Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer
File: rszMt53-bEZsyts5iWcQ7Kw3uEc.cer (raw, json)
Hash identifier: eLMpM2atxmbcxRgTdH3LRiRSx5HMt8FNP3v+XjsB5Ps=
Subject key identifier: AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BC99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:56:47 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 17429
IP: 1.88.0.0/14
IP: 43.247.236.0/22
IP: 58.30.0.0/15
IP: 101.240.0.0/14
IP: 103.238.48.0/22
IP: 180.77.0.0 -- 180.79.255.255
IP: 211.99.128.0/19
IP: 218.246.96.0/19
IP: 219.236.0.0/15
IP: 2403:4300::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48281 (0xbc99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:56:47 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cd:fb:ae:15:40:e9:e2:69:45:a4:c8:53:f2:
e0:84:e5:ba:0e:af:2e:ed:a8:64:b2:f4:2b:d9:77:
aa:cd:b4:54:49:80:44:f8:1d:f9:bb:a6:16:4d:68:
dc:99:be:47:13:80:19:19:94:23:2c:95:e3:19:51:
33:d9:9f:dd:11:eb:4c:07:6c:eb:26:b1:58:34:be:
2a:88:b7:b9:9a:89:46:cc:ad:ae:30:56:15:c0:2f:
be:9e:9e:56:64:3a:7d:35:de:1c:99:55:65:ab:29:
16:de:dc:38:0f:7d:c9:34:9d:e1:10:38:e4:59:40:
d5:69:67:c2:8b:53:a6:a1:c7:fc:92:a4:25:32:38:
63:59:b5:46:af:b9:6f:1a:75:46:62:7a:32:93:98:
f2:68:f8:2e:e9:09:5d:75:cd:b6:f2:1b:ee:9e:db:
2e:58:e8:2e:56:dc:a9:68:88:26:a6:7f:34:fd:6d:
7a:7a:63:9e:aa:85:d2:e9:a3:48:88:b9:a6:66:72:
c3:be:11:ad:56:6a:af:f4:08:8c:ac:04:46:78:a8:
e3:bb:78:af:e3:51:fc:24:ef:7a:09:41:7c:68:25:
62:15:90:9c:b0:a4:fd:90:34:1c:2f:26:94:90:49:
73:18:13:29:54:43:b6:5f:40:80:2f:24:51:d9:e1:
a1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
17429
sbgp-ipAddrBlock: critical
IPv4:
1.88.0.0/14
43.247.236.0/22
58.30.0.0/15
101.240.0.0/14
103.238.48.0/22
180.77.0.0-180.79.255.255
211.99.128.0/19
218.246.96.0/19
219.236.0.0/15
IPv6:
2403:4300::/32
Signature Algorithm: sha256WithRSAEncryption
06:da:61:cd:3b:99:b1:bd:f3:0b:06:92:37:c6:05:d9:55:2b:
e9:7d:5e:98:f1:70:f0:94:c0:3c:f8:c6:02:53:ec:05:de:27:
cf:ac:50:b1:0a:6a:02:87:50:d2:09:f9:43:ae:2b:ac:68:8c:
1f:c4:14:99:82:76:5d:23:4f:bc:5e:74:d1:14:42:76:9f:9f:
cc:ed:15:3c:2e:8b:32:b0:fd:7c:51:70:8d:73:cd:26:c7:bf:
2c:27:10:4a:9c:c1:a5:05:09:3e:f3:fe:77:a9:8b:b5:7a:4f:
e5:f0:4b:c0:78:85:24:52:ec:fc:42:47:c2:5f:70:21:59:68:
ba:d2:32:cc:51:8f:60:54:40:da:e8:d6:b1:64:de:b7:a9:36:
09:04:8e:12:a9:67:f9:54:a0:0a:f6:21:f8:17:5e:d1:28:5f:
3a:3a:5b:2b:40:ec:f7:f1:a7:25:db:6c:1a:ef:1e:40:40:eb:
f2:8f:92:f8:d7:5e:6b:54:29:ee:41:96:e4:36:bb:3b:95:bd:
a0:b6:fc:cc:23:27:4b:33:49:67:c6:30:fd:c3:8d:b8:61:03:
f2:80:6e:1c:93:20:fd:bc:97:c0:2b:c2:a1:67:bc:ec:4a:50:
e6:7e:c7:59:64:5e:58:59:04:0f:8a:da:ec:b6:07:8b:1b:6e:
83:ee:18:31
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDALyZMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU2NDdaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEFFQ0NDQ0I3OURGRTZDNDY2Q0NBREIzOTg5NjcxMEVDQUMzN0I4
NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkzfuuFUDp4mlFpMhT
8uCE5boOry7tqGSy9CvZd6rNtFRJgET4Hfm7phZNaNyZvkcTgBkZlCMsleMZUTPZ
n90R60wHbOsmsVg0viqIt7maiUbMra4wVhXAL76enlZkOn013hyZVWWrKRbe3DgP
fck0neEQOORZQNVpZ8KLU6ahx/ySpCUyOGNZtUavuW8adUZiejKTmPJo+C7pCV11
zbbyG+6e2y5Y6C5W3KloiCamfzT9bXp6Y56qhdLpo0iIuaZmcsO+Ea1Waq/0CIys
BEZ4qOO7eK/jUfwk73oJQXxoJWIVkJywpP2QNBwvJpSQSXMYEylUQ7ZfQIAvJFHZ
4aEPAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUrszMt53+bEZsyts5iWcQ7Kw3uEcw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQw
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzQwL3Jzek10NTMtYkVac3l0czVpV2NRN0t3M3VFYy5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwGQYI
KwYBBQUHAQgBAf8ECjAIoAYwBAICRBUwYAYIKwYBBQUHAQcBAf8EUTBPMD4EAgAB
MDgDAwIBWAMEAiv37AMDAToeAwMCZfADBAJn7jAwCgMDALRNAwMEtEADBAXTY4AD
BAXa9mADAwHb7DANBAIAAjAHAwUAJANDADANBgkqhkiG9w0BAQsFAAOCAQEABtph
zTuZsb3zCwaSN8YF2VUr6X1emPFw8JTAPPjGAlPsBd4nz6xQsQpqAodQ0gn5Q64r
rGiMH8QUmYJ2XSNPvF500RRCdp+fzO0VPC6LMrD9fFFwjXPNJse/LCcQSpzBpQUJ
PvP+d6mLtXpP5fBLwHiFJFLs/EJHwl9wIVloutIyzFGPYFRA2ujWsWTet6k2CQSO
Eqln+VSgCvYh+Bde0ShfOjpbK0Ds9/GnJdtsGu8eQEDr8o+S+Ndea1Qp7kGW5Da7
O5W9oLb8zCMnSzNJZ8Yw/cONuGED8oBuHJMg/byXwCvCoWe87EpQ5n7HWWReWFkE
D4ra7LYHixtug+4YMQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:28 2024 by rpki-client on console-fra.rpki-client.org