Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/ngWjfokKtd79OHX80DVmocqs5DE.cer
File: ngWjfokKtd79OHX80DVmocqs5DE.cer (raw, json)
Hash identifier: 6vRfYITbBrjAvkRNx6I2Gu5M3JJLaf3cTiXFO+in/3I=
Subject key identifier: 9E:05:A3:7E:89:0A:B5:DE:FD:38:75:FC:D0:35:66:A1:CA:AC:E4:31
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CAFF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2038/ngWjfokKtd79OHX80DVmocqs5DE.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2038/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 21 Mar 2025 03:11:12 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 63620
IP: 59.153.116.0/22
IP: 103.70.220.0/22
IP: 2406:3d80::/32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51967 (0xcaff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Mar 21 03:11:12 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9E05A37E890AB5DEFD3875FCD03566A1CAACE431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:15:29:be:e7:b7:8f:0d:c3:33:e7:0c:41:75:
95:3b:f7:8a:7b:aa:b9:92:6f:8d:9f:71:ca:e9:5e:
45:30:b2:54:92:a2:dc:12:80:f1:b5:67:8b:63:a0:
31:f8:f9:ae:ee:bb:bb:55:8b:f8:cc:82:1d:9f:2d:
2e:95:41:3a:1a:c3:57:0e:82:3b:f3:c0:51:b6:ef:
fc:61:3b:b2:6f:70:ee:79:bf:ae:ee:fd:f8:42:de:
8d:f8:80:9f:83:2e:86:a2:b0:36:51:f0:74:38:ef:
fe:ed:08:e2:3f:90:50:d1:b8:94:8b:ad:f2:08:8d:
50:32:22:e1:e9:b8:f7:ca:7c:af:f5:08:dc:17:ad:
c8:9f:66:fa:3e:47:68:bf:7c:05:69:7d:3f:fd:62:
50:99:9d:dd:79:dc:22:db:4a:9e:a9:fb:eb:b4:87:
ee:da:d3:cb:2b:35:2e:c7:1e:38:8c:a1:1a:3f:44:
62:67:ac:dd:c8:14:d1:f0:24:0c:43:f6:fb:a8:34:
a1:f9:c9:c6:66:19:e8:0f:b6:d9:22:e3:2a:39:f4:
01:cc:09:19:96:93:c2:a6:68:dd:3b:97:11:c3:8f:
25:22:25:7e:75:dc:06:2e:e4:74:a8:9c:70:01:a6:
c4:81:19:45:ad:9b:2d:20:db:79:fb:98:d5:2f:3b:
45:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:05:A3:7E:89:0A:B5:DE:FD:38:75:FC:D0:35:66:A1:CA:AC:E4:31
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2038/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2038/ngWjfokKtd79OHX80DVmocqs5DE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
63620
sbgp-ipAddrBlock: critical
IPv4:
59.153.116.0/22
103.70.220.0/22
IPv6:
2406:3d80::/32
Signature Algorithm: sha256WithRSAEncryption
06:16:0f:f8:61:85:0f:50:f8:9d:f4:3e:60:90:da:7d:27:10:
71:46:2e:a5:fd:29:77:cf:61:8f:18:7d:4c:78:19:7f:a9:2c:
06:28:43:ff:d8:7c:24:cb:b9:7b:03:ab:a4:31:fe:c8:62:fc:
2e:15:eb:46:d7:db:a1:8d:6a:ec:b4:b5:64:29:8b:db:1f:34:
36:8d:54:16:c1:8b:61:5e:ea:3e:35:4d:e7:f0:0d:39:02:fa:
d0:20:6f:d5:f1:d2:5b:f1:72:39:9f:fd:d4:e9:15:f0:d7:12:
0a:43:33:98:1c:2c:a3:47:69:c4:67:4a:f2:95:6f:45:34:1a:
7d:d4:7f:41:c6:cd:f9:ca:f3:40:9b:ed:2d:31:a7:c8:b1:66:
45:71:fa:6f:47:95:e6:70:09:45:2b:47:f5:69:c6:9e:b5:c8:
82:ef:4f:dd:72:14:7b:9a:c3:f7:38:75:99:84:aa:a3:a3:3a:
85:ae:5e:09:eb:16:11:3f:7a:ca:3e:c9:f9:58:42:c5:be:f0:
24:cb:e7:09:22:3f:0d:5c:29:c2:3b:ec:f7:b8:97:cb:c0:05:
ff:1f:fd:86:2c:c9:bf:d6:d0:71:07:3c:70:4f:4a:a8:e5:b9:
a6:4c:ec:3d:1a:53:c0:2c:cb:f1:ec:a5:79:a3:bb:a0:23:20:
d1:1c:2c:68
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIDAMr/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTAzMjEwMzExMTJaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDlFMDVBMzdFODkwQUI1REVGRDM4NzVGQ0QwMzU2NkExQ0FBQ0U0
MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAFSm+57ePDcMz5wxB
dZU794p7qrmSb42fccrpXkUwslSSotwSgPG1Z4tjoDH4+a7uu7tVi/jMgh2fLS6V
QToaw1cOgjvzwFG27/xhO7JvcO55v67u/fhC3o34gJ+DLoaisDZR8HQ47/7tCOI/
kFDRuJSLrfIIjVAyIuHpuPfKfK/1CNwXrcifZvo+R2i/fAVpfT/9YlCZnd153CLb
Sp6p++u0h+7a08srNS7HHjiMoRo/RGJnrN3IFNHwJAxD9vuoNKH5ycZmGegPttki
4yo59AHMCRmWk8KmaN07lxHDjyUiJX513AYu5HSonHABpsSBGUWtmy0g23n7mNUv
O0VhAgMBAAGjggKGMIICgjAdBgNVHQ4EFgQUngWjfokKtd79OHX80DVmocqs5DEw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIw
MzgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjAzOC9uZ1dqZm9rS3RkNzlPSFg4MERWbW9jcXM1REUubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD4hDA0BggrBgEFBQcBBwEB/wQlMCMw
EgQCAAEwDAMEAjuZdAMEAmdG3DANBAIAAjAHAwUAJAY9gDANBgkqhkiG9w0BAQsF
AAOCAQEABhYP+GGFD1D4nfQ+YJDafScQcUYupf0pd89hjxh9THgZf6ksBihD/9h8
JMu5ewOrpDH+yGL8LhXrRtfboY1q7LS1ZCmL2x80No1UFsGLYV7qPjVN5/ANOQL6
0CBv1fHSW/FyOZ/91OkV8NcSCkMzmBwso0dpxGdK8pVvRTQafdR/QcbN+crzQJvt
LTGnyLFmRXH6b0eV5nAJRStH9WnGnrXIgu9P3XIUe5rD9zh1mYSqo6M6ha5eCesW
ET96yj7J+VhCxb7wJMvnCSI/DVwpwjvs97iXy8AF/x/9hizJv9bQcQc8cE9KqOW5
pkzsPRpTwCzL8eyleaO7oCMg0RwsaA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:22:00 2025 by rpki-client