Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
File: hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer (raw, json)
Hash identifier: WgT1slKwWRlAuz8RkOrLfGl1jZzp8yBrxzjO0BhLASM=
Subject key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CCA5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:05:25 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 24429
AS: 38369
IP: 103.212.44.0/22
IP: 106.11.0.0/16
IP: 110.75.0.0/17
IP: 110.173.192.0/19
IP: 115.124.16.0/20
IP: 116.251.64.0/18
IP: 139.5.160.0/22
IP: 2406:1880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52389 (0xcca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:05:25 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2b:2f:fd:f6:64:11:bd:c6:18:f5:09:18:f8:
20:f0:4e:2b:af:c1:1e:ba:7a:a1:9a:27:00:a3:61:
c3:3a:08:79:10:a8:5a:29:5f:13:9e:f1:2e:c4:83:
8b:63:06:68:3a:4e:51:7e:49:47:aa:b4:b2:b2:68:
80:2a:66:68:04:19:77:55:0d:ba:7b:1c:57:3a:c7:
39:20:27:51:02:68:75:b8:a9:40:6f:fe:75:d8:2e:
b7:4a:7a:97:91:02:04:f1:d8:18:f1:8b:75:e1:07:
25:92:89:65:99:ae:c6:3e:e2:49:a5:0b:2b:f3:6c:
e9:98:c6:9b:26:41:3f:37:1c:3a:da:04:2d:1d:a4:
85:48:36:d1:69:c8:97:b3:2b:26:8c:04:90:c4:7a:
9d:ad:aa:90:45:3e:9b:36:00:08:da:04:20:5a:5b:
23:bd:f7:15:1d:9c:a4:e5:4b:ff:8e:ca:a6:ac:cb:
e2:d1:37:20:d8:1f:fe:3f:0b:58:30:0a:66:50:01:
5e:51:6b:46:a9:35:f5:a1:0f:43:68:c3:e9:07:88:
ec:3e:83:2f:fe:3e:8f:be:49:24:fd:3a:f6:97:b0:
fe:dd:f5:cd:3f:12:06:c8:2a:cf:af:01:48:4a:4b:
0a:f0:4a:71:e2:c8:fc:c6:eb:7c:58:1f:d2:8a:a8:
2a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24429
38369
sbgp-ipAddrBlock: critical
IPv4:
103.212.44.0/22
106.11.0.0/16
110.75.0.0/17
110.173.192.0/19
115.124.16.0/20
116.251.64.0/18
139.5.160.0/22
IPv6:
2406:1880::/32
Signature Algorithm: sha256WithRSAEncryption
51:44:d4:bd:04:b2:33:6a:d7:18:2b:9e:ae:f3:59:6d:85:67:
84:6a:9d:fa:e8:4b:95:bf:ae:f5:a6:32:40:47:d6:2b:aa:92:
0c:e5:5f:8d:99:0c:ef:cb:80:88:56:ca:13:5a:b6:f2:f8:9d:
16:5d:9c:a7:c1:28:de:c7:1f:1d:42:21:81:66:b8:25:ad:65:
28:ff:7b:60:34:6e:6e:98:73:6f:e5:e6:6b:48:8e:c1:49:c8:
67:3d:41:10:b2:0e:67:f4:c2:28:1a:fe:3c:53:32:7c:14:69:
24:54:ea:a0:7a:52:2c:24:03:3f:b1:21:61:2c:e5:29:12:ea:
21:fa:5e:94:4a:9d:cf:46:1f:0d:26:e0:48:92:dd:89:5a:0e:
b5:6b:8c:1b:7d:c4:ea:08:4d:4b:25:0f:38:ae:59:cd:6a:32:
67:5f:0f:d8:fc:c3:13:30:e5:65:89:73:d8:5a:05:f7:e8:f1:
3c:25:60:a8:e3:02:2b:42:27:82:01:45:6a:90:11:bb:e9:98:
9b:8d:be:0f:b8:5d:71:ea:44:a8:18:62:dc:f5:c3:4f:a2:66:
7b:e5:60:3d:f9:c8:0f:e3:de:20:79:88:22:c7:97:1f:71:24:
da:a0:33:de:ee:59:fc:ce:42:80:ed:e4:3c:de:b4:df:c5:60:
8c:56:77:4a
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAMylMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA1MjVaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDg1NkRBODVGOUE4QTI4NkI2NTI4NzBENEU0NzYzNUZGM0QwRTky
QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKy/99mQRvcYY9QkY
+CDwTiuvwR66eqGaJwCjYcM6CHkQqFopXxOe8S7Eg4tjBmg6TlF+SUeqtLKyaIAq
ZmgEGXdVDbp7HFc6xzkgJ1ECaHW4qUBv/nXYLrdKepeRAgTx2Bjxi3XhByWSiWWZ
rsY+4kmlCyvzbOmYxpsmQT83HDraBC0dpIVINtFpyJezKyaMBJDEep2tqpBFPps2
AAjaBCBaWyO99xUdnKTlS/+Oyqasy+LRNyDYH/4/C1gwCmZQAV5Ra0apNfWhD0No
w+kHiOw+gy/+Po++SST9OvaXsP7d9c0/EgbIKs+vAUhKSwrwSnHiyPzG63xYH9KK
qCqRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhW2oX5qKKGtlKHDU5HY1/z0Okq4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0
MS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zNDEvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAe
BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJfbQIDAJXhMFEGCCsGAQUFBwEHAQH/BEIw
QDAvBAIAATApAwQCZ9QsAwMAagsDBAduSwADBAVurcADBARzfBADBAZ0+0ADBAKL
BaAwDQQCAAIwBwMFACQGGIAwDQYJKoZIhvcNAQELBQADggEBAFFE1L0EsjNq1xgr
nq7zWW2FZ4RqnfroS5W/rvWmMkBH1iuqkgzlX42ZDO/LgIhWyhNatvL4nRZdnKfB
KN7HHx1CIYFmuCWtZSj/e2A0bm6Yc2/l5mtIjsFJyGc9QRCyDmf0wiga/jxTMnwU
aSRU6qB6UiwkAz+xIWEs5SkS6iH6XpRKnc9GHw0m4EiS3YlaDrVrjBt9xOoITUsl
DziuWc1qMmdfD9j8wxMw5WWJc9haBffo8TwlYKjjAitCJ4IBRWqQEbvpmJuNvg+4
XXHqRKgYYtz1w0+iZnvlYD35yA/j3iB5iCLHlx9xJNqgM97uWfzOQoDt5DzetN/F
YIxWd0o=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:18:37 2025 by rpki-client