$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer File: kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer (raw, json) Hash identifier: 7t+WRrZc6yZMDWlh7W327LEIbHjl22A+BHW7P3Nbn74= Subject key identifier: 90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 378D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:48:42 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 157.15.94.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14221 (0x378d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Sep 27 02:48:42 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9077E7B0AF580F78FE010699FA0DB8107E186F07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a5:0e:fe:e6:d9:a7:fd:e1:f4:76:3e:9f:c2: cf:ee:4f:55:17:81:54:35:1a:f7:ce:09:bb:e2:12: 0d:11:70:ca:fa:1c:41:b0:ff:dd:51:f7:47:f8:38: eb:aa:dc:93:99:27:2b:57:0b:82:92:2a:d0:36:04: 11:d5:45:ff:e0:11:e5:b2:18:37:76:f5:b7:c9:0b: 5c:c7:88:22:cf:5d:9c:2c:dc:4e:89:3b:07:12:c2: 6e:14:43:03:41:80:d0:37:00:8c:e2:36:9b:1b:9b: a7:2f:71:72:c9:d2:40:ee:44:d5:96:5a:60:98:6b: 2a:01:91:13:ea:9c:dd:66:dc:60:db:03:24:f5:c6: b5:b5:f0:a9:1b:5f:2f:3d:9b:8a:41:c4:59:20:b1: 05:75:42:b4:cf:36:2f:40:ff:15:3c:f3:48:69:9d: 48:30:69:39:6c:46:27:b8:09:3c:c1:2a:f1:4f:7e: fe:f3:84:67:99:e7:79:ff:76:8f:2b:d9:ff:23:c5: 02:d9:5f:cb:51:9e:7f:f1:34:12:14:9a:b6:70:29: 84:74:af:a0:91:db:47:62:dd:23:9a:ea:95:d3:fc: b1:b8:1f:13:f3:9d:59:b6:61:73:07:3c:cb:53:cc: db:cf:a5:31:57:4c:60:09:6b:79:04:f7:4c:80:5f: 19:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.94.0/23 Signature Algorithm: sha256WithRSAEncryption a1:8d:5b:50:f1:94:e2:e2:1c:e8:40:16:93:6e:a3:eb:ae:6a: 12:23:b9:6d:b7:a6:da:36:75:86:d1:c3:ba:c5:3e:7d:09:8a: 18:d9:f1:84:7b:1c:c4:1e:2a:d9:80:89:e2:86:0b:90:31:08: f5:d2:90:d5:e7:b6:da:55:cf:df:a2:a8:d3:81:18:4d:c8:68: 37:a8:67:21:ac:39:45:85:7d:45:b4:01:81:60:be:2c:7e:ce: fa:c6:17:11:88:73:29:d5:f7:49:86:e5:20:fb:65:d4:05:48: cd:08:ee:a1:18:4e:b7:c9:93:82:1c:7f:b8:d0:97:96:06:80: e6:ec:e5:eb:01:27:6e:fc:4d:2e:79:b5:a8:7e:a6:ae:5a:b5: 98:9b:89:fa:1b:4e:86:65:97:8c:ba:34:e3:9a:95:96:8b:01: bb:f3:a6:5d:5f:d4:8d:a5:86:dd:ef:a5:45:ee:61:f4:a6:79: b5:16:b4:d7:1e:fc:8f:be:9d:83:63:50:a0:6a:83:11:6d:02: 7c:9a:fb:0d:f6:6b:c7:6f:8d:02:9b:00:c8:af:60:d3:f6:1f: ef:9b:61:60:63:49:89:6b:6b:63:77:bb:b4:da:7b:b4:57:90: fb:7a:49:20:e3:83:8b:3a:00:c6:ed:4f:e6:b9:8e:f9:ca:b6: 4c:42:43:c3 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICN40wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNDg0MloXDTI1MDkyNzAyNDAxNFowMzEx MC8GA1UEAxMoOTA3N0U3QjBBRjU4MEY3OEZFMDEwNjk5RkEwREI4MTA3RTE4NkYw NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSlDv7m2af94fR2Pp/C z+5PVReBVDUa984Ju+ISDRFwyvocQbD/3VH3R/g466rck5knK1cLgpIq0DYEEdVF /+AR5bIYN3b1t8kLXMeIIs9dnCzcTok7BxLCbhRDA0GA0DcAjOI2mxubpy9xcsnS QO5E1ZZaYJhrKgGRE+qc3WbcYNsDJPXGtbXwqRtfLz2bikHEWSCxBXVCtM82L0D/ FTzzSGmdSDBpOWxGJ7gJPMEq8U9+/vOEZ5nnef92jyvZ/yPFAtlfy1Gef/E0EhSa tnAphHSvoJHbR2LdI5rqldP8sbgfE/OdWbZhcwc8y1PM28+lMVdMYAlreQT3TIBf GcECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQd+ewr1gPeP4BBpn6DbgQfhhvBzAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjYyL2tIZm5zSzlZRDNqLUFRYVotZzI0RUg0WWJ3Yy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdD14wDQYJKoZIhvcNAQELBQAD ggEBAKGNW1DxlOLiHOhAFpNuo+uuahIjuW23pto2dYbRw7rFPn0JihjZ8YR7HMQe KtmAieKGC5AxCPXSkNXnttpVz9+iqNOBGE3IaDeoZyGsOUWFfUW0AYFgvix+zvrG FxGIcynV90mG5SD7ZdQFSM0I7qEYTrfJk4Icf7jQl5YGgObs5esBJ278TS55tah+ pq5atZibifobToZll4y6NOOalZaLAbvzpl1f1I2lht3vpUXuYfSmebUWtNce/I++ nYNjUKBqgxFtAnya+w32a8dvjQKbAMivYNP2H++bYWBjSYlra2N3u7Tae7RXkPt6 SSDjg4s6AMbtT+a5jvnKtkxCQ8M= -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:18 2024 by rpki-client on console-fra.rpki-client.org