$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/zfv2KGSEFu4dmdMuX5yWhae-K7w.cer File: zfv2KGSEFu4dmdMuX5yWhae-K7w.cer (raw, json) Hash identifier: +yiVepapDzbBm27A1VSsF95Gbiok2Z1ubATW97M3tDI= Subject key identifier: CD:FB:F6:28:64:84:16:EE:1D:99:D3:2E:5F:9C:96:85:A7:BE:2B:BC Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BC89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2723/zfv2KGSEFu4dmdMuX5yWhae-K7w.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2723/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:56:33 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.114.240.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48265 (0xbc89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:56:33 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CDFBF628648416EE1D99D32E5F9C9685A7BE2BBC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b0:c7:b8:87:f0:c6:0a:c1:de:07:cc:6f:8e: 4f:8d:b3:58:d2:28:37:99:0d:06:ec:d4:f7:46:23: b6:f8:4f:20:ca:5d:c6:1f:f7:7f:76:29:65:4d:23: fd:6e:7d:14:4e:c3:ac:ee:35:39:8d:ee:6f:d7:b4: 2a:9c:0b:9d:f5:95:12:27:a1:c5:95:2d:13:9b:13: 5c:ea:5c:8f:62:ab:eb:ea:a8:ad:11:e4:06:47:8c: 59:90:3a:b0:e2:99:3e:65:eb:85:24:8e:cd:f7:f5: 10:ae:4e:d3:fb:ea:36:c6:d4:87:0f:97:7b:89:9a: 79:40:f7:b2:95:ec:d2:f9:af:88:6c:f4:00:a3:25: c9:05:56:89:7d:37:06:b2:aa:ba:52:3a:f1:42:70: a4:ab:4d:0f:4c:99:29:38:6d:b3:fd:3d:c0:53:6d: f8:1a:3f:98:d0:04:3e:ba:79:77:80:2f:00:57:90: 52:5f:15:19:23:66:97:e1:87:ca:56:d7:20:40:0e: 50:78:9c:cf:db:e2:9f:4a:d7:c2:f9:8e:39:da:3c: 55:97:01:d8:85:b5:00:4c:c6:2e:01:8e:e8:17:11: b9:31:1d:45:38:16:fc:b7:3a:5d:57:45:d7:b3:2c: 1b:da:a4:68:8f:8a:c8:f5:9a:c4:97:11:04:06:27: fd:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:FB:F6:28:64:84:16:EE:1D:99:D3:2E:5F:9C:96:85:A7:BE:2B:BC X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2723/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2723/zfv2KGSEFu4dmdMuX5yWhae-K7w.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.114.240.0/22 Signature Algorithm: sha256WithRSAEncryption 98:0e:88:eb:b6:b6:87:ea:b5:d5:1b:27:9e:23:0a:53:16:ab: 96:6a:8f:d7:af:91:ad:1f:2a:51:81:18:bc:cb:07:c1:1e:ed: 6e:14:78:47:2c:e6:9f:8e:95:8e:d6:9b:ec:ae:1b:6c:61:ba: 19:5b:03:09:cb:87:70:b9:74:00:41:59:7a:54:65:d2:d0:60: 06:db:f6:68:39:29:d5:89:f1:cc:72:1f:5a:73:ef:44:6d:1f: c8:c6:a4:ba:e6:48:10:51:96:10:25:51:e6:a8:46:2b:50:5f: 25:a5:da:2e:66:30:5e:08:b3:2b:35:ff:60:ef:ab:12:15:b5: 75:17:86:fe:e9:7a:2e:f8:b5:26:cb:67:70:ff:91:9d:eb:ab: af:e7:61:70:0a:b6:bf:e0:08:cf:e2:41:84:6a:6c:e6:7b:48: 49:22:a4:3d:16:e0:f7:3b:d5:34:49:9c:d2:eb:8c:9d:22:af: 26:ce:41:2c:48:05:46:23:e3:ea:3d:58:46:d1:1e:4a:d4:df: f6:4d:42:af:a3:fe:27:64:09:95:f3:80:d9:2d:d1:c5:c5:da: 6c:c2:ea:11:11:16:d7:0f:ec:a9:48:35:9b:32:74:4c:10:5f: 82:44:70:27:64:5c:f7:7d:a7:56:ac:14:3d:aa:56:5e:f7:8e: 5b:2c:6c:2b -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALyJMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU2MzNaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKENERkJGNjI4NjQ4NDE2RUUxRDk5RDMyRTVGOUM5Njg1QTdCRTJC QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCusMe4h/DGCsHeB8xv jk+Ns1jSKDeZDQbs1PdGI7b4TyDKXcYf9392KWVNI/1ufRROw6zuNTmN7m/XtCqc C531lRInocWVLRObE1zqXI9iq+vqqK0R5AZHjFmQOrDimT5l64Ukjs339RCuTtP7 6jbG1IcPl3uJmnlA97KV7NL5r4hs9ACjJckFVol9NwayqrpSOvFCcKSrTQ9MmSk4 bbP9PcBTbfgaP5jQBD66eXeALwBXkFJfFRkjZpfhh8pW1yBADlB4nM/b4p9K18L5 jjnaPFWXAdiFtQBMxi4BjugXEbkxHUU4Fvy3Ol1XRdezLBvapGiPisj1msSXEQQG J/1bAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUzfv2KGSEFu4dmdMuX5yWhae+K7ww HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3 MjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjcyMy96ZnYyS0dTRUZ1NGRtZE11WDV5V2hhZS1LN3cubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ3LwMA0GCSqGSIb3DQEBCwUA A4IBAQCYDojrtraH6rXVGyeeIwpTFquWao/Xr5GtHypRgRi8ywfBHu1uFHhHLOaf jpWO1pvsrhtsYboZWwMJy4dwuXQAQVl6VGXS0GAG2/ZoOSnVifHMch9ac+9EbR/I xqS65kgQUZYQJVHmqEYrUF8lpdouZjBeCLMrNf9g76sSFbV1F4b+6Xou+LUmy2dw /5Gd66uv52FwCra/4AjP4kGEamzme0hJIqQ9FuD3O9U0SZzS64ydIq8mzkEsSAVG I+PqPVhG0R5K1N/2TUKvo/4nZAmV84DZLdHFxdpswuoRERbXD+ypSDWbMnRMEF+C RHAnZFz3fadWrBQ9qlZe945bLGwr -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:41 2024 by rpki-client on console-ams.rpki-client.org