$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer File: wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer (raw, json) Hash identifier: QdHZ4h/Fruj9p5NTYrNBPzsJNuBjIT9zzVM9mglz3hY= Subject key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 31CF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:18:55 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 139.9.0.0/16 IP: 139.159.128.0/17 IP: 140.210.128.0/17 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 12:56:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12751 (0x31cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Feb 1 01:18:55 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:a1:39:32:80:d1:6f:97:3a:58:b8:29:8d:a3: e5:4a:9a:87:d5:55:d7:cd:ee:2b:46:f8:91:6d:67: ad:9f:39:3f:89:06:c8:87:d3:85:b3:37:07:68:05: 6f:5b:10:c6:f5:10:bc:50:b5:85:de:91:ad:40:c5: a4:f4:c6:50:e5:d4:25:2b:d7:b3:cc:e4:76:1e:7b: d9:e1:7f:ba:c1:ac:01:ef:c8:b3:f4:81:74:63:1a: 4a:de:f7:02:aa:11:63:c9:2a:10:48:f7:e4:23:a1: ff:f7:3d:65:68:ca:68:ea:b9:3d:d3:c5:af:bf:27: 5f:1d:aa:b1:b9:fa:38:39:c5:12:fa:a3:09:9e:b3: 0e:f3:c5:60:18:eb:ca:93:10:09:4f:6f:93:b7:54: 7d:51:96:12:fc:ea:0f:5c:49:a1:8b:f4:96:0c:9a: ef:5a:7b:ad:2c:95:2d:00:a5:c2:d7:d3:53:81:47: 8f:7e:13:f8:7f:0d:70:60:46:33:28:5e:a7:6f:09: 14:a1:87:85:40:e6:15:65:54:80:c6:69:b1:94:e9: f9:58:37:50:02:31:23:a8:c4:79:de:60:6b:ca:d5: 75:c7:70:5c:46:a6:94:3e:cb:c5:17:3e:aa:09:35: 9c:27:97:57:be:1e:61:cc:9f:70:43:a9:1f:d3:35: 95:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.0.0/16 139.159.128.0/17 140.210.128.0/17 Signature Algorithm: sha256WithRSAEncryption 25:36:1f:b3:03:71:f9:0a:65:9a:eb:03:96:ad:8f:f9:ee:1f: 44:e0:8c:19:e7:73:aa:72:cc:91:ef:9e:69:2f:79:df:70:7a: c6:c9:9e:9e:03:28:74:fa:eb:28:bf:d9:61:b5:08:3a:4b:93: 5e:1a:45:c7:0f:04:f7:a0:50:0d:6a:9a:00:20:14:1c:ca:79: 5c:8d:a0:ca:1c:8b:e1:d0:d4:95:7a:0b:cf:01:f5:e8:90:20: b6:19:87:15:76:26:d1:77:83:c9:ce:3b:fa:96:89:f4:b9:e1: be:44:11:73:6a:11:9a:68:e9:c6:a7:4e:26:85:04:80:5e:27: 28:c9:4a:45:2b:a5:98:76:50:ab:52:13:d2:1f:78:45:f3:86: 9a:30:97:65:d5:70:f9:4c:00:e7:61:55:2a:58:7f:55:fb:0e: 26:49:ab:95:7d:10:32:75:f3:3e:e6:d2:2e:fc:36:a2:5c:7e: 49:97:67:9f:90:6b:56:33:28:4c:05:94:11:19:32:02:47:cb: 8c:38:1b:fd:eb:1b:81:ca:b6:ad:b6:a7:bf:89:a1:86:b1:a7: df:3c:bf:25:ac:60:ca:1f:af:0a:00:4b:3c:21:cb:a2:bb:f7: aa:c6:f0:59:40:2d:bc:ef:e6:26:26:d7:79:e0:0e:0c:6d:db: 3f:48:f4:6b -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgICMc8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDIwMTAxMTg1NVoXDTI1MDEzMTAxMTM0NlowMzEx MC8GA1UEAxMoQzFEMzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVG MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyhOTKA0W+XOli4KY2j 5Uqah9VV183uK0b4kW1nrZ85P4kGyIfThbM3B2gFb1sQxvUQvFC1hd6RrUDFpPTG UOXUJSvXs8zkdh572eF/usGsAe/Is/SBdGMaSt73AqoRY8kqEEj35COh//c9ZWjK aOq5PdPFr78nXx2qsbn6ODnFEvqjCZ6zDvPFYBjrypMQCU9vk7dUfVGWEvzqD1xJ oYv0lgya71p7rSyVLQClwtfTU4FHj34T+H8NcGBGMyhep28JFKGHhUDmFWVUgMZp sZTp+Vg3UAIxI6jEed5ga8rVdcdwXEamlD7LxRc+qgk1nCeXV74eYcyfcEOpH9M1 lSECAwEAAaOCAmAwggJcMB0GA1UdDgQWBBTB0xKRY49KQEDNPVLew/8rlwnF8jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMDE0L3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww KgYIKwYBBQUHAQcBAf8EGzAZMBcEAgABMBEDAwCLCQMEB4ufgAMEB4zSgDANBgkq hkiG9w0BAQsFAAOCAQEAJTYfswNx+QplmusDlq2P+e4fROCMGedzqnLMke+eaS95 33B6xsmengModPrrKL/ZYbUIOkuTXhpFxw8E96BQDWqaACAUHMp5XI2gyhyL4dDU lXoLzwH16JAgthmHFXYm0XeDyc47+paJ9LnhvkQRc2oRmmjpxqdOJoUEgF4nKMlK RSulmHZQq1IT0h94RfOGmjCXZdVw+UwA52FVKlh/VfsOJkmrlX0QMnXzPubSLvw2 olx+SZdnn5BrVjMoTAWUERkyAkfLjDgb/esbgcq2rbanv4mhhrGn3zy/Jaxgyh+v CgBLPCHLorv3qsbwWUAtvO/mJibXeeAODG3bP0j0aw== -----END CERTIFICATE-----Generated at Tue May 28 08:45:02 2024 by rpki-client on console-ams.rpki-client.org