Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/maW4vf7fXMZl0xiUSxszfKze1CA.cer
File: maW4vf7fXMZl0xiUSxszfKze1CA.cer (raw, json)
Hash identifier: C2aBsbiIoss4PFV9zbyOEut/3PnrbcjRBVtr2I+ZnIs=
Subject key identifier: 99:A5:B8:BD:FE:DF:5C:C6:65:D3:18:94:4B:1B:33:7C:AC:DE:D4:20
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AF8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/maW4vf7fXMZl0xiUSxszfKze1CA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:24:30 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 63646
AS: 63648
AS: 139162 -- 139165
IP: 103.73.48.0/22
IP: 103.86.204.0 -- 103.87.7.255
IP: 116.85.0.0/16
IP: 117.51.0.0/16
IP: 2400:c840::/32
IP: 2400:c8c0::/32
IP: 2400:c940::/32
IP: 2400:c9c0::/32
IP: 2400:ca40::/32
IP: 2400:cac0::/32
IP: 2400:cb40::/32
IP: 2400:cbc0::/32
IP: 2400:cc40::/32
IP: 2400:ccc0::/32
IP: 2400:cd40::/32
IP: 2400:cdc0::/32
IP: 2400:ce40::/32
IP: 2400:cf40::/32
IP: 2400:cfc0::/32
IP: 2402:840::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 May 2024 05:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44941 (0xaf8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:24:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=99A5B8BDFEDF5CC665D318944B1B337CACDED420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:eb:d7:85:bc:fc:2a:d0:86:2a:88:9d:2c:03:
7e:9f:b8:98:41:80:20:cd:df:d6:8c:7c:70:68:68:
6e:c5:82:9c:ff:e5:34:6a:c4:11:97:11:f2:ee:d8:
ca:0a:88:29:c5:9e:0a:04:76:c8:88:90:db:a7:63:
dc:3a:11:ae:33:9e:ec:99:58:55:19:b2:a3:05:46:
3a:03:0b:89:e6:0b:2d:e8:59:be:fd:ad:45:55:1e:
fc:4c:4e:06:5c:94:5c:b6:c4:8a:27:bb:cb:17:2f:
fb:2f:8b:0c:11:2e:b2:1b:d9:20:93:c3:c0:f3:5d:
0d:64:8c:fc:ca:57:19:48:61:39:9d:24:eb:e5:cf:
08:71:76:3d:5d:55:fc:da:76:8e:5d:a7:8a:ba:ee:
39:5f:de:47:99:38:fd:d1:e1:b7:88:af:d5:f1:08:
c8:51:6c:ca:ae:47:6b:6d:2e:ae:20:43:4f:3a:4f:
67:93:a7:ba:1f:a5:76:15:11:40:41:5c:3d:e7:b9:
ef:31:0a:15:62:2b:83:5d:37:bf:42:aa:77:2d:ac:
33:e6:6f:2c:3c:28:b2:54:d5:fa:b2:0f:3d:25:7b:
33:75:78:4a:11:8e:f2:c2:b1:8f:27:e6:26:26:8e:
31:a9:f6:8e:c6:33:a9:3d:09:b5:7c:48:ff:ec:32:
7c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A5:B8:BD:FE:DF:5C:C6:65:D3:18:94:4B:1B:33:7C:AC:DE:D4:20
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/maW4vf7fXMZl0xiUSxszfKze1CA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63646
63648
139162-139165
sbgp-ipAddrBlock: critical
IPv4:
103.73.48.0/22
103.86.204.0-103.87.7.255
116.85.0.0/16
117.51.0.0/16
IPv6:
2400:c840::/32
2400:c8c0::/32
2400:c940::/32
2400:c9c0::/32
2400:ca40::/32
2400:cac0::/32
2400:cb40::/32
2400:cbc0::/32
2400:cc40::/32
2400:ccc0::/32
2400:cd40::/32
2400:cdc0::/32
2400:ce40::/32
2400:cf40::/32
2400:cfc0::/32
2402:840::/32
Signature Algorithm: sha256WithRSAEncryption
95:64:b9:ad:c6:45:ea:d6:68:3b:8e:77:aa:fe:46:ba:a6:f6:
02:67:82:75:07:82:c5:54:b6:ee:1d:9c:b4:38:8f:bb:f2:50:
ab:d5:05:0c:f3:4a:c8:4a:42:8e:1b:f7:fb:76:bc:c0:d0:f5:
0a:92:ff:94:14:25:76:10:94:9a:41:e5:3e:1d:bc:6e:5e:b2:
d7:5d:31:28:97:99:94:cb:b2:a2:ac:10:f2:8e:a6:c2:83:5e:
cf:2c:48:f5:cd:ba:15:d9:86:f8:44:88:d4:44:d7:20:47:2a:
81:df:96:53:2b:d4:17:9a:9e:01:b2:df:1e:53:23:7f:e4:ab:
27:65:4f:91:05:01:bf:5c:32:51:54:9f:9d:24:c1:fc:1f:61:
bd:db:48:13:96:32:da:db:58:85:9d:38:12:cc:75:b2:f8:97:
51:22:0a:94:a8:a4:e9:43:06:8f:eb:86:ab:af:75:f6:34:2c:
cf:64:e3:3b:bf:33:ca:ff:d8:09:ed:42:a3:1f:f0:e5:35:1f:
08:d7:a5:d5:d6:6b:5c:1f:0e:c2:60:b7:1f:83:fd:9a:2f:fd:
ae:e5:84:8a:b1:21:f5:f8:bb:27:d7:fa:58:31:64:65:c7:81:
16:1a:6d:20:7d:30:40:e2:5c:bb:01:9f:d1:84:03:24:34:05:
9d:e1:27:f1
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIDAK+NMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTI0MzBaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKDk5QTVCOEJERkVERjVDQzY2NUQzMTg5NDRCMUIzMzdDQUNERUQ0
MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs69eFvPwq0IYqiJ0s
A36fuJhBgCDN39aMfHBoaG7Fgpz/5TRqxBGXEfLu2MoKiCnFngoEdsiIkNunY9w6
Ea4znuyZWFUZsqMFRjoDC4nmCy3oWb79rUVVHvxMTgZclFy2xIonu8sXL/sviwwR
LrIb2SCTw8DzXQ1kjPzKVxlIYTmdJOvlzwhxdj1dVfzado5dp4q67jlf3keZOP3R
4beIr9XxCMhRbMquR2ttLq4gQ086T2eTp7ofpXYVEUBBXD3nue8xChViK4NdN79C
qnctrDPmbyw8KLJU1fqyDz0lezN1eEoRjvLCsY8n5iYmjjGp9o7GM6k9CbV8SP/s
MnzxAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUmaW4vf7fXMZl0xiUSxszfKze1CAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIx
MDAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjEwMC9tYVc0dmY3ZlhNWmwweGlVU3hzemZLemUxQ0EubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCsGCCsGAQUFBwEIAQH/BBwwGqAYMBYCAwD4ngIDAPigMAoCAwIfmgIDAh+dMIGx
BggrBgEFBQcBBwEB/wSBoTCBnjAkBAIAATAeAwQCZ0kwMAwDBAJnVswDBANnVwAD
AwB0VQMDAHUzMHYEAgACMHADBQAkAMhAAwUAJADIwAMFACQAyUADBQAkAMnAAwUA
JADKQAMFACQAysADBQAkAMtAAwUAJADLwAMFACQAzEADBQAkAMzAAwUAJADNQAMF
ACQAzcADBQAkAM5AAwUAJADPQAMFACQAz8ADBQAkAghAMA0GCSqGSIb3DQEBCwUA
A4IBAQCVZLmtxkXq1mg7jneq/ka6pvYCZ4J1B4LFVLbuHZy0OI+78lCr1QUM80rI
SkKOG/f7drzA0PUKkv+UFCV2EJSaQeU+HbxuXrLXXTEol5mUy7KirBDyjqbCg17P
LEj1zboV2Yb4RIjURNcgRyqB35ZTK9QXmp4Bst8eUyN/5KsnZU+RBQG/XDJRVJ+d
JMH8H2G920gTljLa21iFnTgSzHWy+JdRIgqUqKTpQwaP64arr3X2NCzPZOM7vzPK
/9gJ7UKjH/DlNR8I16XV1mtcHw7CYLcfg/2aL/2u5YSKsSH1+Lsn1/pYMWRlx4EW
Gm0gfTBA4ly7AZ/RhAMkNAWd4Sfx
-----END CERTIFICATE-----
Generated at Sun May 19 00:38:45 2024 by rpki-client on console-ams.rpki-client.org