$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer File: tS8PP_c3H_HOnYI-lUn8EVixaio.cer (raw, json) Hash identifier: CrcPEtx6LPLx9C5TqRCTIRdE3bpXsF3OnH6AMwe2qFY= Subject key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3328 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 29 Mar 2024 01:18:28 +0000 Certificate not after: Sat 29 Mar 2025 01:10:17 +0000 Subordinate resources: IP: 157.66.42.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 May 2024 03:26:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13096 (0x3328) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Mar 29 01:18:28 2024 GMT Not After : Mar 29 01:10:17 2025 GMT Subject: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7c:06:8a:f8:54:06:09:16:4c:32:ce:68:fe: 8d:bd:85:6e:94:51:9d:1f:33:27:a0:26:eb:24:3f: 65:6d:fb:60:af:06:27:38:d3:7f:b9:76:28:9c:c2: 80:18:e1:2c:8a:fa:7e:0b:61:86:85:c6:20:a6:47: a8:ac:b9:93:aa:05:2e:82:83:44:0f:7c:fd:1b:8b: ed:b6:16:bc:ac:45:2e:ba:3f:c7:fa:a8:1f:47:4a: ae:15:24:6c:28:57:ea:5e:e3:d0:c0:d8:4a:9a:a3: 1e:92:cf:60:53:bb:0c:06:31:2d:f4:f2:57:4c:fd: 91:42:ce:b1:df:f7:42:b7:9f:88:e7:1f:13:be:ef: 3b:12:83:ac:d7:48:bd:62:ce:d3:ac:b7:ab:68:92: 56:2f:62:d7:f8:60:75:5b:af:ed:ff:67:90:e7:78: 59:a8:ad:81:db:03:bb:ce:4a:46:52:e1:18:74:17: 07:51:f6:22:2d:d9:4e:aa:d4:c9:5f:c6:81:89:cc: fb:17:f2:5e:a5:8c:e3:ac:d1:49:9c:bd:19:45:8c: de:4a:bd:51:96:6c:f4:4a:58:92:42:6d:65:fb:9b: 36:35:a0:91:b2:51:80:bd:ae:91:16:55:ad:3d:1a: 11:ff:89:ce:3a:17:6f:49:4e:f5:05:4a:ed:ca:ee: ce:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.42.0/23 Signature Algorithm: sha256WithRSAEncryption 32:9f:95:64:9f:d8:a7:d0:aa:a4:ef:82:65:5e:85:e3:16:02: 4b:9d:79:ce:2f:eb:ae:66:d9:26:f3:4a:7e:92:57:3c:06:4b: 18:55:6d:bc:3e:a9:3b:c8:40:7d:fe:bf:b2:df:ec:7e:a4:28: 4b:26:33:dd:a9:aa:be:e3:f2:2f:2b:ca:1e:21:1b:26:c8:68: 3b:45:22:92:6b:47:7b:91:57:c6:27:40:64:e9:c3:fb:2f:ef: db:3d:fa:ca:b2:c9:a1:07:5b:22:39:00:07:55:58:c8:03:59: f3:78:a7:86:a3:6b:06:24:f6:e7:be:cf:cd:36:19:ce:f8:61: 67:3a:5c:5a:2d:d2:f3:5e:88:19:52:10:de:09:9f:fc:12:a1: 5e:b1:68:38:f7:73:3c:f5:b6:93:79:86:bb:94:ae:0b:16:1f: 41:67:df:d5:e6:69:a1:bc:0b:7c:67:7c:5f:83:bf:81:5c:23: 19:da:46:a5:ef:4b:08:2d:f4:76:b2:20:04:1d:1b:db:71:0e: f5:1a:0c:ea:b0:85:3e:de:1c:b4:d1:ff:5c:d7:1c:bb:62:9e: 20:7e:55:74:f8:30:3d:fd:bf:7d:8b:6c:2b:d7:73:6f:2d:8b: e5:00:b1:ac:13:a5:8b:ec:ff:ff:7f:ad:26:80:84:76:42:83: 98:15:1d:a2 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICMygwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDMyOTAxMTgyOFoXDTI1MDMyOTAxMTAxN1owMzEx MC8GA1UEAxMoQjUyRjBGM0ZGNzM3MUZGMUNFOUQ4MjNFOTU0OUZDMTE1OEIxNkEy QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM18Bor4VAYJFkwyzmj+ jb2FbpRRnR8zJ6Am6yQ/ZW37YK8GJzjTf7l2KJzCgBjhLIr6fgthhoXGIKZHqKy5 k6oFLoKDRA98/RuL7bYWvKxFLro/x/qoH0dKrhUkbChX6l7j0MDYSpqjHpLPYFO7 DAYxLfTyV0z9kULOsd/3QrefiOcfE77vOxKDrNdIvWLO06y3q2iSVi9i1/hgdVuv 7f9nkOd4WaitgdsDu85KRlLhGHQXB1H2Ii3ZTqrUyV/GgYnM+xfyXqWM46zRSZy9 GUWM3kq9UZZs9EpYkkJtZfubNjWgkbJRgL2ukRZVrT0aEf+JzjoXb0lO9QVK7cru zgMCAwEAAaOCAlUwggJRMB0GA1UdDgQWBBS1Lw8/9zcf8c6dgj6VSfwRWLFqKjAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 Mi8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjcyL3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdQiowDQYJKoZIhvcNAQELBQAD ggEBADKflWSf2KfQqqTvgmVeheMWAkudec4v665m2SbzSn6SVzwGSxhVbbw+qTvI QH3+v7Lf7H6kKEsmM92pqr7j8i8ryh4hGybIaDtFIpJrR3uRV8YnQGTpw/sv79s9 +sqyyaEHWyI5AAdVWMgDWfN4p4ajawYk9ue+z802Gc74YWc6XFot0vNeiBlSEN4J n/wSoV6xaDj3czz1tpN5hruUrgsWH0Fn39XmaaG8C3xnfF+Dv4FcIxnaRqXvSwgt 9HayIAQdG9txDvUaDOqwhT7eHLTR/1zXHLtiniB+VXT4MD39v32LbCvXc28ti+UA sawTpYvs//9/rSaAhHZCg5gVHaI= -----END CERTIFICATE-----Generated at Tue May 28 23:01:54 2024 by rpki-client on console-ams.rpki-client.org