$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/wq4P5eDZls0aR2KmwndP8pw88Us.cer File: wq4P5eDZls0aR2KmwndP8pw88Us.cer (raw, json) Hash identifier: 8vTmVS56haTqjigev8OILHoASHUVMI77gin2BG8TZmU= Subject key identifier: C2:AE:0F:E5:E0:D9:96:CD:1A:47:62:A6:C2:77:4F:F2:9C:3C:F1:4B Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BB0B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3251/wq4P5eDZls0aR2KmwndP8pw88Us.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3251/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:50:01 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: AS: 146784 IP: 36.50.254.0/23 IP: 2401:5fa0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47883 (0xbb0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:50:01 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C2AE0FE5E0D996CD1A4762A6C2774FF29C3CF14B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:f3:17:93:91:73:25:3d:fd:e3:2c:8f:04:ae: da:bb:a9:38:18:10:50:b0:3d:b7:6b:d7:1e:66:9b: 55:00:40:53:27:43:69:6f:1f:dd:4d:e2:1f:88:51: a0:79:71:0b:1f:45:c5:f7:ac:a8:fa:b9:92:34:b6: f7:b8:20:9a:33:9c:db:b5:9b:c9:02:52:70:be:1f: 3a:92:27:1c:bc:0b:50:08:75:89:84:1e:c0:39:27: 25:26:91:c3:57:53:86:64:c7:42:ae:90:80:ff:9a: d8:ac:50:7f:49:77:c2:0d:05:e3:f7:40:46:b0:bd: 20:8e:b8:d9:fc:7f:cf:9b:56:27:e4:50:d4:12:2f: 57:85:01:ae:c4:95:a0:6c:e6:c6:b9:8a:eb:89:a5: 0a:7f:75:d1:66:48:c7:7a:06:a6:89:a8:9c:42:3a: 5c:cf:75:fa:bb:12:a8:2d:e0:c6:2c:cb:2c:6b:67: 0c:1c:bc:bd:79:78:81:e9:f0:eb:45:66:0d:c4:50: ce:2f:4c:bb:4f:4d:e6:50:06:7a:fd:80:ce:24:ac: 11:f1:91:15:aa:91:5f:4f:05:41:f7:c1:f5:4e:70: 23:a5:1b:97:33:a9:73:5b:c1:28:7d:c4:b2:50:36: 37:f0:fb:24:21:46:69:97:cc:eb:d8:18:dd:65:b4: 7f:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:AE:0F:E5:E0:D9:96:CD:1A:47:62:A6:C2:77:4F:F2:9C:3C:F1:4B X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3251/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3251/wq4P5eDZls0aR2KmwndP8pw88Us.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 146784 sbgp-ipAddrBlock: critical IPv4: 36.50.254.0/23 IPv6: 2401:5fa0::/32 Signature Algorithm: sha256WithRSAEncryption 77:91:8e:95:28:75:db:ba:eb:3b:5c:66:c8:c1:d3:a5:95:df: 9b:05:56:63:9a:13:ac:23:30:b5:4b:4b:1a:ea:5c:20:38:24: 49:9a:da:a8:4d:eb:af:34:b6:39:f3:41:85:2a:dd:f8:df:4e: 63:da:e7:98:b7:8a:ee:42:f4:34:51:14:46:44:9b:03:f6:9e: c2:34:2d:17:b0:73:3e:6b:3d:34:af:91:a6:2e:13:d3:70:b7: a4:d7:9c:c4:ca:c1:60:b9:e2:90:a6:be:c4:ff:e4:7f:95:97: 3f:f7:33:a6:18:97:4e:1b:9b:d5:3d:32:c1:5e:36:f7:b8:38: a8:35:62:73:c7:56:99:e0:32:14:99:8e:c2:18:56:99:90:ba: f5:a7:13:5f:4e:14:fb:61:20:5f:18:53:06:f7:85:16:3d:73: ce:da:ca:4f:7a:76:51:5c:f0:e1:24:8e:bb:96:a1:3b:88:f3: a4:73:16:51:74:e9:4f:f1:3a:8e:a8:de:10:6d:98:d4:8b:9c: d5:1a:2f:30:c9:93:2a:e9:9a:e1:f8:e1:2c:40:ae:40:81:ee: be:7f:5f:d4:dc:1e:0a:e5:ab:a7:0f:0e:88:1f:d4:fe:1c:f3: 23:3a:5b:7d:a0:b1:08:b7:fa:75:d3:e5:8e:b7:87:fa:de:29: a2:21:7e:01 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIDALsLMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjUwMDFaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKEMyQUUwRkU1RTBEOTk2Q0QxQTQ3NjJBNkMyNzc0RkYyOUMzQ0Yx NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY8xeTkXMlPf3jLI8E rtq7qTgYEFCwPbdr1x5mm1UAQFMnQ2lvH91N4h+IUaB5cQsfRcX3rKj6uZI0tve4 IJoznNu1m8kCUnC+HzqSJxy8C1AIdYmEHsA5JyUmkcNXU4Zkx0KukID/mtisUH9J d8INBeP3QEawvSCOuNn8f8+bVifkUNQSL1eFAa7ElaBs5sa5iuuJpQp/ddFmSMd6 BqaJqJxCOlzPdfq7Eqgt4MYsyyxrZwwcvL15eIHp8OtFZg3EUM4vTLtPTeZQBnr9 gM4krBHxkRWqkV9PBUH3wfVOcCOlG5czqXNbwSh9xLJQNjfw+yQhRmmXzOvYGN1l tH9VAgMBAAGjggKAMIICfDAdBgNVHQ4EFgQUwq4P5eDZls0aR2KmwndP8pw88Usw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy NTEvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI1MS93cTRQNWVEWmxzMGFSMkttd25kUDhwdzg4VXMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwI9YDAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEASQy/jANBAIAAjAHAwUAJAFfoDANBgkqhkiG9w0BAQsFAAOCAQEA d5GOlSh127rrO1xmyMHTpZXfmwVWY5oTrCMwtUtLGupcIDgkSZraqE3rrzS2OfNB hSrd+N9OY9rnmLeK7kL0NFEURkSbA/aewjQtF7BzPms9NK+Rpi4T03C3pNecxMrB YLnikKa+xP/kf5WXP/czphiXThub1T0ywV4297g4qDVic8dWmeAyFJmOwhhWmZC6 9acTX04U+2EgXxhTBveFFj1zztrKT3p2UVzw4SSOu5ahO4jzpHMWUXTpT/E6jqje EG2Y1Iuc1RovMMmTKuma4fjhLECuQIHuvn9f1NweCuWrpw8OiB/U/hzzIzpbfaCx CLf6ddPljreH+t4poiF+AQ== -----END CERTIFICATE-----Generated at Fri Nov 22 09:42:28 2024 by rpki-client on console-ams.rpki-client.org