Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/maW4vf7fXMZl0xiUSxszfKze1CA.cer
File: maW4vf7fXMZl0xiUSxszfKze1CA.cer (raw, json)
Hash identifier: 9/pWizcXIUB3VM2gdI5/xpOdf2S1Si2dybWLw8daFgs=
Subject key identifier: 99:A5:B8:BD:FE:DF:5C:C6:65:D3:18:94:4B:1B:33:7C:AC:DE:D4:20
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BCBF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/maW4vf7fXMZl0xiUSxszfKze1CA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:57:28 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 63646
AS: 63648
AS: 139162 -- 139165
IP: 103.73.48.0/22
IP: 103.86.204.0 -- 103.87.7.255
IP: 116.85.0.0/16
IP: 117.51.0.0/16
IP: 2400:c840::/32
IP: 2400:c8c0::/32
IP: 2400:c940::/32
IP: 2400:c9c0::/32
IP: 2400:ca40::/32
IP: 2400:cac0::/32
IP: 2400:cb40::/32
IP: 2400:cbc0::/32
IP: 2400:cc40::/32
IP: 2400:ccc0::/32
IP: 2400:cd40::/32
IP: 2400:cdc0::/32
IP: 2400:ce40::/32
IP: 2400:cf40::/32
IP: 2400:cfc0::/32
IP: 2402:840::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48319 (0xbcbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:57:28 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=99A5B8BDFEDF5CC665D318944B1B337CACDED420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:eb:d7:85:bc:fc:2a:d0:86:2a:88:9d:2c:03:
7e:9f:b8:98:41:80:20:cd:df:d6:8c:7c:70:68:68:
6e:c5:82:9c:ff:e5:34:6a:c4:11:97:11:f2:ee:d8:
ca:0a:88:29:c5:9e:0a:04:76:c8:88:90:db:a7:63:
dc:3a:11:ae:33:9e:ec:99:58:55:19:b2:a3:05:46:
3a:03:0b:89:e6:0b:2d:e8:59:be:fd:ad:45:55:1e:
fc:4c:4e:06:5c:94:5c:b6:c4:8a:27:bb:cb:17:2f:
fb:2f:8b:0c:11:2e:b2:1b:d9:20:93:c3:c0:f3:5d:
0d:64:8c:fc:ca:57:19:48:61:39:9d:24:eb:e5:cf:
08:71:76:3d:5d:55:fc:da:76:8e:5d:a7:8a:ba:ee:
39:5f:de:47:99:38:fd:d1:e1:b7:88:af:d5:f1:08:
c8:51:6c:ca:ae:47:6b:6d:2e:ae:20:43:4f:3a:4f:
67:93:a7:ba:1f:a5:76:15:11:40:41:5c:3d:e7:b9:
ef:31:0a:15:62:2b:83:5d:37:bf:42:aa:77:2d:ac:
33:e6:6f:2c:3c:28:b2:54:d5:fa:b2:0f:3d:25:7b:
33:75:78:4a:11:8e:f2:c2:b1:8f:27:e6:26:26:8e:
31:a9:f6:8e:c6:33:a9:3d:09:b5:7c:48:ff:ec:32:
7c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A5:B8:BD:FE:DF:5C:C6:65:D3:18:94:4B:1B:33:7C:AC:DE:D4:20
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2100/maW4vf7fXMZl0xiUSxszfKze1CA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63646
63648
139162-139165
sbgp-ipAddrBlock: critical
IPv4:
103.73.48.0/22
103.86.204.0-103.87.7.255
116.85.0.0/16
117.51.0.0/16
IPv6:
2400:c840::/32
2400:c8c0::/32
2400:c940::/32
2400:c9c0::/32
2400:ca40::/32
2400:cac0::/32
2400:cb40::/32
2400:cbc0::/32
2400:cc40::/32
2400:ccc0::/32
2400:cd40::/32
2400:cdc0::/32
2400:ce40::/32
2400:cf40::/32
2400:cfc0::/32
2402:840::/32
Signature Algorithm: sha256WithRSAEncryption
09:84:3a:ba:e9:9e:fe:95:5f:0e:90:14:d1:2c:38:2b:30:fa:
f8:63:64:b9:9b:d5:e3:ff:b8:a9:5d:bb:55:48:e0:ca:54:e1:
23:66:c8:8e:24:52:8d:d9:ef:53:da:e2:2b:a9:3f:04:f1:a2:
29:79:b1:a9:b1:1d:1d:f7:97:73:c7:bc:31:90:4a:b4:b7:dd:
9a:9f:9b:5b:b9:50:33:94:c5:99:bc:47:36:6b:03:10:23:4b:
a2:76:23:de:05:80:5d:d3:d3:b0:73:5f:07:71:3e:f0:de:46:
95:10:3c:2d:42:04:83:e4:ad:73:28:74:24:49:ad:71:8a:c7:
cc:93:62:11:f2:f2:fc:5c:6f:e0:f2:5c:c6:b1:4e:d5:8d:61:
10:48:44:23:97:ba:ae:8e:df:ab:ff:ee:60:30:6a:a5:c6:dc:
da:3e:b3:a1:4b:2c:99:3a:8d:3c:0b:17:83:da:72:07:29:99:
ac:71:a3:81:dc:1f:92:96:b7:89:b3:6a:db:d5:b3:81:f6:fd:
e4:b3:18:b8:ca:28:d5:32:ed:a7:6b:6a:28:3e:87:9e:5c:82:
69:5e:b4:75:d2:68:b7:9c:6c:8d:91:91:6d:f7:db:aa:94:1f:
f8:79:9f:95:a1:d3:42:12:a4:99:c7:38:3c:00:07:d2:df:f9:
7e:f8:53:c7
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIDALy/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU3MjhaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDk5QTVCOEJERkVERjVDQzY2NUQzMTg5NDRCMUIzMzdDQUNERUQ0
MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs69eFvPwq0IYqiJ0s
A36fuJhBgCDN39aMfHBoaG7Fgpz/5TRqxBGXEfLu2MoKiCnFngoEdsiIkNunY9w6
Ea4znuyZWFUZsqMFRjoDC4nmCy3oWb79rUVVHvxMTgZclFy2xIonu8sXL/sviwwR
LrIb2SCTw8DzXQ1kjPzKVxlIYTmdJOvlzwhxdj1dVfzado5dp4q67jlf3keZOP3R
4beIr9XxCMhRbMquR2ttLq4gQ086T2eTp7ofpXYVEUBBXD3nue8xChViK4NdN79C
qnctrDPmbyw8KLJU1fqyDz0lezN1eEoRjvLCsY8n5iYmjjGp9o7GM6k9CbV8SP/s
MnzxAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUmaW4vf7fXMZl0xiUSxszfKze1CAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIx
MDAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjEwMC9tYVc0dmY3ZlhNWmwweGlVU3hzemZLemUxQ0EubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCsGCCsGAQUFBwEIAQH/BBwwGqAYMBYCAwD4ngIDAPigMAoCAwIfmgIDAh+dMIGx
BggrBgEFBQcBBwEB/wSBoTCBnjAkBAIAATAeAwQCZ0kwMAwDBAJnVswDBANnVwAD
AwB0VQMDAHUzMHYEAgACMHADBQAkAMhAAwUAJADIwAMFACQAyUADBQAkAMnAAwUA
JADKQAMFACQAysADBQAkAMtAAwUAJADLwAMFACQAzEADBQAkAMzAAwUAJADNQAMF
ACQAzcADBQAkAM5AAwUAJADPQAMFACQAz8ADBQAkAghAMA0GCSqGSIb3DQEBCwUA
A4IBAQAJhDq66Z7+lV8OkBTRLDgrMPr4Y2S5m9Xj/7ipXbtVSODKVOEjZsiOJFKN
2e9T2uIrqT8E8aIpebGpsR0d95dzx7wxkEq0t92an5tbuVAzlMWZvEc2awMQI0ui
diPeBYBd09Owc18HcT7w3kaVEDwtQgSD5K1zKHQkSa1xisfMk2IR8vL8XG/g8lzG
sU7VjWEQSEQjl7qujt+r/+5gMGqlxtzaPrOhSyyZOo08CxeD2nIHKZmscaOB3B+S
lreJs2rb1bOB9v3ksxi4yijVMu2na2ooPoeeXIJpXrR10mi3nGyNkZFt99uqlB/4
eZ+VodNCEqSZxzg8AAfS3/l++FPH
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:14:40 2024 by rpki-client on console-ams.rpki-client.org