Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
File: g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer (raw, json)
Hash identifier: 3y9cAy6HxryxKlYdgakUq65lDLKQ3V93ldJzr5jfvMU=
Subject key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AF79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:24:12 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 56282
AS: 58997 -- 58998
AS: 63569
IP: 14.102.180.0/22
IP: 45.252.120.0/22
IP: 45.252.128.0/22
IP: 45.252.140.0/22
IP: 45.252.148.0/22
IP: 45.252.164.0 -- 45.252.179.255
IP: 45.254.160.0/22
IP: 45.254.168.0/21
IP: 45.255.168.0/22
IP: 45.255.192.0/20
IP: 45.255.212.0/22
IP: 103.17.40.0/22
IP: 103.26.0.0/22
IP: 103.64.240.0 -- 103.65.7.255
IP: 103.65.76.0 -- 103.65.95.255
IP: 103.65.100.0 -- 103.65.115.255
IP: 103.221.144.0 -- 103.221.155.255
IP: 103.221.160.0 -- 103.221.179.255
IP: 103.222.152.0 -- 103.222.163.255
IP: 103.227.76.0 -- 103.227.83.255
IP: 103.231.64.0/21
IP: 103.235.220.0 -- 103.235.255.255
IP: 103.237.0.0/20
IP: 103.243.252.0/22
IP: 103.249.252.0/22
IP: 114.66.64.0/20
IP: 114.67.0.0/18
IP: 150.129.192.0/22
IP: 163.47.4.0/22
IP: 163.53.40.0/22
IP: 163.53.88.0 -- 163.53.139.255
IP: 202.20.126.0/24
IP: 202.27.12.0/24
IP: 202.27.14.0/24
IP: 202.36.226.0/24
IP: 202.44.97.0/24
IP: 202.52.33.0 -- 202.52.34.255
IP: 202.52.47.0/24
IP: 202.52.143.0/24
IP: 202.53.140.0/24
IP: 202.53.143.0/24
IP: 202.59.1.0/24
IP: 202.59.240.0/24
IP: 202.61.123.0/24
IP: 202.61.127.0/24
IP: 202.63.80.0/24
IP: 202.63.253.0/24
IP: 202.74.36.0/24
IP: 202.74.42.0/24
IP: 202.74.52.0/24
IP: 202.84.22.0/24
IP: 202.89.119.0/24
IP: 202.90.37.0/24
IP: 202.90.193.0/24
IP: 202.90.205.0/24
IP: 202.94.74.0/24
IP: 202.94.81.0/24
IP: 202.125.109.0/24
IP: 202.129.208.0/24
IP: 202.130.39.0/24
IP: 202.146.186.0/24
IP: 202.151.33.0/24
IP: 203.185.189.0/24
IP: 203.191.5.0/24
IP: 203.191.133.0/24
IP: 203.201.182.0/24
IP: 211.155.80.0/20
IP: 2406:4d00::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 18 May 2024 19:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44921 (0xaf79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:24:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4a:1a:f1:ae:04:1c:ce:f2:d7:8f:55:ce:dd:
df:ad:a5:b1:cc:27:20:6a:13:70:b2:67:4a:3c:a9:
f4:90:cd:3a:9d:ec:5a:50:b3:e4:53:87:49:32:59:
32:15:7d:76:e8:fa:57:27:e3:12:61:2b:41:84:79:
0b:58:6f:7e:03:a0:a8:9c:22:fc:12:58:a1:0f:ce:
9c:0b:ee:a7:78:64:dc:d8:af:60:a8:cb:f1:af:77:
25:13:2b:95:f3:fb:7e:fd:7e:13:82:20:7b:5b:25:
6f:2f:4b:5e:3e:0f:56:9b:54:35:14:d0:bb:06:2e:
26:6d:53:8a:d2:83:5e:04:42:8c:bd:01:f6:e8:49:
86:30:3d:7a:ec:6c:09:66:fb:6d:69:6c:7c:9c:e4:
94:80:89:5f:82:3c:70:50:99:ab:dd:5d:8f:53:5e:
36:37:0c:d1:bb:57:ee:c9:e4:46:99:0f:08:dd:4e:
c8:02:08:51:3c:4c:58:2e:0a:c3:1f:7b:28:50:8a:
11:5a:a5:40:75:01:96:26:08:ca:46:c9:79:00:bb:
02:d3:7d:e5:c5:22:c5:86:7d:2e:82:38:50:cd:5c:
44:31:e8:eb:e4:32:99:3f:05:29:9c:49:9a:ad:a2:
82:1e:72:72:ef:ed:a0:72:85:75:50:d7:35:19:cc:
b3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56282
58997-58998
63569
sbgp-ipAddrBlock: critical
IPv4:
14.102.180.0/22
45.252.120.0/22
45.252.128.0/22
45.252.140.0/22
45.252.148.0/22
45.252.164.0-45.252.179.255
45.254.160.0/22
45.254.168.0/21
45.255.168.0/22
45.255.192.0/20
45.255.212.0/22
103.17.40.0/22
103.26.0.0/22
103.64.240.0-103.65.7.255
103.65.76.0-103.65.95.255
103.65.100.0-103.65.115.255
103.221.144.0-103.221.155.255
103.221.160.0-103.221.179.255
103.222.152.0-103.222.163.255
103.227.76.0-103.227.83.255
103.231.64.0/21
103.235.220.0-103.235.255.255
103.237.0.0/20
103.243.252.0/22
103.249.252.0/22
114.66.64.0/20
114.67.0.0/18
150.129.192.0/22
163.47.4.0/22
163.53.40.0/22
163.53.88.0-163.53.139.255
202.20.126.0/24
202.27.12.0/24
202.27.14.0/24
202.36.226.0/24
202.44.97.0/24
202.52.33.0-202.52.34.255
202.52.47.0/24
202.52.143.0/24
202.53.140.0/24
202.53.143.0/24
202.59.1.0/24
202.59.240.0/24
202.61.123.0/24
202.61.127.0/24
202.63.80.0/24
202.63.253.0/24
202.74.36.0/24
202.74.42.0/24
202.74.52.0/24
202.84.22.0/24
202.89.119.0/24
202.90.37.0/24
202.90.193.0/24
202.90.205.0/24
202.94.74.0/24
202.94.81.0/24
202.125.109.0/24
202.129.208.0/24
202.130.39.0/24
202.146.186.0/24
202.151.33.0/24
203.185.189.0/24
203.191.5.0/24
203.191.133.0/24
203.201.182.0/24
211.155.80.0/20
IPv6:
2406:4d00::/32
Signature Algorithm: sha256WithRSAEncryption
80:dd:43:9e:92:2f:a1:74:28:2a:c3:ad:8f:99:64:cd:02:8e:
08:19:68:af:9b:01:2e:d9:11:f9:f0:16:4f:2c:73:78:31:c7:
aa:72:01:36:29:b9:3a:32:e1:68:0f:dd:d9:d9:34:b2:c0:f1:
cb:11:3f:ce:ca:a4:2a:b3:1f:78:e6:9e:01:f6:0f:86:aa:88:
ea:1f:08:cd:3a:50:cc:77:cc:50:ef:4c:dd:01:96:98:07:0a:
31:03:45:f8:5e:1f:a2:f2:7e:15:fb:ce:59:de:0f:4b:62:07:
cd:cb:0f:a0:0a:4a:58:06:a8:f4:af:61:59:69:b5:14:18:dd:
33:f6:59:a7:1f:84:77:96:6e:a8:9f:f9:3b:03:5d:f7:52:9f:
a7:aa:79:54:b3:9b:8c:e2:cc:20:bb:c6:8c:5b:99:c9:9d:a1:
4e:63:02:b2:32:5f:28:b5:f7:a8:b1:63:21:fd:ef:fb:08:f0:
8a:a5:14:fa:08:f7:7c:7c:2a:e0:19:15:af:c0:41:25:45:52:
2c:b5:17:ad:68:d7:98:cb:3b:3d:e6:ce:f7:57:6c:38:d5:43:
f0:be:0a:e3:17:f8:f7:e8:2c:bb:5c:fb:89:fb:c7:b0:03:4b:
a4:a4:36:24:3f:1b:e8:5c:e6:df:22:8a:0d:92:6b:fd:2c:4d:
c4:85:56:9e
-----BEGIN CERTIFICATE-----
MIIHeDCCBmCgAwIBAgIDAK95MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTI0MTJaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDgzRTc3RjM3QjNCOTM4NTA4MzVCQUEzMEVFOEZDMTJENTVGODcw
NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHShrxrgQczvLXj1XO
3d+tpbHMJyBqE3CyZ0o8qfSQzTqd7FpQs+RTh0kyWTIVfXbo+lcn4xJhK0GEeQtY
b34DoKicIvwSWKEPzpwL7qd4ZNzYr2Coy/GvdyUTK5Xz+379fhOCIHtbJW8vS14+
D1abVDUU0LsGLiZtU4rSg14EQoy9AfboSYYwPXrsbAlm+21pbHyc5JSAiV+CPHBQ
mavdXY9TXjY3DNG7V+7J5EaZDwjdTsgCCFE8TFguCsMfeyhQihFapUB1AZYmCMpG
yXkAuwLTfeXFIsWGfS6COFDNXEQx6OvkMpk/BSmcSZqtooIecnLv7aByhXVQ1zUZ
zLMFAgMBAAGjggR8MIIEeDAdBgNVHQ4EFgQUg+d/N7O5OFCDW6ow7o/BLVX4cFQw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU2
MS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81NjEvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAr
BggrBgEFBQcBCAEB/wQcMBqgGDAWAgMA29owCgIDAOZ1AgMA5nYCAwD4UTCCAhkG
CCsGAQUFBwEHAQH/BIICCDCCAgQwggHxBAIAATCCAekDBAIOZrQDBAIt/HgDBAIt
/IADBAIt/IwDBAIt/JQwDAMEAi38pAMEAi38sAMEAi3+oAMEAy3+qAMEAi3/qAME
BC3/wAMEAi3/1AMEAmcRKAMEAmcaADAMAwQEZ0DwAwQDZ0EAMAwDBAJnQUwDBAVn
QUAwDAMEAmdBZAMEAmdBcDAMAwQEZ92QAwQCZ92YMAwDBAVn3aADBAJn3bAwDAME
A2femAMEAmfeoDAMAwQCZ+NMAwQCZ+NQAwQDZ+dAMAsDBAJn69wDAwJn6AMEBGft
AAMEAmfz/AMEAmf5/AMEBHJCQAMEBnJDAAMEApaBwAMEAqMvBAMEAqM1KDAMAwQD
ozVYAwQCozWIAwQAyhR+AwQAyhsMAwQAyhsOAwQAyiTiAwQAyixhMAwDBADKNCED
BADKNCIDBADKNC8DBADKNI8DBADKNYwDBADKNY8DBADKOwEDBADKO/ADBADKPXsD
BADKPX8DBADKP1ADBADKP/0DBADKSiQDBADKSioDBADKSjQDBADKVBYDBADKWXcD
BADKWiUDBADKWsEDBADKWs0DBADKXkoDBADKXlEDBADKfW0DBADKgdADBADKgicD
BADKkroDBADKlyEDBADLub0DBADLvwUDBADLv4UDBADLybYDBATTm1AwDQQCAAIw
BwMFACQGTQAwDQYJKoZIhvcNAQELBQADggEBAIDdQ56SL6F0KCrDrY+ZZM0CjggZ
aK+bAS7ZEfnwFk8sc3gxx6pyATYpuToy4WgP3dnZNLLA8csRP87KpCqzH3jmngH2
D4aqiOofCM06UMx3zFDvTN0BlpgHCjEDRfheH6LyfhX7zlneD0tiB83LD6AKSlgG
qPSvYVlptRQY3TP2WacfhHeWbqif+TsDXfdSn6eqeVSzm4zizCC7xoxbmcmdoU5j
ArIyXyi196ixYyH97/sI8IqlFPoI93x8KuAZFa/AQSVFUiy1F61o15jLOz3mzvdX
bDjVQ/C+CuMX+PfoLLtc+4n7x7ADS6SkNiQ/G+hc5t8iig2Sa/0sTcSFVp4=
-----END CERTIFICATE-----
Generated at Sat May 18 16:16:52 2024 by rpki-client on console-ams.rpki-client.org