$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer (raw, json) Hash identifier: DbV6D0L5yqKD3g1jRNMEPPFpGX/Xhp6O8XCYmHNLnJg= Subject key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 37AF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:52:33 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 157.10.220.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 08:54:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14255 (0x37af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Sep 27 02:52:33 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:88:3c:a6:c9:f5:15:a4:7c:43:97:6f:54:b9: 88:2a:59:d0:98:20:99:f1:99:74:52:5f:3a:1d:77: d6:96:95:1b:12:23:3e:60:1f:68:1e:95:c4:c9:ef: 4d:d6:2c:d3:21:50:e1:67:ea:f2:55:b8:ad:d3:6d: 55:e2:73:69:f9:0a:43:e4:c7:77:47:e6:0d:07:99: 81:4a:2b:8a:fe:3a:12:f9:bb:2c:07:ba:df:f1:bd: 41:07:d6:77:5f:b6:f2:8b:ab:34:7b:00:cf:18:b1: 52:ad:fa:04:c1:84:cd:49:11:cc:90:39:c6:ca:3b: e6:93:f5:53:4c:9d:d1:aa:be:23:44:6a:20:74:1c: e3:00:a6:03:28:18:d9:23:fc:8c:ce:7f:8b:9c:c6: 4b:78:3f:81:10:fd:6a:38:6e:22:09:c3:7a:80:52: af:0a:f3:b2:f9:32:cb:66:aa:22:69:bf:0a:ea:52: ab:e3:5e:bb:76:34:85:d9:66:38:dc:e0:ae:e4:b6: c4:c0:2d:23:54:b1:2b:e7:ab:03:46:c1:b9:74:f7: b0:32:ee:b2:6c:3b:e9:77:74:0b:96:1d:f4:dd:e7: 69:5d:89:b8:56:c0:5f:d8:da:04:cd:f7:0d:4f:42: 74:ef:b1:54:d1:77:b5:e3:a4:7e:53:e2:36:84:71: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption af:dd:82:58:d0:96:99:d3:f5:ec:df:6e:56:cb:76:1a:9e:b6: 8e:e1:7f:1d:ad:f7:9e:00:d3:88:82:73:8b:9e:01:7c:16:3f: c4:a8:9b:91:60:a5:82:f2:4c:c7:51:06:55:6f:ff:60:ec:1b: be:d4:ec:c3:7e:ea:79:9a:92:24:b7:42:40:b3:07:77:e7:96: 18:41:fb:cf:f4:eb:47:af:65:26:95:46:86:fb:3b:58:c9:cf: 7f:d2:0b:3b:73:34:fc:3d:af:12:5d:77:b6:93:9c:0a:ef:51: 19:c4:5f:ce:33:df:f7:60:f1:72:ca:ae:4a:3b:d8:26:43:b9: 90:ab:aa:4c:a1:4a:9c:cc:29:28:04:9a:25:29:7f:7b:4a:b4: 30:cc:94:f8:fa:83:83:b7:8e:02:02:24:57:3c:34:51:28:4b: 25:f7:db:87:e2:fa:ae:ca:3b:fa:1e:38:9c:b7:42:3f:54:f8: d0:a0:22:46:4a:11:cb:70:97:d1:a2:53:9d:1f:ed:41:f8:df: 80:76:db:41:d3:d4:e4:3b:30:96:32:37:62:3d:c3:fb:9c:27: 90:43:ad:87:d2:d6:8a:c5:3c:9e:c6:13:1b:76:5f:b0:03:87: b6:1b:0f:00:0c:20:eb:5f:ec:3a:a8:0a:4c:11:86:55:39:dd: 3d:e0:5b:74 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICN68wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNTIzM1oXDTI1MDkyNzAyNDAxNFowMzEx MC8GA1UEAxMoOTBGMzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhF MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWIPKbJ9RWkfEOXb1S5 iCpZ0JggmfGZdFJfOh131paVGxIjPmAfaB6VxMnvTdYs0yFQ4Wfq8lW4rdNtVeJz afkKQ+THd0fmDQeZgUoriv46Evm7LAe63/G9QQfWd1+28ourNHsAzxixUq36BMGE zUkRzJA5xso75pP1U0yd0aq+I0RqIHQc4wCmAygY2SP8jM5/i5zGS3g/gRD9ajhu IgnDeoBSrwrzsvkyy2aqImm/CupSq+Neu3Y0hdlmONzgruS2xMAtI1SxK+erA0bB uXT3sDLusmw76Xd0C5Yd9N3naV2JuFbAX9jaBM33DU9CdO+xVNF3teOkflPiNoRx uTECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQ8w4d8yfRA5B/G+CO0+pkv7d44zAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU4L2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCtwwDQYJKoZIhvcNAQELBQAD ggEBAK/dgljQlpnT9ezfblbLdhqeto7hfx2t954A04iCc4ueAXwWP8Som5FgpYLy TMdRBlVv/2DsG77U7MN+6nmakiS3QkCzB3fnlhhB+8/060evZSaVRob7O1jJz3/S CztzNPw9rxJdd7aTnArvURnEX84z3/dg8XLKrko72CZDuZCrqkyhSpzMKSgEmiUp f3tKtDDMlPj6g4O3jgICJFc8NFEoSyX324fi+q7KO/oeOJy3Qj9U+NCgIkZKEctw l9GiU50f7UH434B220HT1OQ7MJYyN2I9w/ucJ5BDrYfS1orFPJ7GExt2X7ADh7Yb DwAMIOtf7DqoCkwRhlU53T3gW3Q= -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:17 2024 by rpki-client on console-ams.rpki-client.org