Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/rvnRXVUWBDHU9wnoqjo61bzM1uU.cer
File: rvnRXVUWBDHU9wnoqjo61bzM1uU.cer (raw, json)
Hash identifier: tS8OIF3BjIQTdhCzVfMve/La+JGoV9pKUCnD0ODpLK8=
Subject key identifier: AE:F9:D1:5D:55:16:04:31:D4:F7:09:E8:AA:3A:3A:D5:BC:CC:D6:E5
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: AEDB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/rvnRXVUWBDHU9wnoqjo61bzM1uU.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 01 Feb 2024 01:21:40 +0000
Certificate not after: Fri 31 Jan 2025 01:13:46 +0000
Subordinate resources: IP: 103.20.128.0/22
IP: 103.64.160.0 -- 103.64.207.255
IP: 103.64.224.0/20
IP: 103.213.144.0/20
IP: 103.223.144.0 -- 103.223.175.255
IP: 103.223.192.0/18
IP: 103.255.68.0/22
IP: 119.80.192.0 -- 119.80.203.255
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 May 2024 05:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44763 (0xaedb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 1 01:21:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AEF9D15D55160431D4F709E8AA3A3AD5BCCCD6E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:13:99:82:01:cb:36:e1:12:49:42:37:01:3e:
cb:06:40:84:1e:67:0f:08:5c:1a:72:e2:74:8d:85:
f3:52:27:06:26:75:76:f8:74:af:1a:1b:d1:cf:2b:
d0:6c:93:81:f3:a1:00:d9:05:ca:d2:bb:ff:40:5b:
03:53:5e:b0:7a:83:39:ef:7f:e3:57:d9:3b:7a:12:
9b:05:63:ec:cc:d4:c2:1f:13:fd:85:24:52:86:90:
a6:1e:b2:cb:09:b3:df:aa:0d:e7:50:7e:63:89:1b:
79:a3:26:ef:62:d6:26:90:0b:93:66:19:8a:bc:78:
34:63:9f:c4:da:26:5c:7d:33:59:1d:cc:c8:3f:e3:
4b:f6:99:c1:28:dc:cf:52:42:96:e2:b2:13:1e:19:
ce:26:61:f5:88:e9:95:c7:3f:81:2a:b6:8d:91:3e:
26:a5:d2:b6:94:a9:6b:22:95:a1:79:4f:4d:76:62:
d8:27:06:e9:6a:86:78:e6:e6:73:dd:7e:04:52:dd:
28:78:49:82:c1:ba:2f:9c:d7:25:73:02:e6:18:93:
db:5f:a7:df:8a:51:ff:5a:c9:64:c7:3a:ca:ba:9c:
c4:08:c8:e9:87:c5:8b:9e:4d:ad:16:61:e3:52:ef:
ca:ca:2f:89:d1:0e:49:32:87:03:98:a0:6f:54:1d:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F9:D1:5D:55:16:04:31:D4:F7:09:E8:AA:3A:3A:D5:BC:CC:D6:E5
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/rvnRXVUWBDHU9wnoqjo61bzM1uU.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.128.0/22
103.64.160.0-103.64.207.255
103.64.224.0/20
103.213.144.0/20
103.223.144.0-103.223.175.255
103.223.192.0/18
103.255.68.0/22
119.80.192.0-119.80.203.255
Signature Algorithm: sha256WithRSAEncryption
9b:98:0c:01:6a:fb:c5:c6:74:3b:0a:59:de:f3:57:9c:ad:53:
b3:56:33:6a:fa:85:30:3f:20:c7:0e:b0:38:ae:18:3a:79:40:
85:bf:1d:98:92:3b:81:fd:eb:dd:a7:bd:01:db:34:0e:d3:3d:
8b:c3:55:6b:5c:4a:86:76:2e:1b:e3:3a:75:86:71:19:e8:5a:
f9:25:d1:40:28:f3:09:f7:ca:3e:85:d1:51:19:29:18:4b:ac:
9e:b6:b6:dd:45:07:1e:d5:a5:5f:9a:db:f3:26:50:aa:fa:ce:
bc:ac:b3:f1:a4:cb:1c:e2:97:90:64:84:07:91:90:c1:f2:02:
e3:e2:45:6e:89:94:1a:bf:68:80:cf:6c:1d:98:ec:9c:26:b5:
60:37:56:cd:14:15:3a:fb:f8:2f:87:0a:ed:7f:ef:e7:dd:a8:
24:8d:5a:7b:c5:78:cd:fe:82:03:07:ef:20:40:09:4e:2f:a1:
f3:59:1d:80:6e:22:76:e0:dd:40:2a:e2:be:28:39:ca:9d:44:
0c:bc:c5:fa:74:7b:8e:83:69:94:4b:b9:38:8a:93:0d:f3:57:
e4:1d:1d:94:40:23:08:a6:7b:75:76:f8:fd:a0:26:ee:40:e0:
a5:aa:c6:a4:d1:b8:8a:81:c8:9a:89:11:47:90:97:27:7a:9f:
7b:08:3f:47
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIDAK7bMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDAyMDEwMTIxNDBaFw0yNTAxMzEwMTEzNDZaMDMx
MTAvBgNVBAMTKEFFRjlEMTVENTUxNjA0MzFENEY3MDlFOEFBM0EzQUQ1QkNDQ0Q2
RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQE5mCAcs24RJJQjcB
PssGQIQeZw8IXBpy4nSNhfNSJwYmdXb4dK8aG9HPK9Bsk4HzoQDZBcrSu/9AWwNT
XrB6gznvf+NX2Tt6EpsFY+zM1MIfE/2FJFKGkKYesssJs9+qDedQfmOJG3mjJu9i
1iaQC5NmGYq8eDRjn8TaJlx9M1kdzMg/40v2mcEo3M9SQpbishMeGc4mYfWI6ZXH
P4Eqto2RPial0raUqWsilaF5T012YtgnBulqhnjm5nPdfgRS3Sh4SYLBui+c1yVz
AuYYk9tfp9+KUf9ayWTHOsq6nMQIyOmHxYueTa0WYeNS78rKL4nRDkkyhwOYoG9U
HQHpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUrvnRXVUWBDHU9wnoqjo61bzM1uUw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzUx
MC8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81MTAvcnZuUlhWVVdCREhVOXdub3FqbzYxYnpNMXVVLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAmcUgDAMAwQFZ0CgAwQEZ0DAAwQE
Z0DgAwQEZ9WQMAwDBARn35ADBARn36ADBAZn38ADBAJn/0QwDAMEBndQwAMEAndQ
yDANBgkqhkiG9w0BAQsFAAOCAQEAm5gMAWr7xcZ0OwpZ3vNXnK1Ts1YzavqFMD8g
xw6wOK4YOnlAhb8dmJI7gf3r3ae9Ads0DtM9i8NVa1xKhnYuG+M6dYZxGeha+SXR
QCjzCffKPoXRURkpGEusnra23UUHHtWlX5rb8yZQqvrOvKyz8aTLHOKXkGSEB5GQ
wfIC4+JFbomUGr9ogM9sHZjsnCa1YDdWzRQVOvv4L4cK7X/v592oJI1ae8V4zf6C
AwfvIEAJTi+h81kdgG4iduDdQCrivig5yp1EDLzF+nR7joNplEu5OIqTDfNX5B0d
lEAjCKZ7dXb4/aAm7kDgparGpNG4ioHImokRR5CXJ3qfewg/Rw==
-----END CERTIFICATE-----
Generated at Sun May 19 01:06:24 2024 by rpki-client on console-fra.rpki-client.org