a:95:d0:f3:16:f4:28:33:64:1f:d2:31:de:a9: 94:7f:43:b7:ea:a4:a9:9c:fa:ee:e2:f6:da:28:6d: 9e:dd:b4:01:a1:20:d9:11:29:e7:03:30:8a:3a:9d: c5:ab:45:c3:dd:84:5e:01:2f:e0:ec:f8:98:e0:50: cd:e5:05:e9:d2:95:03:a9:9e:cb:d3:32:38:f4:02: f9:8d:5e:83:1e:5d:9c:b4:69:1f:1f:aa:d5:ee:54: f8:4f:da:ae:dc:c8:8e:22:05:f0:a7:59:48:4a:1d: 0a:0c:32:cf:46:23:cd:94:0f:9a:ff:db:80:27:bd: e4:2c:10:75:a6:66:7c:ca:20:c4:f5:31:26:a6:37: 29:9d:bd:5e:44:c0:72:c7:9f:21:51:6a:c8:c4:71: be:c8:7a:54:1d:09:87:c4:a4:6e:65:ea:b4:22:6e: 4c:dd:4c:fe:41:ea:99:af:43:d3:82:3d:0d:1c:4f: 51:ee:c5:c1:bb:43:17:83:87:37:15:fe:36:72:ad: 2e:5e:a7:c8:34:b8:c6:03:a5:64:de:7e:4d:d7:93: 02:b7:4a:00:6a:96:45:26:21:9e:53:41:2c:84:5a: 39:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.173.96.0/19 202.173.224.0/19 211.148.128.0/19 Signature Algorithm: sha256WithRSAEncryption 7a:d0:dd:b4:39:1a:81:27:a5:70:f7:d6:f4:e4:8c:02:ab:81: 97:a9:96:81:c6:05:e2:08:0c:4f:8b:36:da:e5:c2:90:93:d4: 67:14:69:da:19:28:36:22:61:61:7a:5b:fc:91:8c:1e:3d:0f: 38:80:2f:0a:ec:0a:94:b5:02:bf:d3:a4:ec:0a:bd:b7:0a:50: 02:6d:4b:07:df:fb:fd:24:78:2c:b3:17:98:40:07:10:e8:c6: 62:6f:8f:2f:23:59:39:11:2b:83:fd:b7:8f:8e:0a:9e:d7:3a: a6:5a:8e:c0:b0:8e:45:e6:b4:3a:69:2f:92:d9:8f:82:b8:be: f6:53:e8:22:68:b6:e0:13:1a:2f:5c:ea:78:bc:0f:9b:54:ce: fb:cf:31:e3:29:48:60:17:3d:89:14:d4:64:94:86:40:f2:d8: 4d:f9:bc:e2:00:d3:1d:fe:17:07:f5:ba:38:50:2c:a1:e1:0d: 20:77:15:0c:c7:b6:b5:b7:2d:00:ac:bc:b2:e0:a9:5c:3e:09: 16:f0:ea:33:0d:8c:5f:49:07:95:ff:34:d6:ec:10:a9:a4:d8: 41:76:9b:8a:c3:de:f6:ae:d0:be:2c:15:7d:fe:d5:d6:43:46: 8e:43:c0:57:9f:20:42:da:74:d7:2d:64:56:aa:d5:97:05:d5: f4:73:98:5e -----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgIDALyjMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU2NTZaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDcwNjU4MDYyOUE3MTQ4RTRCMjIxODlFN0I5MUYxNDY3OTExMTYz NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq565eYXXAqRdHroDZ a7CohE+HIdDGJ9HFlPOIW4iKldDzFvQoM2Qf0jHeqZR/Q7fqpKmc+u7i9toobZ7d tAGhINkRKecDMIo6ncWrRcPdhF4BL+Ds+JjgUM3lBenSlQOpnsvTMjj0AvmNXoMe XZy0aR8fqtXuVPhP2q7cyI4iBfCnWUhKHQoMMs9GI82UD5r/24AnveQsEHWmZnzK IMT1MSamNymdvV5EwHLHnyFRasjEcb7IelQdCYfEpG5l6rQibkzdTP5B6pmvQ9OC PQ0cT1HuxcG7QxeDhzcV/jZyrS5ep8g0uMYDpWTefk3XkwK3SgBqlkUmIZ5TQSyE WjnzAgMBAAGjggJdMIICWTAdBgNVHQ4EFgQUcGWAYppxSOSyIYnnuR8UZ5ERY3Aw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzcx LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzcxL2NHV0FZcHB4U09TeUlZbm51UjhVWjVFUlkzQS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwKwYI KwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAVurWADBAXKreADBAXTlIAwDQYJKoZI hvcNAQELBQADggEBAHrQ3bQ5GoEnpXD31vTkjAKrgZeploHGBeIIDE+LNtrlwpCT 1GcUadoZKDYiYWF6W/yRjB49DziALwrsCpS1Ar/TpOwKvbcKUAJtSwff+/0keCyz F5hABxDoxmJvjy8jWTkRK4P9t4+OCp7XOqZajsCwjkXmtDppL5LZj4K4vvZT6CJo tuATGi9c6ni8D5tUzvvPMeMpSGAXPYkU1GSUhkDy2E35vOIA0x3+Fwf1ujhQLKHh DSB3FQzHtrW3LQCsvLLgqVw+CRbw6jMNjF9JB5X/NNbsEKmk2EF2m4rD3vau0L4s FX3+1dZDRo5DwFefIELadNctZFaq1ZcF1fRzmF4= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:27 2024 by rpki-client on console-fra.rpki-client.org