Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/pA1lo5gglIcI0bteqCt6TVTUS4U.cer
File: pA1lo5gglIcI0bteqCt6TVTUS4U.cer (raw, json)
Hash identifier: nj1+m8FSO2+P3aY+iA0VYn/Frw7KZvtUnNP4IF789TM=
Subject key identifier: A4:0D:65:A3:98:20:94:87:08:D1:BB:5E:A8:2B:7A:4D:54:D4:4B:85
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AF31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/pA1lo5gglIcI0bteqCt6TVTUS4U.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:23:15 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: AS: 9308
AS: 9802
AS: 17428
AS: 18244
AS: 24133
AS: 24140
AS: 24418
AS: 59020
IP: 42.158.0.0/16
IP: 58.82.0.0/17
IP: 58.83.0.0/17
IP: 59.151.0.0/17
IP: 59.191.0.0/17
IP: 101.134.0.0/15
IP: 103.247.168.0/22
IP: 118.30.0.0/16
IP: 118.195.0.0/17
IP: 120.132.128.0 -- 120.135.255.255
IP: 123.61.0.0/16
IP: 124.250.0.0/15
IP: 182.174.0.0 -- 182.175.243.255
IP: 183.84.0.0/15
IP: 203.196.0.0/21
IP: 210.77.128.0/19
IP: 211.99.160.0 -- 211.99.223.255
IP: 211.148.17.0 -- 211.148.25.255
IP: 211.148.27.0 -- 211.148.31.255
IP: 211.151.0.0 -- 211.152.31.255
IP: 211.152.64.0/18
IP: 2403:a200::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 17 May 2024 11:25:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44849 (0xaf31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A40D65A39820948708D1BB5EA82B7A4D54D44B85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:9b:d8:e2:bd:d3:b0:d4:ce:64:2e:01:f0:25:
52:ed:0b:33:a0:4f:87:09:c1:f2:0b:42:3f:50:05:
9c:09:7d:9e:63:11:bb:a4:82:fd:b6:a4:e1:8c:e1:
5d:fa:a4:06:e5:c5:b1:37:04:ba:e7:ae:ff:9d:0f:
e2:ac:fc:17:23:96:92:a2:8d:a3:96:fc:03:24:ea:
64:17:86:00:06:8a:ad:23:0f:f2:2e:b3:c8:da:a8:
ed:7c:17:4f:f3:67:7d:58:04:89:6a:e7:54:e8:80:
aa:2e:96:96:5e:c3:66:e6:b8:b7:f7:89:db:11:c7:
65:59:de:a3:af:ba:a8:4d:2d:ab:5d:95:59:e5:8c:
dc:c3:02:56:e8:28:b2:dd:f7:b7:1a:01:30:3e:2a:
28:28:f2:43:4f:51:5b:db:58:cc:b1:16:2d:90:58:
be:1a:fd:b0:d2:59:19:3a:20:1a:c9:cb:c7:f8:11:
65:2e:19:03:c1:11:4e:84:39:a8:86:1a:d2:86:e7:
64:42:d5:9a:b2:33:dc:1d:b0:00:ea:e0:86:67:0c:
71:16:f9:0b:43:0b:62:e0:6d:9a:c0:15:69:43:48:
9a:ea:ec:26:a5:8f:81:b6:6b:99:0c:f7:99:d3:46:
58:7b:85:b5:91:28:2b:56:26:85:91:e7:70:94:75:
ac:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0D:65:A3:98:20:94:87:08:D1:BB:5E:A8:2B:7A:4D:54:D4:4B:85
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/pA1lo5gglIcI0bteqCt6TVTUS4U.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9308
9802
17428
18244
24133
24140
24418
59020
sbgp-ipAddrBlock: critical
IPv4:
42.158.0.0/16
58.82.0.0/17
58.83.0.0/17
59.151.0.0/17
59.191.0.0/17
101.134.0.0/15
103.247.168.0/22
118.30.0.0/16
118.195.0.0/17
120.132.128.0-120.135.255.255
123.61.0.0/16
124.250.0.0/15
182.174.0.0-182.175.243.255
183.84.0.0/15
203.196.0.0/21
210.77.128.0/19
211.99.160.0-211.99.223.255
211.148.17.0-211.148.25.255
211.148.27.0-211.148.31.255
211.151.0.0-211.152.31.255
211.152.64.0/18
IPv6:
2403:a200::/32
Signature Algorithm: sha256WithRSAEncryption
65:72:b8:ce:db:80:13:bc:32:e3:97:76:5f:70:44:5e:8e:ea:
97:c0:54:da:6a:17:be:60:dd:18:9d:fd:52:93:48:e8:74:25:
24:91:82:e3:cf:23:58:d4:ae:51:b1:9e:26:16:a3:cb:4d:c6:
ef:67:37:3f:83:54:37:9c:5c:18:ae:2c:58:64:87:c3:c2:09:
72:9c:f4:4f:99:e7:de:8d:19:ce:19:4f:1a:28:1d:9c:15:c3:
aa:a6:2b:59:1c:cb:91:5b:ff:18:92:ed:1a:d6:57:52:fd:7e:
da:4f:35:51:07:dd:c0:e1:e5:f2:4c:99:be:fa:4f:e9:9d:72:
f5:c5:51:a7:25:45:74:33:ee:2a:af:a3:48:60:ef:11:de:54:
f3:8f:18:d5:02:b3:ed:fd:f2:73:b6:64:a2:1d:c7:4e:ab:b8:
00:37:a3:d3:ca:74:2f:1b:37:9e:e1:d3:2d:1e:b6:d4:77:ff:
58:f0:b2:99:9c:58:90:60:de:c5:4b:0d:16:92:dd:21:de:17:
e7:00:47:d7:d0:fa:82:41:73:62:1f:4a:aa:13:c2:9c:40:e6:
80:75:f0:a6:25:64:33:d8:e9:16:d8:a5:16:69:a0:c2:e2:8c:
31:a7:59:a8:36:01:c2:9c:a2:ec:a8:43:9a:b2:19:79:af:6e:
83:44:d0:35
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgIDAK8xMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIzMTVaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKEE0MEQ2NUEzOTgyMDk0ODcwOEQxQkI1RUE4MkI3QTRENTRENDRC
ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5m9jivdOw1M5kLgHw
JVLtCzOgT4cJwfILQj9QBZwJfZ5jEbukgv22pOGM4V36pAblxbE3BLrnrv+dD+Ks
/BcjlpKijaOW/AMk6mQXhgAGiq0jD/Ius8jaqO18F0/zZ31YBIlq51TogKoulpZe
w2bmuLf3idsRx2VZ3qOvuqhNLatdlVnljNzDAlboKLLd97caATA+Kigo8kNPUVvb
WMyxFi2QWL4a/bDSWRk6IBrJy8f4EWUuGQPBEU6EOaiGGtKG52RC1ZqyM9wdsADq
4IZnDHEW+QtDC2LgbZrAFWlDSJrq7Calj4G2a5kM95nTRlh7hbWRKCtWJoWR53CU
daxvAgMBAAGjggM8MIIDODAdBgNVHQ4EFgQUpA1lo5gglIcI0bteqCt6TVTUS4Uw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzcz
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzczL3BBMWxvNWdnbEljSTBidGVxQ3Q2VFZUVVM0VS5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwNgYI
KwYBBQUHAQgBAf8EJzAloCMwIQICJFwCAiZKAgJEFAICR0QCAl5FAgJeTAICX2IC
AwDmjDCB0QYIKwYBBQUHAQcBAf8EgcEwgb4wgawEAgABMIGlAwMAKp4DBAc6UgAD
BAc6UwADBAc7lwADBAc7vwADAwFlhgMEAmf3qAMDAHYeAwQHdsMAMAsDBAd4hIAD
AwN4gAMDAHs9AwMBfPowCwMDAbauAwQCtq/wAwMBt1QDBAPLxAADBAXSTYAwDAME
BdNjoAMEBdNjwDAMAwQA05QRAwQB05QYMAwDBADTlBsDBAXTlAAwCwMDANOXAwQF
05gAAwQG05hAMA0EAgACMAcDBQAkA6IAMA0GCSqGSIb3DQEBCwUAA4IBAQBlcrjO
24ATvDLjl3ZfcERejuqXwFTaahe+YN0Ynf1Sk0jodCUkkYLjzyNY1K5RsZ4mFqPL
TcbvZzc/g1Q3nFwYrixYZIfDwglynPRPmefejRnOGU8aKB2cFcOqpitZHMuRW/8Y
ku0a1ldS/X7aTzVRB93A4eXyTJm++k/pnXL1xVGnJUV0M+4qr6NIYO8R3lTzjxjV
ArPt/fJztmSiHcdOq7gAN6PTynQvGzee4dMtHrbUd/9Y8LKZnFiQYN7FSw0Wkt0h
3hfnAEfX0PqCQXNiH0qqE8KcQOaAdfCmJWQz2OkW2KUWaaDC4owxp1moNgHCnKLs
qEOashl5r26DRNA1
-----END CERTIFICATE-----
Generated at Fri May 17 06:19:02 2024 by rpki-client on console-fra.rpki-client.org