Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer
File: rzr00B8M0Fbw4_aYgAsiOu53PSA.cer (raw, json)
Hash identifier: 1lLyTqRK8RPFhwogYUic2aVYrVtd/ZdHabb7U/W6BAE=
Subject key identifier: AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: A2BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 11 Aug 2023 07:48:09 +0000
Certificate not after: Sat 10 Aug 2024 07:41:13 +0000
Subordinate resources: AS: 37965
AS: 55988
AS: 58857
IP: 43.247.44.0 -- 43.247.51.255
IP: 103.13.124.0/22
IP: 103.26.240.0/22
IP: 222.126.128.0/17
IP: 2401:2a00::/32
IP: 2407:5500::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 00:56:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41663 (0xa2bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Aug 11 07:48:09 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:83:95:f5:82:ef:7d:02:6a:80:18:5c:d8:46:
2d:92:3b:1b:2a:a8:34:3c:72:14:db:81:d9:e5:95:
77:9d:40:17:3b:40:0f:8f:77:b5:50:f9:c8:db:53:
54:c4:e3:4b:d3:36:f2:02:56:ba:43:d8:9e:08:bb:
6c:37:bd:64:59:98:04:82:e4:34:66:f4:8c:ba:2e:
b0:9b:5a:70:0a:f6:38:ec:d0:3b:c9:ee:9c:01:d9:
24:d7:01:38:75:ce:e5:86:4a:57:f3:5b:10:12:58:
a1:9f:08:cb:2c:7e:0b:c4:55:30:60:11:ef:f4:a8:
80:22:71:88:e6:af:cb:0b:b6:7c:22:73:04:0e:cc:
14:84:06:94:ee:0b:1c:8f:27:03:8d:79:fd:4c:a5:
e1:4f:7c:35:e2:4b:1e:1e:b8:3d:21:be:ce:7d:95:
15:c6:55:44:14:60:bd:88:14:ce:69:14:c6:e7:cc:
b8:dd:ae:f2:ff:f5:9f:86:4d:b4:5d:7d:76:ca:31:
da:eb:88:a6:a0:8d:23:78:d6:a2:80:f6:4d:c2:22:
31:8f:20:7a:d2:09:18:59:c0:03:25:2c:9f:dc:94:
21:1a:3e:ce:a3:ed:29:5b:24:42:fa:c1:bb:60:0f:
e6:51:97:8d:23:2a:c3:c5:55:8c:5f:eb:d1:df:91:
12:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
37965
55988
58857
sbgp-ipAddrBlock: critical
IPv4:
43.247.44.0-43.247.51.255
103.13.124.0/22
103.26.240.0/22
222.126.128.0/17
IPv6:
2401:2a00::/32
2407:5500::/32
Signature Algorithm: sha256WithRSAEncryption
3b:8e:dc:bb:4f:d8:a9:b2:84:d2:50:02:02:f8:6a:7a:dc:b9:
8d:f6:4a:47:e7:97:61:32:63:98:93:97:94:9e:14:9e:54:34:
fc:d7:5a:0a:79:d7:fe:65:6a:da:11:53:f0:95:8e:2d:59:9d:
c8:39:81:92:bb:7d:d9:f1:8d:35:34:8e:f7:01:37:cc:30:a9:
a3:2c:54:cf:40:56:c0:63:61:d9:00:66:2d:b5:de:d4:2e:ab:
35:d9:d6:ab:9c:f7:71:0a:49:2a:1f:ef:e2:27:68:53:ce:1b:
9f:13:aa:d5:62:b3:a4:99:28:6b:03:a1:91:e8:3f:18:ae:85:
22:03:e5:13:a1:46:c0:6c:d8:ac:07:8a:6c:71:3b:77:f4:ae:
ee:bf:71:d1:fb:e0:c3:a4:36:6a:d3:b3:6a:a8:96:39:02:92:
5e:15:59:f5:7b:b8:b1:97:b8:94:7e:ba:00:8d:e3:11:75:01:
d5:13:32:7d:57:9b:bc:f5:69:8a:ef:4f:5a:55:85:c8:d5:32:
c5:5d:7e:ea:e2:43:0d:8b:4d:a8:d8:80:ab:92:65:5e:2b:52:
e6:dc:f3:32:b5:45:3d:90:ea:b8:82:25:bf:10:25:5a:09:65:
01:a3:fa:35:f0:87:80:e7:40:0a:08:02:14:cd:aa:7c:52:62:
4e:d7:c0:1e
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAKK/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yMzA4MTEwNzQ4MDlaFw0yNDA4MTAwNzQxMTNaMDMx
MTAvBgNVBAMTKEFGM0FGNEQwMUYwQ0QwNTZGMEUzRjY5ODgwMEIyMjNBRUU3NzNE
MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2g5X1gu99AmqAGFzY
Ri2SOxsqqDQ8chTbgdnllXedQBc7QA+Pd7VQ+cjbU1TE40vTNvICVrpD2J4Iu2w3
vWRZmASC5DRm9Iy6LrCbWnAK9jjs0DvJ7pwB2STXATh1zuWGSlfzWxASWKGfCMss
fgvEVTBgEe/0qIAicYjmr8sLtnwicwQOzBSEBpTuCxyPJwONef1MpeFPfDXiSx4e
uD0hvs59lRXGVUQUYL2IFM5pFMbnzLjdrvL/9Z+GTbRdfXbKMdrriKagjSN41qKA
9k3CIjGPIHrSCRhZwAMlLJ/clCEaPs6j7SlbJEL6wbtgD+ZRl40jKsPFVYxf69Hf
kRINAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUrzr00B8M0Fbw4/aYgAsiOu53PSAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIz
My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yMzMvcnpyMDBCOE0wRmJ3NF9hWWdBc2lPdTUzUFNBLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAk
BggrBgEFBQcBCAEB/wQVMBOgETAPAgMAlE0CAwDatAIDAOXpME8GCCsGAQUFBwEH
AQH/BEAwPjAmBAIAATAgMAwDBAIr9ywDBAIr9zADBAJnDXwDBAJnGvADBAfefoAw
FAQCAAIwDgMFACQBKgADBQAkB1UAMA0GCSqGSIb3DQEBCwUAA4IBAQA7jty7T9ip
soTSUAIC+Gp63LmN9kpH55dhMmOYk5eUnhSeVDT811oKedf+ZWraEVPwlY4tWZ3I
OYGSu33Z8Y01NI73ATfMMKmjLFTPQFbAY2HZAGYttd7ULqs12darnPdxCkkqH+/i
J2hTzhufE6rVYrOkmShrA6GR6D8YroUiA+UToUbAbNisB4pscTt39K7uv3HR++DD
pDZq07NqqJY5ApJeFVn1e7ixl7iUfroAjeMRdQHVEzJ9V5u89WmK709aVYXI1TLF
XX7q4kMNi02o2ICrkmVeK1Lm3PMytUU9kOq4giW/ECVaCWUBo/o18IeA50AKCAIU
zap8UmJO18Ae
-----END CERTIFICATE-----
Generated at Sun May 19 19:42:23 2024 by rpki-client on console-fra.rpki-client.org