Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
File: hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer (raw, json)
Hash identifier: EGANiHRXdkIy454eio0NXS2HpbX8Xg6a167Sk7pKekk=
Subject key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BB27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:50:24 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 24429
AS: 38369
IP: 103.212.44.0/22
IP: 106.11.0.0/16
IP: 110.75.0.0/17
IP: 110.173.192.0/19
IP: 115.124.16.0/20
IP: 116.251.64.0/18
IP: 139.5.160.0/22
IP: 2406:1880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47911 (0xbb27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:50:24 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2b:2f:fd:f6:64:11:bd:c6:18:f5:09:18:f8:
20:f0:4e:2b:af:c1:1e:ba:7a:a1:9a:27:00:a3:61:
c3:3a:08:79:10:a8:5a:29:5f:13:9e:f1:2e:c4:83:
8b:63:06:68:3a:4e:51:7e:49:47:aa:b4:b2:b2:68:
80:2a:66:68:04:19:77:55:0d:ba:7b:1c:57:3a:c7:
39:20:27:51:02:68:75:b8:a9:40:6f:fe:75:d8:2e:
b7:4a:7a:97:91:02:04:f1:d8:18:f1:8b:75:e1:07:
25:92:89:65:99:ae:c6:3e:e2:49:a5:0b:2b:f3:6c:
e9:98:c6:9b:26:41:3f:37:1c:3a:da:04:2d:1d:a4:
85:48:36:d1:69:c8:97:b3:2b:26:8c:04:90:c4:7a:
9d:ad:aa:90:45:3e:9b:36:00:08:da:04:20:5a:5b:
23:bd:f7:15:1d:9c:a4:e5:4b:ff:8e:ca:a6:ac:cb:
e2:d1:37:20:d8:1f:fe:3f:0b:58:30:0a:66:50:01:
5e:51:6b:46:a9:35:f5:a1:0f:43:68:c3:e9:07:88:
ec:3e:83:2f:fe:3e:8f:be:49:24:fd:3a:f6:97:b0:
fe:dd:f5:cd:3f:12:06:c8:2a:cf:af:01:48:4a:4b:
0a:f0:4a:71:e2:c8:fc:c6:eb:7c:58:1f:d2:8a:a8:
2a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24429
38369
sbgp-ipAddrBlock: critical
IPv4:
103.212.44.0/22
106.11.0.0/16
110.75.0.0/17
110.173.192.0/19
115.124.16.0/20
116.251.64.0/18
139.5.160.0/22
IPv6:
2406:1880::/32
Signature Algorithm: sha256WithRSAEncryption
7d:e9:27:c8:d9:91:f6:6f:77:a7:94:56:8c:a6:ac:2b:82:57:
5d:e1:da:50:75:c9:c4:06:5f:ce:26:cf:b2:32:9b:37:fd:8e:
72:81:b9:85:6f:2b:bd:92:0c:0e:e8:a0:d4:dd:17:eb:ff:1c:
0e:ca:9a:b9:58:ed:a6:27:63:29:77:a9:d0:88:6d:84:05:92:
86:ed:04:c2:65:88:9f:62:bb:a6:49:c0:47:e2:6a:c8:a6:85:
93:93:75:8e:03:7e:cd:b0:e7:f7:d8:1b:7d:81:64:d6:fe:b2:
12:9f:9b:a2:79:e2:62:48:79:b1:4f:40:64:d8:cd:10:9b:e5:
6d:e9:0e:e2:f0:75:0e:c1:75:c2:bc:e3:0b:26:4f:6d:66:ee:
50:f2:80:35:1b:a0:89:29:ce:5c:30:74:56:db:b2:91:dc:8d:
e8:2f:5a:c3:f0:82:db:a9:95:2f:1d:5e:f9:44:ad:92:7b:bc:
c7:e2:fc:e6:68:8a:ae:8c:08:7c:4c:07:9b:33:6c:56:6d:96:
21:46:98:09:9a:00:d0:57:c2:35:d3:b9:c5:d6:c9:c7:4e:57:
ce:43:87:60:50:65:99:2b:6d:5a:6e:ad:d5:3f:c9:12:36:8a:
d3:78:28:fc:50:be:06:e3:a5:cb:be:ee:9a:46:7e:68:71:7b:
b8:13:56:3c
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDALsnMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUwMjRaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDg1NkRBODVGOUE4QTI4NkI2NTI4NzBENEU0NzYzNUZGM0QwRTky
QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKy/99mQRvcYY9QkY
+CDwTiuvwR66eqGaJwCjYcM6CHkQqFopXxOe8S7Eg4tjBmg6TlF+SUeqtLKyaIAq
ZmgEGXdVDbp7HFc6xzkgJ1ECaHW4qUBv/nXYLrdKepeRAgTx2Bjxi3XhByWSiWWZ
rsY+4kmlCyvzbOmYxpsmQT83HDraBC0dpIVINtFpyJezKyaMBJDEep2tqpBFPps2
AAjaBCBaWyO99xUdnKTlS/+Oyqasy+LRNyDYH/4/C1gwCmZQAV5Ra0apNfWhD0No
w+kHiOw+gy/+Po++SST9OvaXsP7d9c0/EgbIKs+vAUhKSwrwSnHiyPzG63xYH9KK
qCqRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhW2oX5qKKGtlKHDU5HY1/z0Okq4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0
MS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zNDEvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAe
BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJfbQIDAJXhMFEGCCsGAQUFBwEHAQH/BEIw
QDAvBAIAATApAwQCZ9QsAwMAagsDBAduSwADBAVurcADBARzfBADBAZ0+0ADBAKL
BaAwDQQCAAIwBwMFACQGGIAwDQYJKoZIhvcNAQELBQADggEBAH3pJ8jZkfZvd6eU
VoymrCuCV13h2lB1ycQGX84mz7Iymzf9jnKBuYVvK72SDA7ooNTdF+v/HA7KmrlY
7aYnYyl3qdCIbYQFkobtBMJliJ9iu6ZJwEfiasimhZOTdY4Dfs2w5/fYG32BZNb+
shKfm6J54mJIebFPQGTYzRCb5W3pDuLwdQ7BdcK84wsmT21m7lDygDUboIkpzlww
dFbbspHcjegvWsPwgtuplS8dXvlErZJ7vMfi/OZoiq6MCHxMB5szbFZtliFGmAma
ANBXwjXTucXWycdOV85Dh2BQZZkrbVpurdU/yRI2itN4KPxQvgbjpcu+7ppGfmhx
e7gTVjw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:27 2024 by rpki-client on console-fra.rpki-client.org