$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/xBzQhaMq5MKw6Gj_J_63FwzM9fs.cer File: xBzQhaMq5MKw6Gj_J_63FwzM9fs.cer (raw, json) Hash identifier: 3j/Avr6nk18YYUCj4JYkoxtAzq5lOcBarIVIc4k7ZH0= Subject key identifier: C4:1C:D0:85:A3:2A:E4:C2:B0:E8:68:FF:27:FE:B7:17:0C:CC:F5:FB Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 37D5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3298/xBzQhaMq5MKw6Gj_J_63FwzM9fs.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3298/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:54:14 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 160.25.12.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14293 (0x37d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Sep 27 02:54:14 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C41CD085A32AE4C2B0E868FF27FEB7170CCCF5FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9d:f0:69:01:3d:9a:1e:f5:c1:a7:18:ef:2e: a3:db:a6:35:a1:4e:fe:cc:c3:1d:6f:e4:5e:98:47: 91:67:6f:3a:ab:44:bf:ac:1a:e3:8d:8d:bf:79:75: a6:bd:84:9e:5a:f0:6f:71:8f:8d:bf:4b:3e:9e:54: e1:a9:c2:e0:e4:69:7b:63:85:51:4b:bd:e6:a9:09: ca:64:ea:e3:41:cf:ad:12:db:cc:ed:26:6e:ff:f2: a9:05:72:6e:7c:3e:55:a1:e0:9c:5c:7e:e1:1a:8c: 02:c1:e6:e5:b2:a4:77:e2:d6:9e:82:16:0b:20:31: 40:af:1b:db:2b:cf:5e:d6:bc:51:0c:23:70:66:30: cd:22:7b:dd:99:c3:2e:a5:b6:5d:c1:20:e3:f3:dd: b1:59:e6:df:2d:e9:25:a7:e4:f0:d6:f5:00:ae:74: 55:8d:3d:4f:e8:0f:1d:12:16:f8:37:82:7f:3b:cd: fc:f1:f3:36:a2:da:3a:65:7d:63:42:90:27:5d:79: 4f:0b:b3:87:6f:1e:14:ba:18:6c:0d:a5:12:d5:cc: 49:ab:76:25:ab:a8:b9:28:59:32:f1:aa:6b:de:23: 14:71:fa:80:66:d4:e7:6b:b8:81:44:41:33:f3:f1: 23:c9:03:a2:7a:c6:66:cc:71:68:1a:9e:fd:1e:cd: 62:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:1C:D0:85:A3:2A:E4:C2:B0:E8:68:FF:27:FE:B7:17:0C:CC:F5:FB X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3298/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3298/xBzQhaMq5MKw6Gj_J_63FwzM9fs.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.25.12.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:56:28:cf:78:c0:dc:e1:51:03:f6:52:8d:63:19:38:58:98: a2:1d:2d:fd:a7:9b:68:c4:e4:78:da:0b:f3:d6:f1:1d:82:2c: af:8f:26:70:f4:a6:09:06:91:a9:64:64:0c:18:c9:8c:db:54: 37:9f:f0:06:17:9f:0e:14:06:0f:6b:4f:61:40:03:ac:61:25: 8b:45:de:1b:d6:74:34:a0:ed:54:71:13:f5:80:d8:0b:a5:92: 59:8a:48:dc:2e:d7:57:f2:4b:30:ca:d9:92:1f:c1:37:6e:71: c7:41:2b:ea:e1:93:3b:1c:d7:b5:8e:a2:ea:5d:01:e8:b2:78: 1e:6a:2c:0f:87:4b:f6:d0:76:32:5f:c0:61:72:a9:36:7b:e0: 9c:25:d9:34:96:88:0f:4b:50:87:51:6f:fb:ee:d2:cf:00:88: 7b:4e:88:33:c1:63:fc:3b:4d:96:05:5a:10:15:fa:b0:43:be: 39:f0:0a:5b:cb:39:2a:55:b8:f8:87:3f:01:80:e3:42:7c:c5: f9:ae:f1:6b:f2:25:49:ca:d6:74:e4:0f:4d:5c:0a:21:72:32: 0b:cf:8a:6b:aa:0a:8d:54:1a:3f:dd:ac:0a:51:38:a9:ab:73: ae:c0:44:67:10:bd:01:c9:c5:89:2f:ba:d2:2f:66:dc:d6:be: 04:b8:37:78 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICN9UwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDkyNzAyNTQxNFoXDTI1MDkyNzAyNDAxNFowMzEx MC8GA1UEAxMoQzQxQ0QwODVBMzJBRTRDMkIwRTg2OEZGMjdGRUI3MTcwQ0NDRjVG QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMqd8GkBPZoe9cGnGO8u o9umNaFO/szDHW/kXphHkWdvOqtEv6wa442Nv3l1pr2Enlrwb3GPjb9LPp5U4anC 4ORpe2OFUUu95qkJymTq40HPrRLbzO0mbv/yqQVybnw+VaHgnFx+4RqMAsHm5bKk d+LWnoIWCyAxQK8b2yvPXta8UQwjcGYwzSJ73ZnDLqW2XcEg4/PdsVnm3y3pJafk 8Nb1AK50VY09T+gPHRIW+DeCfzvN/PHzNqLaOmV9Y0KQJ115Twuzh28eFLoYbA2l EtXMSat2JauouShZMvGqa94jFHH6gGbU52u4gURBM/PxI8kDonrGZsxxaBqe/R7N YiECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBTEHNCFoyrkwrDoaP8n/rcXDMz1+zAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI5 OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjk4L3hCelFoYU1xNU1LdzZHal9KXzYzRnd6TTlmcy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGgGQwwDQYJKoZIhvcNAQELBQAD ggEBAH5WKM94wNzhUQP2Uo1jGThYmKIdLf2nm2jE5HjaC/PW8R2CLK+PJnD0pgkG kalkZAwYyYzbVDef8AYXnw4UBg9rT2FAA6xhJYtF3hvWdDSg7VRxE/WA2AulklmK SNwu11fySzDK2ZIfwTduccdBK+rhkzsc17WOoupdAeiyeB5qLA+HS/bQdjJfwGFy qTZ74Jwl2TSWiA9LUIdRb/vu0s8AiHtOiDPBY/w7TZYFWhAV+rBDvjnwClvLOSpV uPiHPwGA40J8xfmu8WvyJUnK1nTkD01cCiFyMgvPimuqCo1UGj/drApROKmrc67A RGcQvQHJxYkvutIvZtzWvgS4N3g= -----END CERTIFICATE-----Generated at Sat Nov 23 01:55:13 2024 by rpki-client on console-ams.rpki-client.org