$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/oSxs0hrGVXPbWxQ4_6vayraf5iM.cer File: oSxs0hrGVXPbWxQ4_6vayraf5iM.cer (raw, json) Hash identifier: QKtICGluFW7rdgCzxrBrE/46i2WvE7UKd3mD7pz9bBc= Subject key identifier: A1:2C:6C:D2:1A:C6:55:73:DB:5B:14:38:FF:AB:DA:CA:B6:9F:E6:23 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 393E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3332/oSxs0hrGVXPbWxQ4_6vayraf5iM.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3332/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 27 Nov 2024 01:11:31 +0000 Certificate not after: Thu 27 Nov 2025 00:59:02 +0000 Subordinate resources: IP: 160.250.90.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 21:29:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14654 (0x393e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Nov 27 01:11:31 2024 GMT Not After : Nov 27 00:59:02 2025 GMT Subject: CN=A12C6CD21AC65573DB5B1438FFABDACAB69FE623 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:5a:ab:48:c7:02:39:21:a5:1e:0b:e5:0f:a0: 10:9d:18:cd:20:3a:3d:08:79:d2:17:d2:6c:93:98: ee:ec:f5:e7:f5:1c:79:e7:9a:c5:83:e3:2e:57:65: 17:26:ec:2b:87:c8:9c:f2:78:d8:c6:f5:8c:50:c3: 3c:a9:12:76:d5:ef:1a:a9:ef:c0:77:b7:69:84:fd: 3e:f9:74:c9:56:a6:29:e0:d0:53:7c:aa:99:ce:b8: da:58:3a:df:f9:14:61:f2:be:77:62:18:fc:f7:eb: 1e:22:6b:76:d8:ae:52:14:a6:af:0e:c1:05:69:64: d7:ca:08:80:2c:ae:db:fd:08:28:e5:fe:e4:28:c2: ec:ff:68:c9:35:bf:eb:5b:f0:b4:d5:ad:00:0b:be: 9e:06:64:65:d2:23:c3:63:92:17:20:1d:24:77:65: 87:55:f6:5e:8b:7f:cb:f9:24:85:70:4d:31:5d:ac: 4b:0c:87:59:4a:92:4f:65:61:06:a2:ef:34:41:fa: e4:fd:a1:4e:f6:74:ef:f0:e5:c9:3d:c6:b1:0c:b9: f8:b6:da:75:d7:a4:5e:10:14:7b:0d:b3:d7:60:1f: 91:6e:d9:f1:71:31:b7:cd:24:3a:4f:c9:13:82:57: e2:e9:5a:96:01:a6:cf:99:f7:68:68:64:5a:dc:dd: 2d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:2C:6C:D2:1A:C6:55:73:DB:5B:14:38:FF:AB:DA:CA:B6:9F:E6:23 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3332/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3332/oSxs0hrGVXPbWxQ4_6vayraf5iM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.250.90.0/23 Signature Algorithm: sha256WithRSAEncryption a9:3e:4e:88:75:2c:21:6a:fa:a4:09:30:a7:1c:6b:c5:17:2a: da:c2:7a:80:c7:38:c8:81:27:ac:c0:d4:e9:76:48:1f:58:07: a8:86:d5:8a:37:f3:57:54:88:56:df:e8:88:68:75:51:cb:d9: 48:f3:e2:a6:35:36:26:53:c2:3a:59:e7:cd:c9:00:23:63:3b: a2:fb:b6:af:2a:0c:e9:04:87:e2:9d:d2:48:fc:3a:de:26:49: e3:a1:a0:6b:e2:5d:94:2e:93:bb:b5:3b:4f:73:d4:a8:45:bf: 0c:80:67:a0:47:77:22:34:53:da:14:e6:9e:89:c9:e9:66:9c: 2e:3c:83:fd:cf:81:a2:20:49:0c:97:28:a4:99:a5:f4:08:91: 1c:91:46:a5:c0:a9:04:13:15:03:0f:5c:01:30:d3:0d:e5:84: ae:fc:2f:32:4f:46:86:54:0e:a0:eb:82:7b:98:8c:03:2e:05: 77:03:e8:59:11:ba:85:f1:93:b0:d2:d7:aa:b8:02:b5:76:8c: 2d:5a:4d:ef:e6:60:58:b8:fe:fb:99:b6:aa:b0:f1:38:c6:3e: 24:06:40:a7:ad:0a:37:3e:c2:b5:fa:c5:2b:bc:71:62:74:dc: e3:06:5a:e6:ba:22:82:50:48:f4:03:c0:5e:44:3f:16:20:9e: 92:e9:f6:1b -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICOT4wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MTEyNzAxMTEzMVoXDTI1MTEyNzAwNTkwMlowMzEx MC8GA1UEAxMoQTEyQzZDRDIxQUM2NTU3M0RCNUIxNDM4RkZBQkRBQ0FCNjlGRTYy MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAORaq0jHAjkhpR4L5Q+g EJ0YzSA6PQh50hfSbJOY7uz15/UceeeaxYPjLldlFybsK4fInPJ42Mb1jFDDPKkS dtXvGqnvwHe3aYT9Pvl0yVamKeDQU3yqmc642lg63/kUYfK+d2IY/PfrHiJrdtiu UhSmrw7BBWlk18oIgCyu2/0IKOX+5CjC7P9oyTW/61vwtNWtAAu+ngZkZdIjw2OS FyAdJHdlh1X2Xot/y/kkhXBNMV2sSwyHWUqST2VhBqLvNEH65P2hTvZ07/DlyT3G sQy5+LbaddekXhAUew2z12AfkW7Z8XExt80kOk/JE4JX4ulalgGmz5n3aGhkWtzd LV8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBShLGzSGsZVc9tbFDj/q9rKtp/mIzAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz Mi8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzMyL29TeHMwaHJHVlhQYld4UTRfNnZheXJhZjVpTS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg+lowDQYJKoZIhvcNAQELBQAD ggEBAKk+Toh1LCFq+qQJMKcca8UXKtrCeoDHOMiBJ6zA1Ol2SB9YB6iG1Yo381dU iFbf6IhodVHL2Ujz4qY1NiZTwjpZ583JACNjO6L7tq8qDOkEh+Kd0kj8Ot4mSeOh oGviXZQuk7u1O09z1KhFvwyAZ6BHdyI0U9oU5p6JyelmnC48g/3PgaIgSQyXKKSZ pfQIkRyRRqXAqQQTFQMPXAEw0w3lhK78LzJPRoZUDqDrgnuYjAMuBXcD6FkRuoXx k7DS16q4ArV2jC1aTe/mYFi4/vuZtqqw8TjGPiQGQKetCjc+wrX6xSu8cWJ03OMG Wua6IoJQSPQDwF5EPxYgnpLp9hs= -----END CERTIFICATE-----Generated at Wed Feb 19 20:41:34 2025 by rpki-client