Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer
File: kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer (raw, json)
Hash identifier: 7t+WRrZc6yZMDWlh7W327LEIbHjl22A+BHW7P3Nbn74=
Subject key identifier: 90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07
Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Certificate serial: 378D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:48:42 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: IP: 157.15.94.0/23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14221 (0x378d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Sep 27 02:48:42 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9077E7B0AF580F78FE010699FA0DB8107E186F07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:0e:fe:e6:d9:a7:fd:e1:f4:76:3e:9f:c2:
cf:ee:4f:55:17:81:54:35:1a:f7:ce:09:bb:e2:12:
0d:11:70:ca:fa:1c:41:b0:ff:dd:51:f7:47:f8:38:
eb:aa:dc:93:99:27:2b:57:0b:82:92:2a:d0:36:04:
11:d5:45:ff:e0:11:e5:b2:18:37:76:f5:b7:c9:0b:
5c:c7:88:22:cf:5d:9c:2c:dc:4e:89:3b:07:12:c2:
6e:14:43:03:41:80:d0:37:00:8c:e2:36:9b:1b:9b:
a7:2f:71:72:c9:d2:40:ee:44:d5:96:5a:60:98:6b:
2a:01:91:13:ea:9c:dd:66:dc:60:db:03:24:f5:c6:
b5:b5:f0:a9:1b:5f:2f:3d:9b:8a:41:c4:59:20:b1:
05:75:42:b4:cf:36:2f:40:ff:15:3c:f3:48:69:9d:
48:30:69:39:6c:46:27:b8:09:3c:c1:2a:f1:4f:7e:
fe:f3:84:67:99:e7:79:ff:76:8f:2b:d9:ff:23:c5:
02:d9:5f:cb:51:9e:7f:f1:34:12:14:9a:b6:70:29:
84:74:af:a0:91:db:47:62:dd:23:9a:ea:95:d3:fc:
b1:b8:1f:13:f3:9d:59:b6:61:73:07:3c:cb:53:cc:
db:cf:a5:31:57:4c:60:09:6b:79:04:f7:4c:80:5f:
19:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07
X509v3 Authority Key Identifier:
keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.94.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:8d:5b:50:f1:94:e2:e2:1c:e8:40:16:93:6e:a3:eb:ae:6a:
12:23:b9:6d:b7:a6:da:36:75:86:d1:c3:ba:c5:3e:7d:09:8a:
18:d9:f1:84:7b:1c:c4:1e:2a:d9:80:89:e2:86:0b:90:31:08:
f5:d2:90:d5:e7:b6:da:55:cf:df:a2:a8:d3:81:18:4d:c8:68:
37:a8:67:21:ac:39:45:85:7d:45:b4:01:81:60:be:2c:7e:ce:
fa:c6:17:11:88:73:29:d5:f7:49:86:e5:20:fb:65:d4:05:48:
cd:08:ee:a1:18:4e:b7:c9:93:82:1c:7f:b8:d0:97:96:06:80:
e6:ec:e5:eb:01:27:6e:fc:4d:2e:79:b5:a8:7e:a6:ae:5a:b5:
98:9b:89:fa:1b:4e:86:65:97:8c:ba:34:e3:9a:95:96:8b:01:
bb:f3:a6:5d:5f:d4:8d:a5:86:dd:ef:a5:45:ee:61:f4:a6:79:
b5:16:b4:d7:1e:fc:8f:be:9d:83:63:50:a0:6a:83:11:6d:02:
7c:9a:fb:0d:f6:6b:c7:6f:8d:02:9b:00:c8:af:60:d3:f6:1f:
ef:9b:61:60:63:49:89:6b:6b:63:77:bb:b4:da:7b:b4:57:90:
fb:7a:49:20:e3:83:8b:3a:00:c6:ed:4f:e6:b9:8e:f9:ca:b6:
4c:42:43:c3
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgICN40wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw
QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNDg0MloXDTI1MDkyNzAyNDAxNFowMzEx
MC8GA1UEAxMoOTA3N0U3QjBBRjU4MEY3OEZFMDEwNjk5RkEwREI4MTA3RTE4NkYw
NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSlDv7m2af94fR2Pp/C
z+5PVReBVDUa984Ju+ISDRFwyvocQbD/3VH3R/g466rck5knK1cLgpIq0DYEEdVF
/+AR5bIYN3b1t8kLXMeIIs9dnCzcTok7BxLCbhRDA0GA0DcAjOI2mxubpy9xcsnS
QO5E1ZZaYJhrKgGRE+qc3WbcYNsDJPXGtbXwqRtfLz2bikHEWSCxBXVCtM82L0D/
FTzzSGmdSDBpOWxGJ7gJPMEq8U9+/vOEZ5nnef92jyvZ/yPFAtlfy1Gef/E0EhSa
tnAphHSvoJHbR2LdI5rqldP8sbgfE/OdWbZhcwc8y1PM28+lMVdMYAlreQT3TIBf
GcECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQd+ewr1gPeP4BBpn6DbgQfhhvBzAf
BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx
RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF
BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2
Mi8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zMjYyL2tIZm5zSzlZRDNqLUFRYVotZzI0RUg0WWJ3Yy5tZnQwMQYI
KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdD14wDQYJKoZIhvcNAQELBQAD
ggEBAKGNW1DxlOLiHOhAFpNuo+uuahIjuW23pto2dYbRw7rFPn0JihjZ8YR7HMQe
KtmAieKGC5AxCPXSkNXnttpVz9+iqNOBGE3IaDeoZyGsOUWFfUW0AYFgvix+zvrG
FxGIcynV90mG5SD7ZdQFSM0I7qEYTrfJk4Icf7jQl5YGgObs5esBJ278TS55tah+
pq5atZibifobToZll4y6NOOalZaLAbvzpl1f1I2lht3vpUXuYfSmebUWtNce/I++
nYNjUKBqgxFtAnya+w32a8dvjQKbAMivYNP2H++bYWBjSYlra2N3u7Tae7RXkPt6
SSDjg4s6AMbtT+a5jvnKtkxCQ8M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:19:52 2025 by rpki-client