$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer File: oZapzKejMT4hgEp8O7SXdfnwZYo.cer (raw, json) Hash identifier: 6eqREpUY5uTQemU0Re14mwSE0MiIRKElQGhQVI9IjjE= Subject key identifier: A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: AE7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:20:34 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: AS: 137751 IP: 59.153.136.0/22 IP: 103.198.180.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 05:56:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44669 (0xae7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 1 01:20:34 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A196A9CCA7A3313E21804A7C3BB49775F9F0658A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:e2:40:8a:b6:77:2f:ed:24:9b:1c:e5:37:72: a9:30:e6:15:c0:a4:24:d6:e6:24:32:7d:45:98:7d: 09:a3:ae:17:71:2a:b7:7e:78:95:2e:32:a5:5e:ea: ed:11:41:09:aa:6c:98:e0:cf:7e:96:79:53:05:71: e1:92:41:9c:79:c2:a7:fa:9d:82:76:6f:29:1d:68: 99:b7:2f:31:bd:15:75:38:c7:a5:bf:64:8d:bf:51: 84:75:3c:f1:fe:1b:ff:42:95:26:e9:ca:90:a0:21: 43:03:dc:c2:0a:1b:b9:90:a3:fa:3f:b5:d9:50:68: ca:7d:ea:43:b5:e7:10:58:6f:22:ff:11:31:cd:1e: 6f:0b:61:fe:b0:af:a8:5f:2a:76:a0:9d:d9:f5:e3: 80:51:ba:6f:cb:ae:62:0f:9f:75:7f:69:fb:c8:e6: 12:18:f0:75:86:03:d7:8b:f8:44:cc:70:c7:fa:26: 3b:48:7b:e5:ba:fa:1b:b3:31:a0:c6:de:96:ac:2d: ae:2e:79:ec:b8:b6:68:a8:83:a0:b8:3e:81:97:d9: 66:aa:5a:1c:b1:20:d6:77:1f:36:0e:11:82:b1:91: a4:c4:44:a7:20:35:11:e2:79:e2:df:15:37:63:b0: 31:45:6f:de:b1:0e:01:fd:92:b8:6d:aa:fb:9d:85: 55:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 137751 sbgp-ipAddrBlock: critical IPv4: 59.153.136.0/22 103.198.180.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:a6:6d:4f:68:49:fa:61:90:01:b4:c2:29:b6:30:d4:46:be: 57:1a:75:b6:02:8d:46:e8:bb:4f:2a:3c:ea:0d:2b:89:6c:e2: 52:c7:0b:6a:91:02:c8:0c:23:57:49:53:a4:a7:4f:00:f2:1e: 3a:bc:07:c3:c9:06:24:50:05:ef:8a:44:0b:fb:1f:49:36:b3: c0:33:86:4b:ce:44:6e:36:6a:29:c4:a5:ca:52:01:26:79:82: b7:53:d3:68:c9:c3:c2:91:bf:20:43:97:2b:ac:7e:f7:57:b1: 45:23:8d:e9:e9:d1:c8:64:e7:d2:99:d4:4e:60:5a:77:52:d2: eb:ff:9b:57:95:79:5e:5b:1b:39:71:03:ab:73:45:bf:d5:4c: 38:93:b8:33:f5:0a:50:d6:a9:9a:48:d7:75:e2:06:a0:c1:80: da:6d:d9:95:e0:40:78:6a:c6:7c:9e:21:a4:32:52:14:0a:e2: 37:0e:eb:35:7f:f3:0c:51:33:41:0c:6d:3e:b0:a5:ff:3a:d8: 5e:91:8a:91:9d:e7:00:80:cb:a9:2f:87:4f:a0:ca:46:61:d3: 7c:a6:d6:86:74:ea:6d:cb:4a:cb:9d:ab:bc:04:d2:d8:cb:7f: 00:c1:4d:bf:fa:0b:cc:42:ba:4f:a8:c0:4f:7b:c4:81:e8:f7: ca:c7:d6:ff -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgIDAK59MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIwMzRaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKEExOTZBOUNDQTdBMzMxM0UyMTgwNEE3QzNCQjQ5Nzc1RjlGMDY1 OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf4kCKtncv7SSbHOU3 cqkw5hXApCTW5iQyfUWYfQmjrhdxKrd+eJUuMqVe6u0RQQmqbJjgz36WeVMFceGS QZx5wqf6nYJ2bykdaJm3LzG9FXU4x6W/ZI2/UYR1PPH+G/9ClSbpypCgIUMD3MIK G7mQo/o/tdlQaMp96kO15xBYbyL/ETHNHm8LYf6wr6hfKnagndn144BRum/LrmIP n3V/afvI5hIY8HWGA9eL+ETMcMf6JjtIe+W6+huzMaDG3pasLa4ueey4tmiog6C4 PoGX2WaqWhyxINZ3HzYOEYKxkaTERKcgNRHieeLfFTdjsDFFb96xDgH9krhtqvud hVVTAgMBAAGjggJ3MIICczAdBgNVHQ4EFgQUoZapzKejMT4hgEp8O7SXdfnwZYow HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEz ODQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTM4NC9vWmFwektlak1UNGhnRXA4TzdTWGRmbndaWW8ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIaFzAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAjuZiAMEAmfGtDANBgkqhkiG9w0BAQsFAAOCAQEAPaZtT2hJ+mGQ AbTCKbYw1Ea+Vxp1tgKNRui7Tyo86g0riWziUscLapECyAwjV0lTpKdPAPIeOrwH w8kGJFAF74pEC/sfSTazwDOGS85EbjZqKcSlylIBJnmCt1PTaMnDwpG/IEOXK6x+ 91exRSON6enRyGTn0pnUTmBad1LS6/+bV5V5XlsbOXEDq3NFv9VMOJO4M/UKUNap mkjXdeIGoMGA2m3ZleBAeGrGfJ4hpDJSFAriNw7rNX/zDFEzQQxtPrCl/zrYXpGK kZ3nAIDLqS+HT6DKRmHTfKbWhnTqbctKy52rvATS2Mt/AMFNv/oLzEK6T6jAT3vE gej3ysfW/w== -----END CERTIFICATE-----Generated at Sun May 19 01:06:24 2024 by rpki-client on console-fra.rpki-client.org