$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/lhDb2veO-a6MqrQpti0mfGB8eN0.cer File: lhDb2veO-a6MqrQpti0mfGB8eN0.cer (raw, json) Hash identifier: q59JHz1AI7yPEaKA5pwntM6qx4PFlT4kJn1XrWDBKeU= Subject key identifier: 96:10:DB:DA:F7:8E:F9:AE:8C:AA:B4:29:B6:2D:26:7C:60:7C:78:DD Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3831 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3319/lhDb2veO-a6MqrQpti0mfGB8eN0.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3319/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 09 Oct 2024 06:17:13 +0000 Certificate not after: Thu 09 Oct 2025 05:57:36 +0000 Subordinate resources: IP: 160.187.223.0/24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14385 (0x3831) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 9 06:17:13 2024 GMT Not After : Oct 9 05:57:36 2025 GMT Subject: CN=9610DBDAF78EF9AE8CAAB429B62D267C607C78DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0e:d1:ce:39:32:61:c7:0e:5c:76:88:e2:10: 6d:3c:86:77:f1:8a:c8:ec:97:bb:27:95:43:0c:a8: f0:b3:12:98:8a:06:7a:cf:17:f1:37:68:6f:f1:77: 11:fd:98:ab:43:a9:bd:d7:b8:fb:8e:aa:b0:0d:ac: af:dc:ae:1a:a5:46:de:80:46:ae:ca:9b:6a:5c:50: 82:64:8d:4b:fa:36:c2:7d:ab:86:d7:1a:1d:dc:19: c4:b7:45:e9:8a:03:09:a7:07:0b:40:70:69:1d:76: c9:fa:00:c6:49:8a:62:f1:db:27:07:53:e8:9e:29: 79:84:3e:0b:a5:66:be:c0:7b:4e:84:40:0a:c7:a8: 4c:fd:29:9c:06:59:ec:8a:dc:73:9d:b4:33:0d:48: ab:3c:11:16:3f:14:b1:51:6b:f3:d5:57:05:6c:7b: 55:77:18:00:43:cd:88:a8:d3:36:f4:ac:77:7d:00: d6:fb:cd:ff:1e:ba:ac:66:85:04:e2:7c:07:e6:07: 27:26:78:f8:6d:ff:1b:05:20:38:36:bc:b6:f0:eb: db:89:98:57:dd:32:f7:45:ac:d6:3a:98:70:10:3f: 68:7a:82:90:e6:98:b8:45:6a:44:42:3d:9d:4e:df: 77:8d:f4:8f:b7:71:11:94:e4:05:6c:27:da:1b:8a: 1c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:10:DB:DA:F7:8E:F9:AE:8C:AA:B4:29:B6:2D:26:7C:60:7C:78:DD X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3319/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3319/lhDb2veO-a6MqrQpti0mfGB8eN0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.187.223.0/24 Signature Algorithm: sha256WithRSAEncryption 64:85:20:f2:97:84:c1:b7:e6:49:68:b3:aa:3d:8d:b7:ed:b0: 60:3f:56:b4:b2:27:46:21:a0:d7:89:78:a2:52:f7:5a:31:55: 68:e8:d8:34:16:52:f9:c4:5b:26:09:26:fc:4d:6e:60:7d:5c: d9:e7:ad:88:c1:6c:dd:33:73:05:d9:d9:19:3f:ba:da:4d:ee: 92:71:bc:b6:7f:f6:75:d4:ef:3d:d5:08:72:59:7b:c2:48:e1: 4c:3c:bf:5a:24:08:3a:ba:31:6e:7f:1f:6e:be:ec:c1:ba:8a: e8:85:9a:e4:91:47:80:3d:94:cc:54:d8:db:d5:3e:c2:b1:5b: d0:b2:c6:bc:85:0b:3a:14:7d:86:cf:ea:b3:9d:94:79:78:83: 1b:9d:95:47:02:82:37:a0:7e:ea:33:f3:1c:b4:ce:fc:3d:c7: c4:7c:de:69:3f:16:b0:15:48:9e:52:af:fb:9c:1b:77:1c:02: db:1a:a5:35:f3:65:c9:fa:5f:02:90:8e:1a:05:37:24:05:2c: 4c:26:0c:66:62:9a:9c:9d:9d:99:5b:cb:bd:e0:a6:ab:ee:b6: e2:58:da:64:50:1f:34:0a:15:8d:71:3e:cf:18:6a:c7:3e:3a: 07:d8:99:33:d4:42:fc:b3:8b:8d:1c:cf:2f:62:bd:e4:4c:f4: 86:30:82:71 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICODEwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MTAwOTA2MTcxM1oXDTI1MTAwOTA1NTczNlowMzEx MC8GA1UEAxMoOTYxMERCREFGNzhFRjlBRThDQUFCNDI5QjYyRDI2N0M2MDdDNzhE RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKgO0c45MmHHDlx2iOIQ bTyGd/GKyOyXuyeVQwyo8LMSmIoGes8X8Tdob/F3Ef2Yq0Opvde4+46qsA2sr9yu GqVG3oBGrsqbalxQgmSNS/o2wn2rhtcaHdwZxLdF6YoDCacHC0BwaR12yfoAxkmK YvHbJwdT6J4peYQ+C6VmvsB7ToRACseoTP0pnAZZ7Ircc520Mw1IqzwRFj8UsVFr 89VXBWx7VXcYAEPNiKjTNvSsd30A1vvN/x66rGaFBOJ8B+YHJyZ4+G3/GwUgODa8 tvDr24mYV90y90Ws1jqYcBA/aHqCkOaYuEVqREI9nU7fd430j7dxEZTkBWwn2huK HNECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSWENva9475royqtCm2LSZ8YHx43TAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMx OS8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzE5L2xoRGIydmVPLWE2TXFyUXB0aTBtZkdCOGVOMC5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACgu98wDQYJKoZIhvcNAQELBQAD ggEBAGSFIPKXhMG35klos6o9jbftsGA/VrSyJ0YhoNeJeKJS91oxVWjo2DQWUvnE WyYJJvxNbmB9XNnnrYjBbN0zcwXZ2Rk/utpN7pJxvLZ/9nXU7z3VCHJZe8JI4Uw8 v1okCDq6MW5/H26+7MG6iuiFmuSRR4A9lMxU2NvVPsKxW9CyxryFCzoUfYbP6rOd lHl4gxudlUcCgjegfuoz8xy0zvw9x8R83mk/FrAVSJ5Sr/ucG3ccAtsapTXzZcn6 XwKQjhoFNyQFLEwmDGZimpydnZlby73gpqvutuJY2mRQHzQKFY1xPs8Yasc+OgfY mTPUQvyzi40czy9iveRM9IYwgnE= -----END CERTIFICATE-----Generated at Sat Nov 23 01:55:12 2024 by rpki-client on console-ams.rpki-client.org