$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/erbi9MRXMdA8J66v3WCGEYcbQjw.cer File: erbi9MRXMdA8J66v3WCGEYcbQjw.cer (raw, json) Hash identifier: A+nFlhxcWVjsLm6BZfv2yd2DETBic9smNwN+WblvbZI= Subject key identifier: 7A:B6:E2:F4:C4:57:31:D0:3C:27:AE:AF:DD:60:86:11:87:1B:42:3C Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AF3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/erbi9MRXMdA8J66v3WCGEYcbQjw.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:23:26 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: AS: 59066 IP: 43.224.160.0/22 IP: 103.43.192.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 17 May 2024 11:25:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44863 (0xaf3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:23:26 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7AB6E2F4C45731D03C27AEAFDD608611871B423C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:e8:f4:c7:51:32:d9:0a:08:0d:64:9a:3c:c9: 65:a7:ef:38:f7:84:b6:ca:ad:b3:69:b5:a5:a4:07: a6:10:68:79:ab:58:4f:ec:06:1b:37:eb:0a:fd:d4: cd:58:f0:f9:ab:10:b7:2a:91:37:fb:74:c5:90:c6: 78:c9:e4:2a:3b:06:40:ee:7b:c1:be:50:8d:16:75: 74:db:01:07:26:25:ad:2b:bc:08:aa:86:01:3b:6c: 91:ba:48:e6:e4:de:43:61:40:b7:9b:42:b3:56:ed: ce:3c:72:94:b6:d7:2f:59:a9:18:43:c2:6e:cb:01: 08:c5:a8:e0:f9:ba:11:f1:4a:e6:78:83:fc:60:8e: 9d:8e:b1:78:aa:14:62:dc:6a:85:3f:71:54:6c:e9: 0f:2b:d0:2a:39:7a:04:ad:3f:06:3c:f4:dc:90:89: f9:dc:2e:5d:2f:09:9b:d9:f8:bf:17:96:e3:b1:57: 1c:2f:00:96:9f:a6:04:72:1a:96:38:6c:0f:47:58: 62:d1:c6:00:22:36:14:69:6c:b0:09:04:50:06:f6: c4:f0:53:87:84:9a:cd:21:67:8b:6f:5c:77:f2:1e: d1:6e:7a:e5:85:3a:fd:fa:29:69:2b:80:2e:2f:b9: 2b:6f:3d:ce:ac:66:6b:3b:34:cd:00:87:53:30:fc: 2c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:B6:E2:F4:C4:57:31:D0:3C:27:AE:AF:DD:60:86:11:87:1B:42:3C X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/erbi9MRXMdA8J66v3WCGEYcbQjw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 59066 sbgp-ipAddrBlock: critical IPv4: 43.224.160.0/22 103.43.192.0/22 Signature Algorithm: sha256WithRSAEncryption ae:c3:9d:43:74:71:60:db:ef:9c:12:46:91:85:87:ea:2c:38: 81:ee:f9:0a:a4:ab:d4:47:19:5c:53:bc:ea:1b:9f:ce:c5:e4: 9c:76:a2:98:7c:d5:e2:fa:3a:00:41:05:1c:f2:e5:90:bc:89: 67:27:ab:ff:43:62:ac:69:da:9d:4b:77:f7:92:48:8e:d8:ef: 93:91:7c:4d:69:fa:6d:3e:ea:37:7e:43:eb:c3:c2:04:cb:f2: 34:4e:ab:fa:6d:fd:c4:74:85:49:d5:38:35:3f:79:92:cf:ba: b0:45:c4:5a:95:62:8b:35:78:f0:e4:f8:5a:39:25:de:dc:fb: 05:f6:bc:bb:e0:13:42:0a:b9:70:27:2d:5c:6f:d9:7c:b5:75: 24:e8:e8:27:d7:0a:48:03:c6:ff:aa:23:cd:33:99:ea:8b:aa: 45:da:4c:3b:18:ed:0a:3b:ac:93:89:e2:cb:65:0c:cd:d8:92: e7:b7:75:8f:85:52:3e:54:fd:cf:53:1e:38:07:ef:f6:50:65: f4:4f:39:68:d7:33:f1:f1:07:3d:24:d0:d8:7e:c6:cd:6b:bf: 28:b6:4d:9f:58:51:c0:f1:bf:09:64:c2:1c:39:0f:56:2b:ef: 24:b6:a7:97:f2:28:82:14:12:eb:d3:9d:7f:16:26:a9:d9:97: 81:96:67:11 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIDAK8/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIzMjZaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKDdBQjZFMkY0QzQ1NzMxRDAzQzI3QUVBRkRENjA4NjExODcxQjQy M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ6PTHUTLZCggNZJo8 yWWn7zj3hLbKrbNptaWkB6YQaHmrWE/sBhs36wr91M1Y8PmrELcqkTf7dMWQxnjJ 5Co7BkDue8G+UI0WdXTbAQcmJa0rvAiqhgE7bJG6SObk3kNhQLebQrNW7c48cpS2 1y9ZqRhDwm7LAQjFqOD5uhHxSuZ4g/xgjp2OsXiqFGLcaoU/cVRs6Q8r0Co5egSt PwY89NyQifncLl0vCZvZ+L8XluOxVxwvAJafpgRyGpY4bA9HWGLRxgAiNhRpbLAJ BFAG9sTwU4eEms0hZ4tvXHfyHtFueuWFOv36KWkrgC4vuStvPc6sZms7NM0Ah1Mw /CzDAgMBAAGjggJ3MIICczAdBgNVHQ4EFgQUerbi9MRXMdA8J66v3WCGEYcbQjww HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEw MzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTAzMC9lcmJpOU1SWE1kQThKNjZ2M1dDR0VZY2JRancubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDmujAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAivgoAMEAmcrwDANBgkqhkiG9w0BAQsFAAOCAQEArsOdQ3RxYNvv nBJGkYWH6iw4ge75CqSr1EcZXFO86hufzsXknHaimHzV4vo6AEEFHPLlkLyJZyer /0NirGnanUt395JIjtjvk5F8TWn6bT7qN35D68PCBMvyNE6r+m39xHSFSdU4NT95 ks+6sEXEWpViizV48OT4Wjkl3tz7Bfa8u+ATQgq5cCctXG/ZfLV1JOjoJ9cKSAPG /6ojzTOZ6ouqRdpMOxjtCjusk4niy2UMzdiS57d1j4VSPlT9z1MeOAfv9lBl9E85 aNcz8fEHPSTQ2H7GzWu/KLZNn1hRwPG/CWTCHDkPVivvJLanl/IoghQS69OdfxYm qdmXgZZnEQ== -----END CERTIFICATE-----Generated at Fri May 17 06:19:02 2024 by rpki-client on console-fra.rpki-client.org