Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/maW4vf7fXMZl0xiUSxszfKze1CA.cer
File: maW4vf7fXMZl0xiUSxszfKze1CA.cer (raw, json)
Hash identifier: Jdqn6vB0jDn80PucN0Gc7vmHqRK4Pi+3Nr+w6F3A5Ek=
Subject key identifier: 99:A5:B8:BD:FE:DF:5C:C6:65:D3:18:94:4B:1B:33:7C:AC:DE:D4:20
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CE81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/maW4vf7fXMZl0xiUSxszfKze1CA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:14:59 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 63646
AS: 63648
AS: 139162 -- 139165
IP: 103.73.48.0/22
IP: 103.86.204.0 -- 103.87.7.255
IP: 116.85.0.0/16
IP: 117.51.0.0/16
IP: 2400:c840::/32
IP: 2400:c8c0::/32
IP: 2400:c940::/32
IP: 2400:c9c0::/32
IP: 2400:ca40::/32
IP: 2400:cac0::/32
IP: 2400:cb40::/32
IP: 2400:cbc0::/32
IP: 2400:cc40::/32
IP: 2400:ccc0::/32
IP: 2400:cd40::/32
IP: 2400:cdc0::/32
IP: 2400:ce40::/32
IP: 2400:cf40::/32
IP: 2400:cfc0::/32
IP: 2402:840::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52865 (0xce81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:14:59 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=99A5B8BDFEDF5CC665D318944B1B337CACDED420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:eb:d7:85:bc:fc:2a:d0:86:2a:88:9d:2c:03:
7e:9f:b8:98:41:80:20:cd:df:d6:8c:7c:70:68:68:
6e:c5:82:9c:ff:e5:34:6a:c4:11:97:11:f2:ee:d8:
ca:0a:88:29:c5:9e:0a:04:76:c8:88:90:db:a7:63:
dc:3a:11:ae:33:9e:ec:99:58:55:19:b2:a3:05:46:
3a:03:0b:89:e6:0b:2d:e8:59:be:fd:ad:45:55:1e:
fc:4c:4e:06:5c:94:5c:b6:c4:8a:27:bb:cb:17:2f:
fb:2f:8b:0c:11:2e:b2:1b:d9:20:93:c3:c0:f3:5d:
0d:64:8c:fc:ca:57:19:48:61:39:9d:24:eb:e5:cf:
08:71:76:3d:5d:55:fc:da:76:8e:5d:a7:8a:ba:ee:
39:5f:de:47:99:38:fd:d1:e1:b7:88:af:d5:f1:08:
c8:51:6c:ca:ae:47:6b:6d:2e:ae:20:43:4f:3a:4f:
67:93:a7:ba:1f:a5:76:15:11:40:41:5c:3d:e7:b9:
ef:31:0a:15:62:2b:83:5d:37:bf:42:aa:77:2d:ac:
33:e6:6f:2c:3c:28:b2:54:d5:fa:b2:0f:3d:25:7b:
33:75:78:4a:11:8e:f2:c2:b1:8f:27:e6:26:26:8e:
31:a9:f6:8e:c6:33:a9:3d:09:b5:7c:48:ff:ec:32:
7c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A5:B8:BD:FE:DF:5C:C6:65:D3:18:94:4B:1B:33:7C:AC:DE:D4:20
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/maW4vf7fXMZl0xiUSxszfKze1CA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63646
63648
139162-139165
sbgp-ipAddrBlock: critical
IPv4:
103.73.48.0/22
103.86.204.0-103.87.7.255
116.85.0.0/16
117.51.0.0/16
IPv6:
2400:c840::/32
2400:c8c0::/32
2400:c940::/32
2400:c9c0::/32
2400:ca40::/32
2400:cac0::/32
2400:cb40::/32
2400:cbc0::/32
2400:cc40::/32
2400:ccc0::/32
2400:cd40::/32
2400:cdc0::/32
2400:ce40::/32
2400:cf40::/32
2400:cfc0::/32
2402:840::/32
Signature Algorithm: sha256WithRSAEncryption
10:d4:a9:b0:7e:57:6f:78:a9:1a:06:9c:61:21:93:b6:26:77:
f5:a0:42:e4:dd:56:1a:27:bd:a7:04:be:02:ee:0a:16:ec:11:
f3:39:e5:8a:de:7d:46:c7:e7:12:37:af:3a:22:1c:15:d4:6c:
25:ff:07:f0:d8:75:df:f1:b6:a5:1f:9b:aa:b7:92:0f:b9:b6:
7a:e0:1b:d3:d4:d2:aa:85:a0:cb:25:6d:12:79:53:86:a6:d6:
9b:8d:7b:e1:f0:79:ad:43:26:73:00:55:36:c4:70:7a:c3:2f:
ea:a2:ba:e2:56:0d:04:59:4b:5f:fb:39:f6:33:26:ab:60:8a:
50:84:3c:88:b1:ee:01:8f:bc:a0:bf:04:c2:32:1b:d7:1d:dd:
2a:58:c3:c5:9d:68:6e:e6:16:4c:95:51:2c:f6:59:7b:74:fd:
ef:82:4a:4a:9a:e4:69:d3:ad:b5:a8:32:65:9d:c3:ad:62:46:
31:4b:d4:f4:1a:60:4d:00:2e:18:d0:ab:4e:64:06:98:9f:32:
5f:1a:f1:e5:5c:29:3a:fb:cf:42:b9:43:76:4e:67:bf:2b:c0:
2f:b7:be:ae:22:4a:0b:e0:37:e7:8a:29:2f:25:78:fe:a7:e0:
fb:56:d7:4d:04:8f:c3:fc:21:9e:8c:12:b4:1b:12:33:25:87:
5a:93:72:b5
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIDAM6BMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE0NTlaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDk5QTVCOEJERkVERjVDQzY2NUQzMTg5NDRCMUIzMzdDQUNERUQ0
MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs69eFvPwq0IYqiJ0s
A36fuJhBgCDN39aMfHBoaG7Fgpz/5TRqxBGXEfLu2MoKiCnFngoEdsiIkNunY9w6
Ea4znuyZWFUZsqMFRjoDC4nmCy3oWb79rUVVHvxMTgZclFy2xIonu8sXL/sviwwR
LrIb2SCTw8DzXQ1kjPzKVxlIYTmdJOvlzwhxdj1dVfzado5dp4q67jlf3keZOP3R
4beIr9XxCMhRbMquR2ttLq4gQ086T2eTp7ofpXYVEUBBXD3nue8xChViK4NdN79C
qnctrDPmbyw8KLJU1fqyDz0lezN1eEoRjvLCsY8n5iYmjjGp9o7GM6k9CbV8SP/s
MnzxAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUmaW4vf7fXMZl0xiUSxszfKze1CAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIx
MDAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjEwMC9tYVc0dmY3ZlhNWmwweGlVU3hzemZLemUxQ0EubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCsGCCsGAQUFBwEIAQH/BBwwGqAYMBYCAwD4ngIDAPigMAoCAwIfmgIDAh+dMIGx
BggrBgEFBQcBBwEB/wSBoTCBnjAkBAIAATAeAwQCZ0kwMAwDBAJnVswDBANnVwAD
AwB0VQMDAHUzMHYEAgACMHADBQAkAMhAAwUAJADIwAMFACQAyUADBQAkAMnAAwUA
JADKQAMFACQAysADBQAkAMtAAwUAJADLwAMFACQAzEADBQAkAMzAAwUAJADNQAMF
ACQAzcADBQAkAM5AAwUAJADPQAMFACQAz8ADBQAkAghAMA0GCSqGSIb3DQEBCwUA
A4IBAQAQ1KmwfldveKkaBpxhIZO2Jnf1oELk3VYaJ72nBL4C7goW7BHzOeWK3n1G
x+cSN686IhwV1Gwl/wfw2HXf8balH5uqt5IPubZ64BvT1NKqhaDLJW0SeVOGptab
jXvh8HmtQyZzAFU2xHB6wy/qorriVg0EWUtf+zn2MyarYIpQhDyIse4Bj7ygvwTC
MhvXHd0qWMPFnWhu5hZMlVEs9ll7dP3vgkpKmuRp0621qDJlncOtYkYxS9T0GmBN
AC4Y0KtOZAaYnzJfGvHlXCk6+89CuUN2Tme/K8Avt76uIkoL4DfniikvJXj+p+D7
VtdNBI/D/CGejBK0GxIzJYdak3K1
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:22:20 2025 by rpki-client