Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
File: hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer (raw, json)
Hash identifier: Ft3taHqAHZaVYgR8/DjDosvvdJpGiKkEFQcADWBY/so=
Subject key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AE97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:20:52 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 24429
AS: 38369
IP: 103.212.44.0/22
IP: 106.11.0.0/16
IP: 110.75.0.0/17
IP: 110.173.192.0/19
IP: 115.124.16.0/20
IP: 116.251.64.0/18
IP: 139.5.160.0/22
IP: 2406:1880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 18 May 2024 19:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44695 (0xae97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:20:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2b:2f:fd:f6:64:11:bd:c6:18:f5:09:18:f8:
20:f0:4e:2b:af:c1:1e:ba:7a:a1:9a:27:00:a3:61:
c3:3a:08:79:10:a8:5a:29:5f:13:9e:f1:2e:c4:83:
8b:63:06:68:3a:4e:51:7e:49:47:aa:b4:b2:b2:68:
80:2a:66:68:04:19:77:55:0d:ba:7b:1c:57:3a:c7:
39:20:27:51:02:68:75:b8:a9:40:6f:fe:75:d8:2e:
b7:4a:7a:97:91:02:04:f1:d8:18:f1:8b:75:e1:07:
25:92:89:65:99:ae:c6:3e:e2:49:a5:0b:2b:f3:6c:
e9:98:c6:9b:26:41:3f:37:1c:3a:da:04:2d:1d:a4:
85:48:36:d1:69:c8:97:b3:2b:26:8c:04:90:c4:7a:
9d:ad:aa:90:45:3e:9b:36:00:08:da:04:20:5a:5b:
23:bd:f7:15:1d:9c:a4:e5:4b:ff:8e:ca:a6:ac:cb:
e2:d1:37:20:d8:1f:fe:3f:0b:58:30:0a:66:50:01:
5e:51:6b:46:a9:35:f5:a1:0f:43:68:c3:e9:07:88:
ec:3e:83:2f:fe:3e:8f:be:49:24:fd:3a:f6:97:b0:
fe:dd:f5:cd:3f:12:06:c8:2a:cf:af:01:48:4a:4b:
0a:f0:4a:71:e2:c8:fc:c6:eb:7c:58:1f:d2:8a:a8:
2a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24429
38369
sbgp-ipAddrBlock: critical
IPv4:
103.212.44.0/22
106.11.0.0/16
110.75.0.0/17
110.173.192.0/19
115.124.16.0/20
116.251.64.0/18
139.5.160.0/22
IPv6:
2406:1880::/32
Signature Algorithm: sha256WithRSAEncryption
a0:a0:0d:d6:6a:3b:f2:29:f1:b0:2c:02:06:2d:3c:e2:de:d6:
e1:e6:da:aa:35:42:43:69:e7:7f:f6:f2:a9:78:51:e8:bf:eb:
15:34:d0:9f:33:a7:b0:81:c6:87:f0:5a:68:ea:2d:85:75:ed:
1d:cd:2c:10:4e:8a:1e:5b:3f:04:da:47:9e:dd:e6:d4:cd:be:
1a:fd:4d:76:e1:92:92:40:51:57:59:d3:03:95:e4:2e:a6:88:
a2:ca:f9:c3:98:2b:c9:a1:29:f5:2c:24:07:fa:39:80:8e:2a:
7a:74:4e:c1:5b:60:ce:d4:70:a0:5c:26:85:b3:0e:eb:5f:2e:
1e:5c:b3:ee:22:80:78:01:ed:c2:0d:e1:af:bd:47:6c:14:f5:
4c:bf:ee:59:dc:b8:3a:32:3b:00:4e:45:67:e6:b5:37:1c:73:
62:17:61:f0:45:7e:73:83:93:04:5a:6e:00:39:fb:6e:a7:c4:
b8:35:74:01:d2:a2:35:15:e8:99:c4:b5:29:b6:de:68:3b:cb:
a9:b0:7f:b1:48:6d:df:a3:6a:15:98:47:79:af:bf:24:2d:51:
d7:60:0f:a8:cb:ef:32:31:9d:93:5c:b1:fd:c2:c3:27:ab:36:
3d:2e:d2:c8:24:34:df:a6:55:8f:a4:7a:17:1a:3d:eb:3b:30:
cd:56:79:f4
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAK6XMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIwNTJaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDg1NkRBODVGOUE4QTI4NkI2NTI4NzBENEU0NzYzNUZGM0QwRTky
QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKy/99mQRvcYY9QkY
+CDwTiuvwR66eqGaJwCjYcM6CHkQqFopXxOe8S7Eg4tjBmg6TlF+SUeqtLKyaIAq
ZmgEGXdVDbp7HFc6xzkgJ1ECaHW4qUBv/nXYLrdKepeRAgTx2Bjxi3XhByWSiWWZ
rsY+4kmlCyvzbOmYxpsmQT83HDraBC0dpIVINtFpyJezKyaMBJDEep2tqpBFPps2
AAjaBCBaWyO99xUdnKTlS/+Oyqasy+LRNyDYH/4/C1gwCmZQAV5Ra0apNfWhD0No
w+kHiOw+gy/+Po++SST9OvaXsP7d9c0/EgbIKs+vAUhKSwrwSnHiyPzG63xYH9KK
qCqRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhW2oX5qKKGtlKHDU5HY1/z0Okq4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0
MS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zNDEvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAe
BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJfbQIDAJXhMFEGCCsGAQUFBwEHAQH/BEIw
QDAvBAIAATApAwQCZ9QsAwMAagsDBAduSwADBAVurcADBARzfBADBAZ0+0ADBAKL
BaAwDQQCAAIwBwMFACQGGIAwDQYJKoZIhvcNAQELBQADggEBAKCgDdZqO/Ip8bAs
AgYtPOLe1uHm2qo1QkNp53/28ql4Uei/6xU00J8zp7CBxofwWmjqLYV17R3NLBBO
ih5bPwTaR57d5tTNvhr9TXbhkpJAUVdZ0wOV5C6miKLK+cOYK8mhKfUsJAf6OYCO
Knp0TsFbYM7UcKBcJoWzDutfLh5cs+4igHgB7cIN4a+9R2wU9Uy/7lncuDoyOwBO
RWfmtTccc2IXYfBFfnODkwRabgA5+26nxLg1dAHSojUV6JnEtSm23mg7y6mwf7FI
bd+jahWYR3mvvyQtUddgD6jL7zIxnZNcsf3CwyerNj0u0sgkNN+mVY+kehcaPes7
MM1WefQ=
-----END CERTIFICATE-----
Generated at Sat May 18 16:16:52 2024 by rpki-client on console-ams.rpki-client.org