$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer File: oZapzKejMT4hgEp8O7SXdfnwZYo.cer (raw, json) Hash identifier: B6QoLjVCagzVR+J53r7Qg1Ua6Q0ItyZkeWihpmUg++g= Subject key identifier: A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BB4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:50:56 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: AS: 137751 IP: 59.153.136.0/22 IP: 103.198.180.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47949 (0xbb4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:50:56 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A196A9CCA7A3313E21804A7C3BB49775F9F0658A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:e2:40:8a:b6:77:2f:ed:24:9b:1c:e5:37:72: a9:30:e6:15:c0:a4:24:d6:e6:24:32:7d:45:98:7d: 09:a3:ae:17:71:2a:b7:7e:78:95:2e:32:a5:5e:ea: ed:11:41:09:aa:6c:98:e0:cf:7e:96:79:53:05:71: e1:92:41:9c:79:c2:a7:fa:9d:82:76:6f:29:1d:68: 99:b7:2f:31:bd:15:75:38:c7:a5:bf:64:8d:bf:51: 84:75:3c:f1:fe:1b:ff:42:95:26:e9:ca:90:a0:21: 43:03:dc:c2:0a:1b:b9:90:a3:fa:3f:b5:d9:50:68: ca:7d:ea:43:b5:e7:10:58:6f:22:ff:11:31:cd:1e: 6f:0b:61:fe:b0:af:a8:5f:2a:76:a0:9d:d9:f5:e3: 80:51:ba:6f:cb:ae:62:0f:9f:75:7f:69:fb:c8:e6: 12:18:f0:75:86:03:d7:8b:f8:44:cc:70:c7:fa:26: 3b:48:7b:e5:ba:fa:1b:b3:31:a0:c6:de:96:ac:2d: ae:2e:79:ec:b8:b6:68:a8:83:a0:b8:3e:81:97:d9: 66:aa:5a:1c:b1:20:d6:77:1f:36:0e:11:82:b1:91: a4:c4:44:a7:20:35:11:e2:79:e2:df:15:37:63:b0: 31:45:6f:de:b1:0e:01:fd:92:b8:6d:aa:fb:9d:85: 55:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 137751 sbgp-ipAddrBlock: critical IPv4: 59.153.136.0/22 103.198.180.0/22 Signature Algorithm: sha256WithRSAEncryption 89:d6:05:b0:9f:ac:ca:55:07:f2:e6:4e:91:cc:18:e1:ba:f2: 01:79:46:fb:ac:71:72:06:46:06:b3:ae:e6:c3:54:23:d6:e1: b6:11:c7:52:b8:ce:fd:ee:49:0b:cb:c6:de:14:ca:ce:22:0b: 97:01:2b:b7:10:c7:32:8b:c2:92:29:e8:98:c9:6a:bb:11:a2: c3:d4:74:f4:00:0d:b3:c3:74:77:fb:e6:68:8a:f9:aa:c6:81: e0:40:d7:0b:04:8b:56:b8:5e:1f:fd:5c:a7:1d:2b:f6:1a:ad: fd:98:c6:63:1b:19:11:d0:a4:46:d3:21:0f:51:d4:48:59:41: cd:f6:4d:d3:e8:77:38:5a:0d:b0:ce:ca:f3:66:1a:c9:32:e7: 83:88:36:7d:69:b8:79:f7:aa:3e:c7:8d:52:d0:a1:12:a5:e2: 46:e5:bb:a0:b2:41:75:07:af:fd:f5:c9:07:6e:be:a7:97:ed: a6:40:e3:65:1f:15:fc:3c:21:7d:42:03:23:9e:f6:12:e6:b0: 48:48:ad:ae:88:2f:d8:cb:c8:b3:4c:21:dd:c7:7d:41:a4:17: 95:99:f0:43:62:06:d6:fa:be:40:2d:c7:b2:5d:09:e1:0e:92: 01:a8:9a:04:1d:6b:06:0a:9e:10:17:f9:bd:8b:6f:b3:96:83: f8:3e:e3:06 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIDALtNMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUwNTZaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKEExOTZBOUNDQTdBMzMxM0UyMTgwNEE3QzNCQjQ5Nzc1RjlGMDY1 OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf4kCKtncv7SSbHOU3 cqkw5hXApCTW5iQyfUWYfQmjrhdxKrd+eJUuMqVe6u0RQQmqbJjgz36WeVMFceGS QZx5wqf6nYJ2bykdaJm3LzG9FXU4x6W/ZI2/UYR1PPH+G/9ClSbpypCgIUMD3MIK G7mQo/o/tdlQaMp96kO15xBYbyL/ETHNHm8LYf6wr6hfKnagndn144BRum/LrmIP n3V/afvI5hIY8HWGA9eL+ETMcMf6JjtIe+W6+huzMaDG3pasLa4ueey4tmiog6C4 PoGX2WaqWhyxINZ3HzYOEYKxkaTERKcgNRHieeLfFTdjsDFFb96xDgH9krhtqvud hVVTAgMBAAGjggJ3MIICczAdBgNVHQ4EFgQUoZapzKejMT4hgEp8O7SXdfnwZYow HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEz ODQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTM4NC9vWmFwektlak1UNGhnRXA4TzdTWGRmbndaWW8ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIaFzAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAjuZiAMEAmfGtDANBgkqhkiG9w0BAQsFAAOCAQEAidYFsJ+sylUH 8uZOkcwY4bryAXlG+6xxcgZGBrOu5sNUI9bhthHHUrjO/e5JC8vG3hTKziILlwEr txDHMovCkinomMlquxGiw9R09AANs8N0d/vmaIr5qsaB4EDXCwSLVrheH/1cpx0r 9hqt/ZjGYxsZEdCkRtMhD1HUSFlBzfZN0+h3OFoNsM7K82YayTLng4g2fWm4efeq PseNUtChEqXiRuW7oLJBdQev/fXJB26+p5ftpkDjZR8V/DwhfUIDI572EuawSEit rogv2MvIs0wh3cd9QaQXlZnwQ2IG1vq+QC3Hsl0J4Q6SAaiaBB1rBgqeEBf5vYtv s5aD+D7jBg== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:41 2024 by rpki-client on console-ams.rpki-client.org