Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
File: qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer (raw, json)
Hash identifier: xzf+zpwzoPnhF5FhhLmc/3e9f8XfAF+548N03y+xKa0=
Subject key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BBB9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:52:30 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: IP: 43.250.116.0/22
IP: 103.108.192.0/22
IP: 103.139.0.0/23
IP: 103.235.184.0/22
IP: 150.242.224.0/22
IP: 218.247.64.0/19
IP: 219.234.0.0/19
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48057 (0xbbb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:52:30 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:21:a5:2a:39:f7:16:70:ff:b7:6c:01:dc:24:
f8:ad:36:53:c9:f0:f1:95:d0:f8:a2:46:35:9f:5c:
f2:ce:e2:ba:9a:64:e6:10:ea:c7:46:70:fa:a7:1c:
05:28:a4:80:a6:cb:a8:24:6d:49:c4:48:3e:28:64:
24:90:86:10:59:63:e6:a8:6a:90:14:13:92:18:b9:
ab:8f:7a:c6:63:03:b9:63:90:95:f5:72:09:6b:9b:
6e:ee:59:91:ef:59:3b:3e:c0:ea:bb:dd:bd:34:ef:
3c:c2:4f:cf:12:4d:5b:df:69:71:6a:8d:32:a8:cd:
cb:07:ad:d9:7d:77:69:a8:5b:f8:3f:7b:ef:56:8a:
fb:1a:db:8c:6c:9e:51:9e:ea:27:51:4c:9d:f1:4a:
b0:7a:90:3c:16:cf:1e:80:a4:ad:40:7a:13:38:45:
89:4f:3a:5a:7e:da:d4:62:7f:3c:11:40:72:79:b2:
49:e6:2f:07:07:60:ae:db:1d:77:b8:22:ad:ff:90:
10:a6:38:be:56:98:e8:17:f6:a7:5e:4e:94:db:c7:
a1:2c:76:1f:13:c5:9c:b7:4f:f9:67:2b:a9:b9:b9:
e7:ba:c8:90:e1:ef:1f:b7:36:55:87:03:ce:00:e9:
42:4c:24:26:a0:4d:1a:16:9c:6f:5d:5e:13:d7:4f:
e9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
103.108.192.0/22
103.139.0.0/23
103.235.184.0/22
150.242.224.0/22
218.247.64.0/19
219.234.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:d5:85:b3:2d:77:a3:3f:1a:6f:0e:49:f7:45:93:1c:f1:cf:
5a:8d:27:0b:1c:aa:50:cc:51:be:51:55:a8:44:94:79:6f:8a:
72:e6:77:09:93:e2:a1:d9:81:43:9b:63:9e:e8:13:fe:78:90:
28:69:27:4b:bf:20:59:9b:f4:7f:cb:76:89:68:bd:2c:53:38:
0c:48:7d:a6:f0:38:f1:91:dc:fe:5f:55:fd:3d:96:32:e4:68:
22:b4:cd:4d:5a:ef:ac:b0:c6:b7:ca:7c:d4:c2:de:bd:0f:9e:
c9:23:25:ad:d1:3e:f7:15:5a:7a:01:8c:28:1f:08:e1:e0:66:
6a:61:16:83:02:74:e5:68:82:86:c8:2e:9c:14:b9:48:41:dc:
7c:73:74:9d:5e:75:9c:98:16:67:1e:07:ab:fa:a7:21:49:cd:
19:55:e6:f9:0c:6b:31:6f:4a:18:7e:fb:c2:be:78:5d:30:56:
5a:3d:ff:06:a7:3b:00:d4:13:42:4e:27:a7:1f:7d:73:99:3d:
27:4a:09:ec:a1:3d:3a:ec:f7:df:2e:a3:bf:45:69:62:ad:ef:
69:f2:e0:a2:fe:14:3a:dd:0d:40:de:cf:7b:d9:a1:a0:76:5b:
55:46:e8:02:e6:3d:39:f6:55:7b:3d:7b:ca:5e:d9:27:46:fe:
9d:59:15:2a
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDALu5MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUyMzBaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEE5M0E4NjcxMjY4NEE3MkU1REY0MUYwMEFGQTA0QzVGMDFBOTc3
MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoIaUqOfcWcP+3bAHc
JPitNlPJ8PGV0PiiRjWfXPLO4rqaZOYQ6sdGcPqnHAUopICmy6gkbUnESD4oZCSQ
hhBZY+aoapAUE5IYuauPesZjA7ljkJX1cglrm27uWZHvWTs+wOq73b007zzCT88S
TVvfaXFqjTKozcsHrdl9d2moW/g/e+9Wivsa24xsnlGe6idRTJ3xSrB6kDwWzx6A
pK1AehM4RYlPOlp+2tRifzwRQHJ5sknmLwcHYK7bHXe4Iq3/kBCmOL5WmOgX9qde
TpTbx6Esdh8TxZy3T/lnK6m5uee6yJDh7x+3NlWHA84A6UJMJCagTRoWnG9dXhPX
T+nPAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUqTqGcSaEpy5d9B8Ar6BMXwGpdzUw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4
ODkvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjg4OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCK/p0AwQCZ2zAAwQBZ4sAAwQC
Z+u4AwQClvLgAwQF2vdAAwQF2+oAMA0GCSqGSIb3DQEBCwUAA4IBAQAa1YWzLXej
PxpvDkn3RZMc8c9ajScLHKpQzFG+UVWoRJR5b4py5ncJk+Kh2YFDm2Oe6BP+eJAo
aSdLvyBZm/R/y3aJaL0sUzgMSH2m8Djxkdz+X1X9PZYy5GgitM1NWu+ssMa3ynzU
wt69D57JIyWt0T73FVp6AYwoHwjh4GZqYRaDAnTlaIKGyC6cFLlIQdx8c3SdXnWc
mBZnHger+qchSc0ZVeb5DGsxb0oYfvvCvnhdMFZaPf8GpzsA1BNCTienH31zmT0n
SgnsoT067PffLqO/RWlire9p8uCi/hQ63Q1A3s972aGgdltVRugC5j059lV7PXvK
XtknRv6dWRUq
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:28 2024 by rpki-client on console-fra.rpki-client.org