Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer
File: yGYvK0iswHfpWADlqpLOFtJuHeo.cer (raw, json)
Hash identifier: UCGdRTu/jHh5UrNsiiOhw8sf8yTp8zLnXS1+F7L/r3U=
Subject key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: D677
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 11 Jul 2025 09:58:42 +0000
Certificate not after: Sat 11 Jul 2026 09:56:02 +0000
Subordinate resources: AS: 131516
IP: 43.224.176.0/22
IP: 43.255.184.0/22
IP: 103.43.196.0/22
IP: 103.239.184.0/22
IP: 103.248.152.0/22
IP: 116.89.144.0/20
IP: 116.196.128.0 -- 116.196.175.255
IP: 123.176.80.0/20
IP: 150.242.240.0/22
IP: 211.147.96.0/19
IP: 2407:23c0::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Jul 2025 09:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54903 (0xd677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Jul 11 09:58:42 2025 GMT
Not After : Jul 11 09:56:02 2026 GMT
Subject: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:26:8f:e7:f6:8d:d2:4b:74:fe:d9:4a:54:9c:
dd:02:82:7d:e9:6d:6d:bd:06:89:df:80:a1:c3:ca:
a0:77:2e:cf:42:37:4b:cb:02:bc:e8:9b:14:a7:c8:
aa:a9:b7:76:dc:33:9b:8b:0f:bd:07:49:26:40:f8:
c2:9c:54:9b:fe:42:00:c4:b2:5b:4f:f1:58:e5:2b:
f6:1b:0f:0a:83:aa:60:43:06:47:37:d9:83:c8:f5:
75:e4:30:65:d4:41:48:59:ae:b0:8e:cf:b3:6a:26:
0e:39:ff:2f:b1:b0:b3:57:6f:97:99:e1:ab:55:a4:
41:65:96:9b:74:8b:66:ce:cf:61:2a:46:60:b2:d6:
11:5a:e7:16:49:67:e3:dd:99:2f:8d:49:21:ec:27:
92:80:e4:f4:a4:36:f5:1d:8d:72:0c:8d:ce:d3:c8:
01:87:64:4c:9f:07:e2:20:79:7a:0a:10:7d:47:e2:
66:de:29:ed:95:5e:6b:16:bc:8f:63:c0:6d:e9:a7:
27:59:58:3d:a9:5c:61:c8:68:3b:dd:20:ea:5d:d4:
25:6b:3b:f5:eb:df:fe:5f:5e:2f:e1:71:c2:59:6d:
84:9a:e3:66:8a:2a:46:2f:20:4b:ee:6f:64:06:33:
44:d8:80:e9:50:f2:28:f5:a1:0f:08:ea:ad:4a:4a:
22:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
131516
sbgp-ipAddrBlock: critical
IPv4:
43.224.176.0/22
43.255.184.0/22
103.43.196.0/22
103.239.184.0/22
103.248.152.0/22
116.89.144.0/20
116.196.128.0-116.196.175.255
123.176.80.0/20
150.242.240.0/22
211.147.96.0/19
IPv6:
2407:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:c6:9d:7b:67:8e:8c:ab:bb:57:97:c6:d8:36:23:0e:46:b7:
3a:fb:5f:c9:e7:1a:3d:89:f8:6e:58:dc:c2:71:bf:23:50:ce:
a7:ab:3e:60:78:f8:b8:31:bf:2c:82:8f:ef:13:69:92:ae:f5:
d3:45:7e:e0:94:ca:1a:cf:8a:5e:b7:d9:ac:54:71:ab:43:78:
fd:b0:84:20:94:8e:fe:71:66:f5:fc:92:a4:f3:75:90:c3:cb:
6a:5e:54:31:3d:d7:b9:ae:f4:40:bb:b9:55:fb:d5:7a:9c:d2:
0b:51:b8:07:3a:07:d2:33:48:8f:2c:f8:9d:0a:ab:42:cf:6f:
94:43:eb:d4:46:5b:41:58:6b:d8:17:17:82:21:ea:16:f0:8e:
ad:b7:a7:4f:6c:a8:1f:5a:7d:ef:a2:15:d4:ad:20:f2:00:7a:
73:9b:ee:0e:32:88:96:24:c8:b0:0a:e9:78:33:ed:4b:da:3a:
db:4b:23:da:79:e8:ec:49:3c:3b:f4:bb:8b:0e:86:ae:cc:21:
9b:f0:50:46:cf:4b:54:c7:86:d7:fd:3c:ec:ce:c1:e6:98:96:
e0:dd:b0:c6:16:74:6e:5a:1f:d8:c5:04:c8:6e:9a:d2:e1:d4:
59:6d:4d:4b:20:1e:ed:c9:9b:5a:0e:0a:f2:5d:9b:c7:ed:4a:
47:7f:86:89
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDANZ3MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA3MTEwOTU4NDJaFw0yNjA3MTEwOTU2MDJaMDMx
MTAvBgNVBAMTKEM4NjYyRjJCNDhBQ0MwNzdFOTU4MDBFNUFBOTJDRTE2RDI2RTFE
RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVJo/n9o3SS3T+2UpU
nN0Cgn3pbW29BonfgKHDyqB3Ls9CN0vLArzomxSnyKqpt3bcM5uLD70HSSZA+MKc
VJv+QgDEsltP8VjlK/YbDwqDqmBDBkc32YPI9XXkMGXUQUhZrrCOz7NqJg45/y+x
sLNXb5eZ4atVpEFllpt0i2bOz2EqRmCy1hFa5xZJZ+PdmS+NSSHsJ5KA5PSkNvUd
jXIMjc7TyAGHZEyfB+IgeXoKEH1H4mbeKe2VXmsWvI9jwG3ppydZWD2pXGHIaDvd
IOpd1CVrO/Xr3/5fXi/hccJZbYSa42aKKkYvIEvub2QGM0TYgOlQ8ij1oQ8I6q1K
SiJ/AgMBAAGjggK+MIICujAdBgNVHQ4EFgQUyGYvK0iswHfpWADlqpLOFtJuHeow
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw
NzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMzA3MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8ubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIBvDBsBggrBgEFBQcBBwEB/wRdMFsw
SgQCAAEwRAMEAivgsAMEAiv/uAMEAmcrxAMEAmfvuAMEAmf4mAMEBHRZkDAMAwQH
dMSAAwQEdMSgAwQEe7BQAwQClvLwAwQF05NgMA0EAgACMAcDBQAkByPAMA0GCSqG
SIb3DQEBCwUAA4IBAQADxp17Z46Mq7tXl8bYNiMORrc6+1/J5xo9ifhuWNzCcb8j
UM6nqz5gePi4Mb8sgo/vE2mSrvXTRX7glMoaz4pet9msVHGrQ3j9sIQglI7+cWb1
/JKk83WQw8tqXlQxPde5rvRAu7lV+9V6nNILUbgHOgfSM0iPLPidCqtCz2+UQ+vU
RltBWGvYFxeCIeoW8I6tt6dPbKgfWn3vohXUrSDyAHpzm+4OMoiWJMiwCul4M+1L
2jrbSyPaeejsSTw79LuLDoauzCGb8FBGz0tUx4bX/TzszsHmmJbg3bDGFnRuWh/Y
xQTIbprS4dRZbU1LIB7tyZtaDgryXZvH7UpHf4aJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 08:17:25 2025 by rpki-client