$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/tw-ay_EAFGtabH5NDOLP3_sXgA0.cer File: tw-ay_EAFGtabH5NDOLP3_sXgA0.cer (raw, json) Hash identifier: WXWLz6TTksmE083G2h5Q//Wej5jjZnv7EsLJWmdkHfw= Subject key identifier: B7:0F:9A:CB:F1:00:14:6B:5A:6C:7E:4D:0C:E2:CF:DF:FB:17:80:0D Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: C39A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/tw-ay_EAFGtabH5NDOLP3_sXgA0.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 02 Jan 2025 02:37:45 +0000 Certificate not after: Fri 02 Jan 2026 02:11:12 +0000 Subordinate resources: AS: 38372 IP: 112.73.0.0/16 IP: 119.38.128.0/18 IP: 120.31.0.0/16 IP: 2402:3240::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 17:59:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50074 (0xc39a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Jan 2 02:37:45 2025 GMT Not After : Jan 2 02:11:12 2026 GMT Subject: CN=B70F9ACBF100146B5A6C7E4D0CE2CFDFFB17800D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:41:aa:38:3d:a1:9b:02:92:ba:2f:6b:e0:85: 4a:46:1e:62:f3:b6:c3:c0:9d:a0:a6:1c:ed:bb:2d: 5c:30:ec:cd:e2:dc:3b:99:01:63:31:9f:11:17:b7: f1:92:40:21:4a:b4:dd:20:17:1b:3d:d4:b2:d3:41: cd:3e:e5:65:19:d0:24:0e:15:26:c9:bf:35:47:aa: ae:ef:98:86:5c:98:b0:5d:c5:62:45:31:7e:13:74: c4:35:97:e3:19:f5:38:51:60:83:0d:39:fa:a0:ae: 3f:ae:20:f2:8e:f1:71:38:73:c8:75:f7:68:3a:08: 13:75:cf:14:cf:4c:b9:04:a0:03:5b:ab:88:76:3c: 22:c8:a6:31:c5:92:c7:c1:fb:15:8c:0d:8f:b7:87: 0a:27:2c:4f:7a:ff:0e:0d:1e:4b:61:4a:72:01:a2: e3:f1:4b:12:05:62:bf:e4:8e:e0:6b:6d:35:99:aa: 4b:8f:8e:af:e3:73:8a:a2:8a:65:90:21:fc:15:1c: fc:c4:d3:3f:41:64:87:da:4b:d6:3f:36:ac:89:70: 4c:3b:b5:0b:39:72:0d:08:16:97:4d:a2:4e:71:d3: 45:d6:fd:2e:81:89:d5:85:e1:3a:a6:9b:f1:cf:49: 65:8a:f8:0e:bd:ab:46:a7:a9:1d:cf:e3:e7:50:fb: c0:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:0F:9A:CB:F1:00:14:6B:5A:6C:7E:4D:0C:E2:CF:DF:FB:17:80:0D X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/tw-ay_EAFGtabH5NDOLP3_sXgA0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 38372 sbgp-ipAddrBlock: critical IPv4: 112.73.0.0/16 119.38.128.0/18 120.31.0.0/16 IPv6: 2402:3240::/32 Signature Algorithm: sha256WithRSAEncryption 5b:a2:21:00:09:fd:dd:8d:67:a9:20:c7:ab:6b:dd:d9:16:e8: 6d:17:5d:c8:c7:93:ae:a5:c9:9c:85:5e:a2:ef:ea:b7:40:3e: 79:42:b7:66:97:3e:33:8c:15:41:60:5c:da:8b:d4:2e:81:69: 45:e0:43:b4:fc:87:8c:06:d8:e2:0c:1b:ad:09:be:fa:06:fd: 70:32:6e:74:cc:af:f8:87:e8:ee:a0:1f:a4:45:6c:3c:ea:b8: e5:90:67:de:3f:bc:d1:b6:0d:bf:e8:11:cf:50:73:07:65:fb: 43:04:72:50:14:2c:8c:4c:25:eb:58:05:59:2e:77:dc:90:11: b9:1c:61:36:b4:cb:0f:37:d3:54:65:29:28:4b:0e:98:6f:7a: 3a:b2:47:57:4f:09:68:dd:13:c7:d1:33:81:48:b0:fc:05:2a: 3e:57:ab:0e:28:6e:3b:9f:b9:df:62:1a:3e:a9:31:2e:b7:de: 77:71:8c:e5:20:0b:6c:63:ae:f6:86:0f:3c:6d:30:be:11:ae: 36:ed:2c:c5:e9:d3:b5:ea:e1:13:ec:48:f9:cc:42:7d:fc:0d: f2:d6:ed:0c:38:f4:18:7b:41:1e:59:59:28:11:f2:a4:86:1c: 74:ae:5e:1f:f1:64:b2:15:1b:2c:90:cd:7d:ea:c3:2e:6b:64: a6:cc:06:d6 -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgIDAMOaMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTAxMDIwMjM3NDVaFw0yNjAxMDIwMjExMTJaMDMx MTAvBgNVBAMTKEI3MEY5QUNCRjEwMDE0NkI1QTZDN0U0RDBDRTJDRkRGRkIxNzgw MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaQao4PaGbApK6L2vg hUpGHmLztsPAnaCmHO27LVww7M3i3DuZAWMxnxEXt/GSQCFKtN0gFxs91LLTQc0+ 5WUZ0CQOFSbJvzVHqq7vmIZcmLBdxWJFMX4TdMQ1l+MZ9ThRYIMNOfqgrj+uIPKO 8XE4c8h192g6CBN1zxTPTLkEoANbq4h2PCLIpjHFksfB+xWMDY+3hwonLE96/w4N HkthSnIBouPxSxIFYr/kjuBrbTWZqkuPjq/jc4qiimWQIfwVHPzE0z9BZIfaS9Y/ NqyJcEw7tQs5cg0IFpdNok5x00XW/S6BidWF4Tqmm/HPSWWK+A69q0anqR3P4+dQ +8CTAgMBAAGjggKKMIIChjAdBgNVHQ4EFgQUtw+ay/EAFGtabH5NDOLP3/sXgA0w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz NDUvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzM0NS90dy1heV9FQUZHdGFiSDVORE9MUDNfc1hnQTAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCV5DA4BggrBgEFBQcBBwEB/wQpMCcw FgQCAAEwEAMDAHBJAwQGdyaAAwMAeB8wDQQCAAIwBwMFACQCMkAwDQYJKoZIhvcN AQELBQADggEBAFuiIQAJ/d2NZ6kgx6tr3dkW6G0XXcjHk66lyZyFXqLv6rdAPnlC t2aXPjOMFUFgXNqL1C6BaUXgQ7T8h4wG2OIMG60JvvoG/XAybnTMr/iH6O6gH6RF bDzquOWQZ94/vNG2Db/oEc9Qcwdl+0MEclAULIxMJetYBVkud9yQEbkcYTa0yw83 01RlKShLDphvejqyR1dPCWjdE8fRM4FIsPwFKj5Xqw4objufud9iGj6pMS633ndx jOUgC2xjrvaGDzxtML4RrjbtLMXp07Xq4RPsSPnMQn38DfLW7Qw49Bh7QR5ZWSgR 8qSGHHSuXh/xZLIVGyyQzX3qwy5rZKbMBtY= -----END CERTIFICATE-----Generated at Sat Feb 22 14:11:46 2025 by rpki-client