Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer
File: rzr00B8M0Fbw4_aYgAsiOu53PSA.cer (raw, json)
Hash identifier: 0aSoSpfZ4VLRaHTnh5r1BADzTAdx9aPPlLK7EBZIzV4=
Subject key identifier: AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CE71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:14:37 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 37965
AS: 55988
AS: 58857
IP: 43.247.44.0 -- 43.247.51.255
IP: 103.13.124.0/22
IP: 103.26.240.0/22
IP: 222.126.128.0/17
IP: 2401:2a00::/32
IP: 2407:5500::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 04:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52849 (0xce71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:14:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:83:95:f5:82:ef:7d:02:6a:80:18:5c:d8:46:
2d:92:3b:1b:2a:a8:34:3c:72:14:db:81:d9:e5:95:
77:9d:40:17:3b:40:0f:8f:77:b5:50:f9:c8:db:53:
54:c4:e3:4b:d3:36:f2:02:56:ba:43:d8:9e:08:bb:
6c:37:bd:64:59:98:04:82:e4:34:66:f4:8c:ba:2e:
b0:9b:5a:70:0a:f6:38:ec:d0:3b:c9:ee:9c:01:d9:
24:d7:01:38:75:ce:e5:86:4a:57:f3:5b:10:12:58:
a1:9f:08:cb:2c:7e:0b:c4:55:30:60:11:ef:f4:a8:
80:22:71:88:e6:af:cb:0b:b6:7c:22:73:04:0e:cc:
14:84:06:94:ee:0b:1c:8f:27:03:8d:79:fd:4c:a5:
e1:4f:7c:35:e2:4b:1e:1e:b8:3d:21:be:ce:7d:95:
15:c6:55:44:14:60:bd:88:14:ce:69:14:c6:e7:cc:
b8:dd:ae:f2:ff:f5:9f:86:4d:b4:5d:7d:76:ca:31:
da:eb:88:a6:a0:8d:23:78:d6:a2:80:f6:4d:c2:22:
31:8f:20:7a:d2:09:18:59:c0:03:25:2c:9f:dc:94:
21:1a:3e:ce:a3:ed:29:5b:24:42:fa:c1:bb:60:0f:
e6:51:97:8d:23:2a:c3:c5:55:8c:5f:eb:d1:df:91:
12:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
37965
55988
58857
sbgp-ipAddrBlock: critical
IPv4:
43.247.44.0-43.247.51.255
103.13.124.0/22
103.26.240.0/22
222.126.128.0/17
IPv6:
2401:2a00::/32
2407:5500::/32
Signature Algorithm: sha256WithRSAEncryption
35:c7:a5:dd:4f:17:1e:26:07:42:18:8a:06:49:0c:ce:83:bc:
f3:c9:5e:d9:49:9a:e2:3b:eb:39:5d:65:91:40:f9:6b:f7:f8:
28:0e:01:83:ce:72:26:13:32:15:00:f8:2f:c8:3a:1b:7a:00:
1a:de:28:4a:85:db:bf:6b:c3:0c:1d:7f:1a:bc:75:5a:8c:5b:
24:a9:1a:0f:13:b3:15:c8:ca:6a:c0:63:31:b3:37:2c:61:f2:
38:3e:61:e7:24:06:4e:f3:b2:26:a6:ab:f0:85:0e:bb:76:c1:
dc:91:59:f6:70:ae:9a:4d:99:65:b2:d9:3a:85:0f:ef:1e:4d:
1e:ac:ad:cd:9c:a6:ba:0d:12:9f:20:e8:df:80:84:7a:12:9d:
32:5d:2d:90:c0:d4:af:2e:be:26:f3:c3:19:a9:5d:cf:e3:dc:
d2:ee:5f:66:fb:a0:17:69:b0:6b:7e:b0:b7:e8:35:db:dd:d6:
0c:eb:ad:04:0a:6e:a8:9e:ca:42:6f:8b:f6:25:71:5b:2a:93:
34:5f:42:28:b1:03:b8:79:3c:d5:2e:4f:ca:05:1d:c2:4e:a2:
e6:3a:93:aa:b6:5e:91:12:aa:25:f6:b4:1b:b9:eb:51:2c:3f:
00:36:20:b3:36:3e:6a:f2:63:56:df:d1:62:30:18:14:06:14:
31:03:60:e3
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAM5xMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE0MzdaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKEFGM0FGNEQwMUYwQ0QwNTZGMEUzRjY5ODgwMEIyMjNBRUU3NzNE
MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2g5X1gu99AmqAGFzY
Ri2SOxsqqDQ8chTbgdnllXedQBc7QA+Pd7VQ+cjbU1TE40vTNvICVrpD2J4Iu2w3
vWRZmASC5DRm9Iy6LrCbWnAK9jjs0DvJ7pwB2STXATh1zuWGSlfzWxASWKGfCMss
fgvEVTBgEe/0qIAicYjmr8sLtnwicwQOzBSEBpTuCxyPJwONef1MpeFPfDXiSx4e
uD0hvs59lRXGVUQUYL2IFM5pFMbnzLjdrvL/9Z+GTbRdfXbKMdrriKagjSN41qKA
9k3CIjGPIHrSCRhZwAMlLJ/clCEaPs6j7SlbJEL6wbtgD+ZRl40jKsPFVYxf69Hf
kRINAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUrzr00B8M0Fbw4/aYgAsiOu53PSAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIz
My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yMzMvcnpyMDBCOE0wRmJ3NF9hWWdBc2lPdTUzUFNBLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAk
BggrBgEFBQcBCAEB/wQVMBOgETAPAgMAlE0CAwDatAIDAOXpME8GCCsGAQUFBwEH
AQH/BEAwPjAmBAIAATAgMAwDBAIr9ywDBAIr9zADBAJnDXwDBAJnGvADBAfefoAw
FAQCAAIwDgMFACQBKgADBQAkB1UAMA0GCSqGSIb3DQEBCwUAA4IBAQA1x6XdTxce
JgdCGIoGSQzOg7zzyV7ZSZriO+s5XWWRQPlr9/goDgGDznImEzIVAPgvyDobegAa
3ihKhdu/a8MMHX8avHVajFskqRoPE7MVyMpqwGMxszcsYfI4PmHnJAZO87Impqvw
hQ67dsHckVn2cK6aTZllstk6hQ/vHk0erK3NnKa6DRKfIOjfgIR6Ep0yXS2QwNSv
Lr4m88MZqV3P49zS7l9m+6AXabBrfrC36DXb3dYM660ECm6onspCb4v2JXFbKpM0
X0IosQO4eTzVLk/KBR3CTqLmOpOqtl6REqol9rQbuetRLD8ANiCzNj5q8mNW39Fi
MBgUBhQxA2Dj
-----END CERTIFICATE-----
Generated at Fri Apr 4 02:20:50 2025 by rpki-client