Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/pA1lo5gglIcI0bteqCt6TVTUS4U.cer
File: pA1lo5gglIcI0bteqCt6TVTUS4U.cer (raw, json)
Hash identifier: MvuIHLuIkfhr9a0y9hGkkDrcrmGzWmy1CIiaYx1Mwpk=
Subject key identifier: A4:0D:65:A3:98:20:94:87:08:D1:BB:5E:A8:2B:7A:4D:54:D4:4B:85
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BC13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/pA1lo5gglIcI0bteqCt6TVTUS4U.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:54:01 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 9308
AS: 9802
AS: 17428
AS: 18244
AS: 24133
AS: 24140
AS: 24418
AS: 59020
IP: 42.158.0.0/16
IP: 58.82.0.0/17
IP: 58.83.0.0/17
IP: 59.151.0.0/17
IP: 59.191.0.0/17
IP: 101.134.0.0/15
IP: 103.247.168.0/22
IP: 118.30.0.0/16
IP: 118.195.0.0/17
IP: 120.132.128.0 -- 120.135.255.255
IP: 123.61.0.0/16
IP: 124.250.0.0/15
IP: 182.174.0.0 -- 182.175.243.255
IP: 183.84.0.0/15
IP: 203.196.0.0/21
IP: 210.77.128.0/19
IP: 211.99.160.0 -- 211.99.223.255
IP: 211.148.17.0 -- 211.148.25.255
IP: 211.148.27.0 -- 211.148.31.255
IP: 211.151.0.0 -- 211.152.31.255
IP: 211.152.64.0/18
IP: 2403:a200::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48147 (0xbc13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:54:01 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A40D65A39820948708D1BB5EA82B7A4D54D44B85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:9b:d8:e2:bd:d3:b0:d4:ce:64:2e:01:f0:25:
52:ed:0b:33:a0:4f:87:09:c1:f2:0b:42:3f:50:05:
9c:09:7d:9e:63:11:bb:a4:82:fd:b6:a4:e1:8c:e1:
5d:fa:a4:06:e5:c5:b1:37:04:ba:e7:ae:ff:9d:0f:
e2:ac:fc:17:23:96:92:a2:8d:a3:96:fc:03:24:ea:
64:17:86:00:06:8a:ad:23:0f:f2:2e:b3:c8:da:a8:
ed:7c:17:4f:f3:67:7d:58:04:89:6a:e7:54:e8:80:
aa:2e:96:96:5e:c3:66:e6:b8:b7:f7:89:db:11:c7:
65:59:de:a3:af:ba:a8:4d:2d:ab:5d:95:59:e5:8c:
dc:c3:02:56:e8:28:b2:dd:f7:b7:1a:01:30:3e:2a:
28:28:f2:43:4f:51:5b:db:58:cc:b1:16:2d:90:58:
be:1a:fd:b0:d2:59:19:3a:20:1a:c9:cb:c7:f8:11:
65:2e:19:03:c1:11:4e:84:39:a8:86:1a:d2:86:e7:
64:42:d5:9a:b2:33:dc:1d:b0:00:ea:e0:86:67:0c:
71:16:f9:0b:43:0b:62:e0:6d:9a:c0:15:69:43:48:
9a:ea:ec:26:a5:8f:81:b6:6b:99:0c:f7:99:d3:46:
58:7b:85:b5:91:28:2b:56:26:85:91:e7:70:94:75:
ac:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0D:65:A3:98:20:94:87:08:D1:BB:5E:A8:2B:7A:4D:54:D4:4B:85
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/73/pA1lo5gglIcI0bteqCt6TVTUS4U.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9308
9802
17428
18244
24133
24140
24418
59020
sbgp-ipAddrBlock: critical
IPv4:
42.158.0.0/16
58.82.0.0/17
58.83.0.0/17
59.151.0.0/17
59.191.0.0/17
101.134.0.0/15
103.247.168.0/22
118.30.0.0/16
118.195.0.0/17
120.132.128.0-120.135.255.255
123.61.0.0/16
124.250.0.0/15
182.174.0.0-182.175.243.255
183.84.0.0/15
203.196.0.0/21
210.77.128.0/19
211.99.160.0-211.99.223.255
211.148.17.0-211.148.25.255
211.148.27.0-211.148.31.255
211.151.0.0-211.152.31.255
211.152.64.0/18
IPv6:
2403:a200::/32
Signature Algorithm: sha256WithRSAEncryption
28:94:9b:47:35:35:33:6e:42:7a:45:ed:c2:65:db:07:70:80:
24:72:5d:93:98:e9:f0:c1:3a:75:99:c9:bf:90:24:97:a4:f9:
04:de:71:1d:e0:c7:1d:08:32:fb:ab:04:fb:0c:19:2f:a1:48:
7d:93:2f:fc:df:da:fd:92:fa:d4:cb:23:81:f0:36:91:5c:04:
26:16:b3:c5:4a:4a:48:b7:c8:a5:87:76:62:58:1c:7b:6d:35:
16:0b:a6:20:62:c4:5b:c7:ed:1b:12:a1:41:37:bb:0f:e2:50:
97:ff:89:de:d9:f7:81:a7:49:09:b3:eb:36:33:d1:8a:11:f6:
68:4b:c2:7f:f6:9e:38:37:5d:b3:7b:97:e7:59:a4:9d:47:4a:
0a:e0:ae:f9:a6:1a:25:13:8f:a3:9e:5e:55:a4:a3:96:af:fb:
7b:17:af:47:ec:8d:45:26:bf:f9:d8:a4:a0:bf:27:71:3f:23:
14:6c:d9:ff:e5:af:d6:99:6f:93:3a:27:40:60:2d:3a:6d:47:
a2:56:7d:35:e7:ea:e3:61:a4:de:e5:46:53:e2:ac:b0:92:4e:
46:0f:d0:be:64:1f:2e:34:86:fa:ad:32:e6:8a:ba:76:60:3f:
2f:4e:9e:5f:c9:23:6e:a9:54:c2:2f:bd:69:e4:97:63:14:11:
31:e0:ac:dc
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgIDALwTMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU0MDFaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEE0MEQ2NUEzOTgyMDk0ODcwOEQxQkI1RUE4MkI3QTRENTRENDRC
ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5m9jivdOw1M5kLgHw
JVLtCzOgT4cJwfILQj9QBZwJfZ5jEbukgv22pOGM4V36pAblxbE3BLrnrv+dD+Ks
/BcjlpKijaOW/AMk6mQXhgAGiq0jD/Ius8jaqO18F0/zZ31YBIlq51TogKoulpZe
w2bmuLf3idsRx2VZ3qOvuqhNLatdlVnljNzDAlboKLLd97caATA+Kigo8kNPUVvb
WMyxFi2QWL4a/bDSWRk6IBrJy8f4EWUuGQPBEU6EOaiGGtKG52RC1ZqyM9wdsADq
4IZnDHEW+QtDC2LgbZrAFWlDSJrq7Calj4G2a5kM95nTRlh7hbWRKCtWJoWR53CU
daxvAgMBAAGjggM8MIIDODAdBgNVHQ4EFgQUpA1lo5gglIcI0bteqCt6TVTUS4Uw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzcz
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzczL3BBMWxvNWdnbEljSTBidGVxQ3Q2VFZUVVM0VS5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwNgYI
KwYBBQUHAQgBAf8EJzAloCMwIQICJFwCAiZKAgJEFAICR0QCAl5FAgJeTAICX2IC
AwDmjDCB0QYIKwYBBQUHAQcBAf8EgcEwgb4wgawEAgABMIGlAwMAKp4DBAc6UgAD
BAc6UwADBAc7lwADBAc7vwADAwFlhgMEAmf3qAMDAHYeAwQHdsMAMAsDBAd4hIAD
AwN4gAMDAHs9AwMBfPowCwMDAbauAwQCtq/wAwMBt1QDBAPLxAADBAXSTYAwDAME
BdNjoAMEBdNjwDAMAwQA05QRAwQB05QYMAwDBADTlBsDBAXTlAAwCwMDANOXAwQF
05gAAwQG05hAMA0EAgACMAcDBQAkA6IAMA0GCSqGSIb3DQEBCwUAA4IBAQAolJtH
NTUzbkJ6Re3CZdsHcIAkcl2TmOnwwTp1mcm/kCSXpPkE3nEd4McdCDL7qwT7DBkv
oUh9ky/839r9kvrUyyOB8DaRXAQmFrPFSkpIt8ilh3ZiWBx7bTUWC6YgYsRbx+0b
EqFBN7sP4lCX/4ne2feBp0kJs+s2M9GKEfZoS8J/9p44N12ze5fnWaSdR0oK4K75
pholE4+jnl5VpKOWr/t7F69H7I1FJr/52KSgvydxPyMUbNn/5a/WmW+TOidAYC06
bUeiVn015+rjYaTe5UZT4qywkk5GD9C+ZB8uNIb6rTLmirp2YD8vTp5fySNuqVTC
L71p5JdjFBEx4Kzc
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:28 2024 by rpki-client on console-fra.rpki-client.org