$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/xMVT2QII7y67l2ljJf_-xcD_FW8.cer File: xMVT2QII7y67l2ljJf_-xcD_FW8.cer (raw, json) Hash identifier: 8liYcrBmUM/pOtY9lsF79Qfj+dqcUVg8k4uVch/uvBE= Subject key identifier: C4:C5:53:D9:02:08:EF:2E:BB:97:69:63:25:FF:FE:C5:C0:FF:15:6F Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BCD7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/xMVT2QII7y67l2ljJf_-xcD_FW8.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:57:59 +0000 Certificate not after: Sat 27 Sep 2025 02:44:52 +0000 Subordinate resources: IP: 103.150.10.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48343 (0xbcd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:57:59 2024 GMT Not After : Sep 27 02:44:52 2025 GMT Subject: CN=C4C553D90208EF2EBB97696325FFFEC5C0FF156F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:38:d9:14:25:47:c0:2e:b8:93:72:0b:f5:36: 2f:34:ca:ee:2a:72:da:e2:3f:9a:3c:80:fa:e2:91: e2:34:5e:62:16:d7:b4:13:38:05:62:35:b6:9f:b0: 2c:7f:ff:40:44:61:36:b9:51:36:2d:c7:ab:b3:94: b1:d5:ea:04:09:4f:be:d6:40:8f:61:23:ad:da:99: 69:26:52:4d:5c:2a:04:50:0b:5c:40:3c:9d:0b:b7: f2:f1:d1:3b:d3:1c:ae:72:14:56:65:c2:09:ad:f5: c7:ec:8a:e1:d0:4b:c0:36:4c:3d:7d:40:3f:6a:e1: 52:94:75:69:3f:0b:bf:21:9f:d6:f8:77:e3:19:22: df:ca:f2:62:c9:fc:76:35:24:5a:a9:7b:21:ee:8a: b4:2a:2c:f9:23:ea:dd:64:2a:c4:96:ce:06:95:3d: db:ff:c8:ba:3d:65:4d:13:c6:53:54:2a:ca:23:15: 49:05:ef:05:fb:d7:6e:21:09:a1:a4:c4:b4:46:2b: d2:fe:cb:19:0e:58:0a:29:89:c5:06:14:13:44:db: d3:de:cf:1c:11:91:ba:0d:de:db:f8:a5:95:2b:03: 4a:24:b4:56:41:a5:f4:e0:e0:06:c7:21:d7:29:9a: a1:16:71:d1:9a:df:4d:ad:6e:15:c0:4e:9b:57:b5: d1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:C5:53:D9:02:08:EF:2E:BB:97:69:63:25:FF:FE:C5:C0:FF:15:6F X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3223/xMVT2QII7y67l2ljJf_-xcD_FW8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.150.10.0/23 Signature Algorithm: sha256WithRSAEncryption 5b:ce:43:9d:08:2b:4b:8b:83:28:45:b7:46:78:27:1e:50:00: 84:aa:4b:cf:8f:97:c6:8e:39:60:6c:e4:a9:57:82:7b:92:1f: 6c:7c:9a:47:8a:8b:ea:eb:33:7a:46:52:32:db:bc:92:86:03: b8:b8:3b:69:71:fa:6e:aa:34:a4:d0:2d:d8:8d:2d:2e:21:38: 92:de:43:0b:14:68:d6:00:74:07:30:c8:9c:17:22:c0:e9:d4: b7:76:78:f1:e5:e1:03:fe:0c:b4:ea:ff:93:01:76:1f:c5:b7: 65:cb:97:16:e3:8d:34:57:bb:cb:96:f6:68:7e:40:37:08:b0: ee:a8:99:e3:8d:f9:b6:03:5d:7e:d7:c8:ca:b6:96:92:cd:29: 15:63:d9:7c:8c:8d:c1:53:0e:40:02:49:76:3b:af:c0:97:4b: 0c:1e:cc:88:73:01:b7:76:80:72:38:38:ad:b7:7f:25:c3:5c: 0c:cd:8c:05:1d:3b:f9:b2:bb:c2:51:c7:b1:3d:4d:3a:fd:9b: 7f:c1:fd:f6:3d:b8:8f:c8:4c:79:99:34:05:d3:59:9d:22:61: 13:e1:19:17:f3:d1:c2:34:93:d5:9e:19:3f:19:d3:a3:f3:7b: 39:31:5d:97:7d:30:09:c6:ba:e5:e0:5a:1c:71:fc:30:13:ce: 36:e6:da:c0 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALzXMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU3NTlaFw0yNTA5MjcwMjQ0NTJaMDMx MTAvBgNVBAMTKEM0QzU1M0Q5MDIwOEVGMkVCQjk3Njk2MzI1RkZGRUM1QzBGRjE1 NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRONkUJUfALriTcgv1 Ni80yu4qctriP5o8gPrikeI0XmIW17QTOAViNbafsCx//0BEYTa5UTYtx6uzlLHV 6gQJT77WQI9hI63amWkmUk1cKgRQC1xAPJ0Lt/Lx0TvTHK5yFFZlwgmt9cfsiuHQ S8A2TD19QD9q4VKUdWk/C78hn9b4d+MZIt/K8mLJ/HY1JFqpeyHuirQqLPkj6t1k KsSWzgaVPdv/yLo9ZU0TxlNUKsojFUkF7wX7124hCaGkxLRGK9L+yxkOWAopicUG FBNE29PezxwRkboN3tv4pZUrA0oktFZBpfTg4AbHIdcpmqEWcdGa302tbhXATptX tdFtAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUxMVT2QII7y67l2ljJf/+xcD/FW8w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIyMy94TVZUMlFJSTd5NjdsMmxqSmZfLXhjRF9GVzgubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5YKMA0GCSqGSIb3DQEBCwUA A4IBAQBbzkOdCCtLi4MoRbdGeCceUACEqkvPj5fGjjlgbOSpV4J7kh9sfJpHiovq 6zN6RlIy27yShgO4uDtpcfpuqjSk0C3YjS0uITiS3kMLFGjWAHQHMMicFyLA6dS3 dnjx5eED/gy06v+TAXYfxbdly5cW4400V7vLlvZofkA3CLDuqJnjjfm2A11+18jK tpaSzSkVY9l8jI3BUw5AAkl2O6/Al0sMHsyIcwG3doByODitt38lw1wMzYwFHTv5 srvCUcexPU06/Zt/wf32PbiPyEx5mTQF01mdImET4RkX89HCNJPVnhk/GdOj83s5 MV2XfTAJxrrl4FoccfwwE8425trA -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:28 2024 by rpki-client on console-fra.rpki-client.org