Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/pA1lo5gglIcI0bteqCt6TVTUS4U.cer
File: pA1lo5gglIcI0bteqCt6TVTUS4U.cer (raw, json)
Hash identifier: E8PRGoLAyPwRPoJTVcWanhKIl+6HGCMcgYmDn73KGg0=
Subject key identifier: A4:0D:65:A3:98:20:94:87:08:D1:BB:5E:A8:2B:7A:4D:54:D4:4B:85
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CCF1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/pA1lo5gglIcI0bteqCt6TVTUS4U.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:06:52 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 9308
AS: 9802
AS: 17428
AS: 18244
AS: 24133
AS: 24140
AS: 24418
AS: 59020
IP: 42.158.0.0/16
IP: 58.82.0.0/17
IP: 58.83.0.0/17
IP: 59.151.0.0/17
IP: 59.191.0.0/17
IP: 101.134.0.0/15
IP: 103.247.168.0/22
IP: 118.30.0.0/16
IP: 118.195.0.0/17
IP: 120.132.128.0 -- 120.135.255.255
IP: 123.61.0.0/16
IP: 124.250.0.0/15
IP: 182.174.0.0 -- 182.175.243.255
IP: 183.84.0.0/15
IP: 203.196.0.0/21
IP: 210.77.128.0/19
IP: 211.99.160.0 -- 211.99.223.255
IP: 211.148.17.0 -- 211.148.25.255
IP: 211.148.27.0 -- 211.148.31.255
IP: 211.151.0.0 -- 211.152.31.255
IP: 211.152.64.0/18
IP: 2403:a200::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Apr 2025 10:07:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52465 (0xccf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:06:52 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A40D65A39820948708D1BB5EA82B7A4D54D44B85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:9b:d8:e2:bd:d3:b0:d4:ce:64:2e:01:f0:25:
52:ed:0b:33:a0:4f:87:09:c1:f2:0b:42:3f:50:05:
9c:09:7d:9e:63:11:bb:a4:82:fd:b6:a4:e1:8c:e1:
5d:fa:a4:06:e5:c5:b1:37:04:ba:e7:ae:ff:9d:0f:
e2:ac:fc:17:23:96:92:a2:8d:a3:96:fc:03:24:ea:
64:17:86:00:06:8a:ad:23:0f:f2:2e:b3:c8:da:a8:
ed:7c:17:4f:f3:67:7d:58:04:89:6a:e7:54:e8:80:
aa:2e:96:96:5e:c3:66:e6:b8:b7:f7:89:db:11:c7:
65:59:de:a3:af:ba:a8:4d:2d:ab:5d:95:59:e5:8c:
dc:c3:02:56:e8:28:b2:dd:f7:b7:1a:01:30:3e:2a:
28:28:f2:43:4f:51:5b:db:58:cc:b1:16:2d:90:58:
be:1a:fd:b0:d2:59:19:3a:20:1a:c9:cb:c7:f8:11:
65:2e:19:03:c1:11:4e:84:39:a8:86:1a:d2:86:e7:
64:42:d5:9a:b2:33:dc:1d:b0:00:ea:e0:86:67:0c:
71:16:f9:0b:43:0b:62:e0:6d:9a:c0:15:69:43:48:
9a:ea:ec:26:a5:8f:81:b6:6b:99:0c:f7:99:d3:46:
58:7b:85:b5:91:28:2b:56:26:85:91:e7:70:94:75:
ac:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0D:65:A3:98:20:94:87:08:D1:BB:5E:A8:2B:7A:4D:54:D4:4B:85
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/pA1lo5gglIcI0bteqCt6TVTUS4U.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9308
9802
17428
18244
24133
24140
24418
59020
sbgp-ipAddrBlock: critical
IPv4:
42.158.0.0/16
58.82.0.0/17
58.83.0.0/17
59.151.0.0/17
59.191.0.0/17
101.134.0.0/15
103.247.168.0/22
118.30.0.0/16
118.195.0.0/17
120.132.128.0-120.135.255.255
123.61.0.0/16
124.250.0.0/15
182.174.0.0-182.175.243.255
183.84.0.0/15
203.196.0.0/21
210.77.128.0/19
211.99.160.0-211.99.223.255
211.148.17.0-211.148.25.255
211.148.27.0-211.148.31.255
211.151.0.0-211.152.31.255
211.152.64.0/18
IPv6:
2403:a200::/32
Signature Algorithm: sha256WithRSAEncryption
78:37:85:08:1a:da:e1:56:34:95:be:6f:45:39:41:05:42:7c:
0b:1e:90:97:97:49:6c:ed:a0:bf:ac:97:f9:0a:13:02:af:b9:
69:85:83:c8:a1:42:cb:f7:e6:12:f8:1b:84:57:b4:e1:ee:98:
03:0f:73:93:0f:e2:ae:64:7b:3c:62:47:72:60:5a:13:b4:55:
92:95:de:73:ac:c0:f5:4b:b5:13:6e:da:b2:4b:9e:6b:b9:fb:
09:77:64:30:ec:14:c9:b8:b7:eb:e4:f4:0b:fc:1f:a5:df:85:
ea:62:07:9b:67:d3:66:c2:e9:7c:56:8a:55:6e:bc:30:c8:6c:
2a:62:25:2b:70:68:8b:6d:98:06:b7:73:fc:0f:56:36:01:cb:
01:8e:18:9b:87:4b:c3:67:2c:71:b4:e6:f9:0e:2d:22:16:29:
52:ba:2b:73:51:65:a6:73:84:e1:87:b1:71:5e:35:c3:ec:09:
f6:98:fa:11:22:10:40:0c:c5:0f:db:b8:86:83:f1:51:e2:d6:
66:8a:ed:9a:30:66:1b:bf:00:06:ea:8b:a1:a1:27:96:8e:6e:
8d:89:ae:38:08:13:8c:2a:df:46:d5:2c:9f:70:b8:ea:be:2e:
23:5b:dd:f7:3a:ed:d7:b0:cb:df:b9:d9:1f:f5:15:e7:aa:e2:
71:33:d3:d0
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgIDAMzxMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA2NTJaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKEE0MEQ2NUEzOTgyMDk0ODcwOEQxQkI1RUE4MkI3QTRENTRENDRC
ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5m9jivdOw1M5kLgHw
JVLtCzOgT4cJwfILQj9QBZwJfZ5jEbukgv22pOGM4V36pAblxbE3BLrnrv+dD+Ks
/BcjlpKijaOW/AMk6mQXhgAGiq0jD/Ius8jaqO18F0/zZ31YBIlq51TogKoulpZe
w2bmuLf3idsRx2VZ3qOvuqhNLatdlVnljNzDAlboKLLd97caATA+Kigo8kNPUVvb
WMyxFi2QWL4a/bDSWRk6IBrJy8f4EWUuGQPBEU6EOaiGGtKG52RC1ZqyM9wdsADq
4IZnDHEW+QtDC2LgbZrAFWlDSJrq7Calj4G2a5kM95nTRlh7hbWRKCtWJoWR53CU
daxvAgMBAAGjggM8MIIDODAdBgNVHQ4EFgQUpA1lo5gglIcI0bteqCt6TVTUS4Uw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzcz
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzczL3BBMWxvNWdnbEljSTBidGVxQ3Q2VFZUVVM0VS5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwNgYI
KwYBBQUHAQgBAf8EJzAloCMwIQICJFwCAiZKAgJEFAICR0QCAl5FAgJeTAICX2IC
AwDmjDCB0QYIKwYBBQUHAQcBAf8EgcEwgb4wgawEAgABMIGlAwMAKp4DBAc6UgAD
BAc6UwADBAc7lwADBAc7vwADAwFlhgMEAmf3qAMDAHYeAwQHdsMAMAsDBAd4hIAD
AwN4gAMDAHs9AwMBfPowCwMDAbauAwQCtq/wAwMBt1QDBAPLxAADBAXSTYAwDAME
BdNjoAMEBdNjwDAMAwQA05QRAwQB05QYMAwDBADTlBsDBAXTlAAwCwMDANOXAwQF
05gAAwQG05hAMA0EAgACMAcDBQAkA6IAMA0GCSqGSIb3DQEBCwUAA4IBAQB4N4UI
GtrhVjSVvm9FOUEFQnwLHpCXl0ls7aC/rJf5ChMCr7lphYPIoULL9+YS+BuEV7Th
7pgDD3OTD+KuZHs8YkdyYFoTtFWSld5zrMD1S7UTbtqyS55rufsJd2Qw7BTJuLfr
5PQL/B+l34XqYgebZ9Nmwul8VopVbrwwyGwqYiUrcGiLbZgGt3P8D1Y2AcsBjhib
h0vDZyxxtOb5Di0iFilSuitzUWWmc4Thh7FxXjXD7An2mPoRIhBADMUP27iGg/FR
4tZmiu2aMGYbvwAG6ouhoSeWjm6Nia44CBOMKt9G1SyfcLjqvi4jW933Ou3XsMvf
udkf9RXnquJxM9PQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:01:39 2025 by rpki-client