Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer
File: rzr00B8M0Fbw4_aYgAsiOu53PSA.cer (raw, json)
Hash identifier: d0LENNL6pSk9bFsj/7FxUyU0d5QSzUrQ9cfbCrZGNyQ=
Subject key identifier: AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BCBB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:57:24 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 37965
AS: 55988
AS: 58857
IP: 43.247.44.0 -- 43.247.51.255
IP: 103.13.124.0/22
IP: 103.26.240.0/22
IP: 222.126.128.0/17
IP: 2401:2a00::/32
IP: 2407:5500::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48315 (0xbcbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:57:24 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:83:95:f5:82:ef:7d:02:6a:80:18:5c:d8:46:
2d:92:3b:1b:2a:a8:34:3c:72:14:db:81:d9:e5:95:
77:9d:40:17:3b:40:0f:8f:77:b5:50:f9:c8:db:53:
54:c4:e3:4b:d3:36:f2:02:56:ba:43:d8:9e:08:bb:
6c:37:bd:64:59:98:04:82:e4:34:66:f4:8c:ba:2e:
b0:9b:5a:70:0a:f6:38:ec:d0:3b:c9:ee:9c:01:d9:
24:d7:01:38:75:ce:e5:86:4a:57:f3:5b:10:12:58:
a1:9f:08:cb:2c:7e:0b:c4:55:30:60:11:ef:f4:a8:
80:22:71:88:e6:af:cb:0b:b6:7c:22:73:04:0e:cc:
14:84:06:94:ee:0b:1c:8f:27:03:8d:79:fd:4c:a5:
e1:4f:7c:35:e2:4b:1e:1e:b8:3d:21:be:ce:7d:95:
15:c6:55:44:14:60:bd:88:14:ce:69:14:c6:e7:cc:
b8:dd:ae:f2:ff:f5:9f:86:4d:b4:5d:7d:76:ca:31:
da:eb:88:a6:a0:8d:23:78:d6:a2:80:f6:4d:c2:22:
31:8f:20:7a:d2:09:18:59:c0:03:25:2c:9f:dc:94:
21:1a:3e:ce:a3:ed:29:5b:24:42:fa:c1:bb:60:0f:
e6:51:97:8d:23:2a:c3:c5:55:8c:5f:eb:d1:df:91:
12:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
37965
55988
58857
sbgp-ipAddrBlock: critical
IPv4:
43.247.44.0-43.247.51.255
103.13.124.0/22
103.26.240.0/22
222.126.128.0/17
IPv6:
2401:2a00::/32
2407:5500::/32
Signature Algorithm: sha256WithRSAEncryption
15:e5:89:81:31:9b:92:c3:11:2c:5a:f5:d6:9e:0d:9f:f9:8a:
b1:cf:8e:dd:48:9f:cc:18:ee:0e:19:cb:e8:63:c7:bf:51:b1:
46:71:02:cf:78:80:4c:76:19:c4:f3:35:3b:05:d2:70:61:90:
86:91:55:5e:33:d4:7d:1e:a3:08:00:bb:c8:da:9d:5d:08:72:
7a:ec:63:4a:d6:e8:c9:a9:58:34:fc:0f:d4:6f:77:3a:a2:0e:
8c:5f:f3:3c:39:a2:17:49:d4:2a:2f:78:9e:40:65:07:61:c2:
21:66:4a:3f:9e:27:c1:2a:e1:16:63:e4:2e:26:83:d9:f2:04:
e1:9d:d2:4d:40:78:1a:0d:2f:e4:30:a1:93:06:b2:92:d7:d4:
c7:bf:b2:dd:0c:13:66:8c:6d:9e:64:ee:6e:57:d3:f3:bd:c5:
20:aa:97:1c:ca:82:b9:ec:32:ee:6f:e4:e1:9b:21:d0:2d:10:
bc:7e:b3:b8:c5:47:91:80:e6:04:ca:fc:36:d0:c1:10:2e:00:
d5:16:c8:72:be:e5:6f:57:71:57:c0:78:56:d6:d4:f3:64:38:
c7:b0:5f:5d:b6:4f:e4:50:4d:de:2c:8d:48:8c:bf:21:46:35:
5b:8e:6a:93:40:e6:1c:b2:2f:3e:5b:d8:e1:9c:36:65:69:88:
8e:3d:92:55
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDALy7MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU3MjRaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKEFGM0FGNEQwMUYwQ0QwNTZGMEUzRjY5ODgwMEIyMjNBRUU3NzNE
MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2g5X1gu99AmqAGFzY
Ri2SOxsqqDQ8chTbgdnllXedQBc7QA+Pd7VQ+cjbU1TE40vTNvICVrpD2J4Iu2w3
vWRZmASC5DRm9Iy6LrCbWnAK9jjs0DvJ7pwB2STXATh1zuWGSlfzWxASWKGfCMss
fgvEVTBgEe/0qIAicYjmr8sLtnwicwQOzBSEBpTuCxyPJwONef1MpeFPfDXiSx4e
uD0hvs59lRXGVUQUYL2IFM5pFMbnzLjdrvL/9Z+GTbRdfXbKMdrriKagjSN41qKA
9k3CIjGPIHrSCRhZwAMlLJ/clCEaPs6j7SlbJEL6wbtgD+ZRl40jKsPFVYxf69Hf
kRINAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUrzr00B8M0Fbw4/aYgAsiOu53PSAw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIz
My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yMzMvcnpyMDBCOE0wRmJ3NF9hWWdBc2lPdTUzUFNBLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAk
BggrBgEFBQcBCAEB/wQVMBOgETAPAgMAlE0CAwDatAIDAOXpME8GCCsGAQUFBwEH
AQH/BEAwPjAmBAIAATAgMAwDBAIr9ywDBAIr9zADBAJnDXwDBAJnGvADBAfefoAw
FAQCAAIwDgMFACQBKgADBQAkB1UAMA0GCSqGSIb3DQEBCwUAA4IBAQAV5YmBMZuS
wxEsWvXWng2f+Yqxz47dSJ/MGO4OGcvoY8e/UbFGcQLPeIBMdhnE8zU7BdJwYZCG
kVVeM9R9HqMIALvI2p1dCHJ67GNK1ujJqVg0/A/Ub3c6og6MX/M8OaIXSdQqL3ie
QGUHYcIhZko/nifBKuEWY+QuJoPZ8gThndJNQHgaDS/kMKGTBrKS19THv7LdDBNm
jG2eZO5uV9PzvcUgqpccyoK57DLub+ThmyHQLRC8frO4xUeRgOYEyvw20MEQLgDV
FshyvuVvV3FXwHhW1tTzZDjHsF9dtk/kUE3eLI1IjL8hRjVbjmqTQOYcsi8+W9jh
nDZlaYiOPZJV
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:28 2024 by rpki-client on console-ams.rpki-client.org