$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yiG6irdU_NZK2pljjW_l5HJTtME.cer File: yiG6irdU_NZK2pljjW_l5HJTtME.cer (raw, json) Hash identifier: d4LizqhzZhsdzwu8AGF4Yr6dln6hIJZUF+E4vT72MQI= Subject key identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: B036 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 29 Feb 2024 19:50:57 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 210.76.160.0/19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45110 (0xb036) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 29 19:50:57 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CA21BA8AB754FCD64ADA99638D6FE5E47253B4C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8e:dd:a8:7e:40:56:ab:e1:49:1f:01:ab:ad: eb:cd:6f:98:0f:30:c5:66:bf:78:47:16:49:d4:90: cc:69:a7:2a:db:11:0f:1c:6e:2a:32:a1:a6:a6:29: 63:c0:e1:af:8f:bc:70:fd:e1:b3:88:d5:92:28:81: 51:1d:27:cf:56:9d:a6:a2:37:66:11:be:ab:2c:77: 94:5d:93:9f:f1:78:d1:a8:8e:ca:a8:b4:ec:0c:18: 4e:23:02:d7:ce:ac:43:2a:4e:64:8e:4d:1b:92:e9: 69:d6:65:f3:16:1f:6e:6e:d8:ac:bd:92:bc:87:55: 77:a9:29:3a:99:33:a8:79:e2:d2:87:c4:36:85:1a: 2b:53:50:c5:95:47:10:5c:ad:3c:9c:ba:8b:43:d0: 41:16:75:6b:8c:10:58:54:9f:53:f9:c6:81:a7:76: 59:1b:97:e3:a2:7b:58:e9:a3:7e:96:74:7d:d4:30: f2:7b:9c:59:9e:22:74:6f:cb:0b:9c:bf:76:c7:25: fd:3d:1b:41:b1:a5:20:e3:4d:86:47:40:38:4e:41: ce:eb:1d:76:3f:91:a8:95:73:1e:37:18:ab:3d:34: 00:51:a4:41:38:2a:c9:74:7f:e7:9b:42:38:16:88: 0a:5e:32:fb:4e:78:a9:e9:21:f0:fd:a8:c8:9e:6c: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.76.160.0/19 Signature Algorithm: sha256WithRSAEncryption 89:56:c9:09:b2:12:b0:9c:dd:c8:0d:32:10:b3:70:36:08:af: 0c:ce:b1:e6:14:24:3b:68:12:7d:92:ef:f4:12:20:75:4a:16: 29:ff:ea:89:4d:9f:48:d4:60:52:24:43:be:47:42:4b:af:21: 84:43:60:6f:67:9e:9c:b8:f2:79:9f:68:f3:1b:fd:74:5b:5d: 69:d3:8c:7a:6a:9c:4c:1f:c6:21:5e:72:4f:96:fb:68:02:63: 16:8d:69:ed:51:f3:65:42:a0:ba:0f:13:38:5a:0e:19:a6:6b: d1:89:e1:32:21:aa:a3:39:80:6f:07:43:a9:41:13:3a:6d:9e: cf:62:48:7d:c5:50:43:91:33:a5:73:ec:2c:09:35:40:bb:be: 12:0a:cc:f3:d6:f6:4c:09:98:33:c6:a9:e8:8e:3a:3a:c5:78: 13:ee:e0:ee:42:b4:1b:69:7e:2e:df:df:e2:87:87:6b:45:82: 22:0c:f6:00:8c:9f:d2:cf:7d:23:50:60:c2:95:aa:9d:bc:a8: aa:04:d5:77:32:3d:99:b9:99:1b:a2:f2:ac:4e:73:f7:50:0f: d8:fd:bb:bd:97:ce:06:22:50:9c:99:1b:9d:a1:9b:a2:6d:67: 3f:c9:82:01:97:98:28:00:89:18:58:58:89:11:83:a6:e0:e8: ed:19:a6:15 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIDALA2MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAyMjkxOTUwNTdaFw0yNTAxMzEwMTEzNDZaMDMx MTAvBgNVBAMTKENBMjFCQThBQjc1NEZDRDY0QURBOTk2MzhENkZFNUU0NzI1M0I0 QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjt2ofkBWq+FJHwGr revNb5gPMMVmv3hHFknUkMxppyrbEQ8cbioyoaamKWPA4a+PvHD94bOI1ZIogVEd J89WnaaiN2YRvqssd5Rdk5/xeNGojsqotOwMGE4jAtfOrEMqTmSOTRuS6WnWZfMW H25u2Ky9kryHVXepKTqZM6h54tKHxDaFGitTUMWVRxBcrTycuotD0EEWdWuMEFhU n1P5xoGndlkbl+Oie1jpo36WdH3UMPJ7nFmeInRvywucv3bHJf09G0GxpSDjTYZH QDhOQc7rHXY/kaiVcx43GKs9NABRpEE4Ksl0f+ebQjgWiApeMvtOeKnpIfD9qMie bG63AgMBAAGjggJRMIICTTAdBgNVHQ4EFgQUyiG6irdU/NZK2pljjW/l5HJTtMEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzk4 LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzk4L3lpRzZpcmRVX05aSzJwbGpqV19sNUhKVHRNRS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSTKAwDQYJKoZIhvcNAQELBQADggEB AIlWyQmyErCc3cgNMhCzcDYIrwzOseYUJDtoEn2S7/QSIHVKFin/6olNn0jUYFIk Q75HQkuvIYRDYG9nnpy48nmfaPMb/XRbXWnTjHpqnEwfxiFeck+W+2gCYxaNae1R 82VCoLoPEzhaDhmma9GJ4TIhqqM5gG8HQ6lBEzptns9iSH3FUEORM6Vz7CwJNUC7 vhIKzPPW9kwJmDPGqeiOOjrFeBPu4O5CtBtpfi7f3+KHh2tFgiIM9gCMn9LPfSNQ YMKVqp28qKoE1XcyPZm5mRui8qxOc/dQD9j9u72XzgYiUJyZG52hm6JtZz/JggGX mCgAiRhYWIkRg6bg6O0ZphU= -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:41 2024 by rpki-client on console-ams.rpki-client.org