Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/xMVT2QII7y67l2ljJf_-xcD_FW8.cer
File: xMVT2QII7y67l2ljJf_-xcD_FW8.cer (raw, json)
Hash identifier: ud9/BPfLNd+V3psJ1e4ciDU7JvYRNvKcD0G/QIx0w+M=
Subject key identifier: C4:C5:53:D9:02:08:EF:2E:BB:97:69:63:25:FF:FE:C5:C0:FF:15:6F
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CDDD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/xMVT2QII7y67l2ljJf_-xcD_FW8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:11:10 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: IP: 45.249.12.0/22
IP: 45.249.208.0/23
IP: 103.150.10.0/23
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Apr 2025 05:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52701 (0xcddd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000
Validity
Not Before: Apr 3 08:11:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=C4C553D90208EF2EBB97696325FFFEC5C0FF156F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:38:d9:14:25:47:c0:2e:b8:93:72:0b:f5:36:
2f:34:ca:ee:2a:72:da:e2:3f:9a:3c:80:fa:e2:91:
e2:34:5e:62:16:d7:b4:13:38:05:62:35:b6:9f:b0:
2c:7f:ff:40:44:61:36:b9:51:36:2d:c7:ab:b3:94:
b1:d5:ea:04:09:4f:be:d6:40:8f:61:23:ad:da:99:
69:26:52:4d:5c:2a:04:50:0b:5c:40:3c:9d:0b:b7:
f2:f1:d1:3b:d3:1c:ae:72:14:56:65:c2:09:ad:f5:
c7:ec:8a:e1:d0:4b:c0:36:4c:3d:7d:40:3f:6a:e1:
52:94:75:69:3f:0b:bf:21:9f:d6:f8:77:e3:19:22:
df:ca:f2:62:c9:fc:76:35:24:5a:a9:7b:21:ee:8a:
b4:2a:2c:f9:23:ea:dd:64:2a:c4:96:ce:06:95:3d:
db:ff:c8:ba:3d:65:4d:13:c6:53:54:2a:ca:23:15:
49:05:ef:05:fb:d7:6e:21:09:a1:a4:c4:b4:46:2b:
d2:fe:cb:19:0e:58:0a:29:89:c5:06:14:13:44:db:
d3:de:cf:1c:11:91:ba:0d:de:db:f8:a5:95:2b:03:
4a:24:b4:56:41:a5:f4:e0:e0:06:c7:21:d7:29:9a:
a1:16:71:d1:9a:df:4d:ad:6e:15:c0:4e:9b:57:b5:
d1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C5:53:D9:02:08:EF:2E:BB:97:69:63:25:FF:FE:C5:C0:FF:15:6F
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/xMVT2QII7y67l2ljJf_-xcD_FW8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.12.0/22
45.249.208.0/23
103.150.10.0/23
Signature Algorithm: sha256WithRSAEncryption
38:31:99:bb:82:60:c4:a1:16:aa:db:99:28:b2:c5:84:02:66:
a3:63:e0:08:63:48:20:c6:d5:57:01:91:1d:89:f6:18:7d:60:
d8:b6:5c:02:76:89:ed:87:53:d8:12:c7:a6:f9:fc:e7:07:d0:
37:89:4b:b2:2d:28:7a:c9:fe:bc:f3:cc:1b:b4:34:25:b1:03:
e2:79:5e:4c:2a:13:43:ed:ba:ca:0d:75:33:9d:00:76:4d:c3:
7f:e7:7b:83:8f:46:98:6c:6c:e7:8c:4e:93:5a:1a:3f:df:02:
4b:0c:69:7e:42:3e:3c:4f:95:b8:6c:3e:db:79:0f:5c:da:65:
64:17:cb:09:b8:1f:bb:7f:75:fd:40:47:46:42:9a:36:67:f2:
db:27:9f:16:80:e2:3f:12:f2:ea:d2:e1:10:8b:a1:36:3a:1e:
e9:8c:ec:40:bb:a9:b9:b5:cb:ec:33:5d:24:e8:7f:d9:82:b2:
3a:bc:b8:57:c0:90:86:c3:eb:66:59:25:78:a9:ea:4e:ae:03:
c8:73:bd:58:22:88:1b:13:2c:da:84:77:83:fb:13:f5:8d:ac:
ba:26:ff:ad:dc:55:a7:81:82:a7:75:ec:9b:90:6f:27:af:c8:
ee:4c:8c:2a:58:f3:4c:76:7c:c2:6f:b3:bb:86:6e:3e:16:77:
ad:fc:ca:1f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIDAM3dMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODExMTBaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKEM0QzU1M0Q5MDIwOEVGMkVCQjk3Njk2MzI1RkZGRUM1QzBGRjE1
NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRONkUJUfALriTcgv1
Ni80yu4qctriP5o8gPrikeI0XmIW17QTOAViNbafsCx//0BEYTa5UTYtx6uzlLHV
6gQJT77WQI9hI63amWkmUk1cKgRQC1xAPJ0Lt/Lx0TvTHK5yFFZlwgmt9cfsiuHQ
S8A2TD19QD9q4VKUdWk/C78hn9b4d+MZIt/K8mLJ/HY1JFqpeyHuirQqLPkj6t1k
KsSWzgaVPdv/yLo9ZU0TxlNUKsojFUkF7wX7124hCaGkxLRGK9L+yxkOWAopicUG
FBNE29PezxwRkboN3tv4pZUrA0oktFZBpfTg4AbHIdcpmqEWcdGa302tbhXATptX
tdFtAgMBAAGjggJhMIICXTAdBgNVHQ4EFgQUxMVT2QII7y67l2ljJf/+xcD/FW8w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy
MjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzIyMy94TVZUMlFJSTd5NjdsMmxqSmZfLXhjRF9GVzgubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLfkMAwQBLfnQAwQBZ5YKMA0G
CSqGSIb3DQEBCwUAA4IBAQA4MZm7gmDEoRaq25kossWEAmajY+AIY0ggxtVXAZEd
ifYYfWDYtlwCdonth1PYEsem+fznB9A3iUuyLSh6yf6888wbtDQlsQPieV5MKhND
7brKDXUznQB2TcN/53uDj0aYbGznjE6TWho/3wJLDGl+Qj48T5W4bD7beQ9c2mVk
F8sJuB+7f3X9QEdGQpo2Z/LbJ58WgOI/EvLq0uEQi6E2Oh7pjOxAu6m5tcvsM10k
6H/ZgrI6vLhXwJCGw+tmWSV4qepOrgPIc71YIogbEyzahHeD+xP1jay6Jv+t3FWn
gYKndeybkG8nr8juTIwqWPNMdnzCb7O7hm4+Fnet/Mof
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:04:36 2025 by rpki-client