Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
File: qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer (raw, json)
Hash identifier: TDbvoAoiC884PjANK3cFPrtDS5fmhxSWTeQ8cU3NAqM=
Subject key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: B2B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Tue 14 May 2024 02:26:44 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: IP: 43.250.116.0/22
IP: 103.108.192.0/22
IP: 103.139.0.0/23
IP: 103.235.184.0/22
IP: 150.242.224.0/22
IP: 218.247.64.0/19
IP: 219.234.0.0/19
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 05:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45745 (0xb2b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: May 14 02:26:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:21:a5:2a:39:f7:16:70:ff:b7:6c:01:dc:24:
f8:ad:36:53:c9:f0:f1:95:d0:f8:a2:46:35:9f:5c:
f2:ce:e2:ba:9a:64:e6:10:ea:c7:46:70:fa:a7:1c:
05:28:a4:80:a6:cb:a8:24:6d:49:c4:48:3e:28:64:
24:90:86:10:59:63:e6:a8:6a:90:14:13:92:18:b9:
ab:8f:7a:c6:63:03:b9:63:90:95:f5:72:09:6b:9b:
6e:ee:59:91:ef:59:3b:3e:c0:ea:bb:dd:bd:34:ef:
3c:c2:4f:cf:12:4d:5b:df:69:71:6a:8d:32:a8:cd:
cb:07:ad:d9:7d:77:69:a8:5b:f8:3f:7b:ef:56:8a:
fb:1a:db:8c:6c:9e:51:9e:ea:27:51:4c:9d:f1:4a:
b0:7a:90:3c:16:cf:1e:80:a4:ad:40:7a:13:38:45:
89:4f:3a:5a:7e:da:d4:62:7f:3c:11:40:72:79:b2:
49:e6:2f:07:07:60:ae:db:1d:77:b8:22:ad:ff:90:
10:a6:38:be:56:98:e8:17:f6:a7:5e:4e:94:db:c7:
a1:2c:76:1f:13:c5:9c:b7:4f:f9:67:2b:a9:b9:b9:
e7:ba:c8:90:e1:ef:1f:b7:36:55:87:03:ce:00:e9:
42:4c:24:26:a0:4d:1a:16:9c:6f:5d:5e:13:d7:4f:
e9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
103.108.192.0/22
103.139.0.0/23
103.235.184.0/22
150.242.224.0/22
218.247.64.0/19
219.234.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:c6:cc:5b:02:ed:a2:bb:d1:9a:76:50:03:50:e5:cf:82:10:
38:67:41:a0:eb:6b:9c:49:1d:ee:cb:9d:cd:2f:8f:55:29:cd:
27:e4:14:99:5b:cb:46:ae:57:6d:c1:de:a7:80:fb:d6:03:26:
9d:b3:c5:09:0d:fb:4c:0a:3f:e0:e9:b0:fc:39:25:bb:68:cc:
bd:5e:95:60:b4:0c:8f:e8:28:8e:ca:ca:ee:61:56:41:43:ca:
ff:28:cd:64:ab:d4:6c:e7:32:95:36:c2:df:17:a8:61:76:c5:
75:ea:19:3f:7f:0f:bf:87:4a:b0:8f:bd:bd:0c:cf:d8:c3:53:
4c:cc:6a:d0:e9:ec:b8:53:0e:b8:4d:c1:25:54:65:a5:4f:5d:
2e:25:d5:5f:2d:0f:b9:dd:68:2c:73:63:a8:a2:31:66:69:5c:
ec:78:2c:d6:73:63:2b:c9:e5:dd:93:f5:94:62:a6:a9:b7:a0:
20:28:49:e1:1e:fc:f7:f2:6e:5e:ee:bc:7d:17:0a:f6:71:8c:
af:b5:dc:b5:69:bd:6c:a2:87:19:2a:59:cb:49:6d:7c:36:47:
ac:39:a1:e8:c2:47:76:31:26:d5:5e:c4:58:3a:db:d1:90:47:
3d:23:e7:10:2b:50:6a:b9:3c:82:e7:9f:77:78:f9:35:42:49:
37:38:e3:f6
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDALKxMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA1MTQwMjI2NDRaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKEE5M0E4NjcxMjY4NEE3MkU1REY0MUYwMEFGQTA0QzVGMDFBOTc3
MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoIaUqOfcWcP+3bAHc
JPitNlPJ8PGV0PiiRjWfXPLO4rqaZOYQ6sdGcPqnHAUopICmy6gkbUnESD4oZCSQ
hhBZY+aoapAUE5IYuauPesZjA7ljkJX1cglrm27uWZHvWTs+wOq73b007zzCT88S
TVvfaXFqjTKozcsHrdl9d2moW/g/e+9Wivsa24xsnlGe6idRTJ3xSrB6kDwWzx6A
pK1AehM4RYlPOlp+2tRifzwRQHJ5sknmLwcHYK7bHXe4Iq3/kBCmOL5WmOgX9qde
TpTbx6Esdh8TxZy3T/lnK6m5uee6yJDh7x+3NlWHA84A6UJMJCagTRoWnG9dXhPX
T+nPAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUqTqGcSaEpy5d9B8Ar6BMXwGpdzUw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4
ODkvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMjg4OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCK/p0AwQCZ2zAAwQBZ4sAAwQC
Z+u4AwQClvLgAwQF2vdAAwQF2+oAMA0GCSqGSIb3DQEBCwUAA4IBAQCbxsxbAu2i
u9GadlADUOXPghA4Z0Gg62ucSR3uy53NL49VKc0n5BSZW8tGrldtwd6ngPvWAyad
s8UJDftMCj/g6bD8OSW7aMy9XpVgtAyP6CiOysruYVZBQ8r/KM1kq9Rs5zKVNsLf
F6hhdsV16hk/fw+/h0qwj729DM/Yw1NMzGrQ6ey4Uw64TcElVGWlT10uJdVfLQ+5
3Wgsc2OoojFmaVzseCzWc2MryeXdk/WUYqapt6AgKEnhHvz38m5e7rx9Fwr2cYyv
tdy1ab1soocZKlnLSW18NkesOaHowkd2MSbVXsRYOtvRkEc9I+cQK1BquTyC5593
ePk1Qkk3OOP2
-----END CERTIFICATE-----
Generated at Mon May 20 00:52:46 2024 by rpki-client on console-ams.rpki-client.org