Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer (raw, json)
Hash identifier: ds9sD6aLX9CEFeOXEo+03kjIGW+NBBBafCCZnWb9Hlk=
Subject key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: D9F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Sun 03 Aug 2025 09:17:53 +0000
Certificate not after: Mon 03 Aug 2026 08:44:40 +0000
Subordinate resources: AS: 9812
AS: 23850
IP: 58.24.0.0/15
IP: 60.63.0.0/16
IP: 61.87.192.0/18
IP: 111.212.0.0/14
IP: 114.60.0.0/14
IP: 118.132.0.0/14
IP: 121.76.0.0/15
IP: 124.28.192.0/18
IP: 124.151.0.0/16
IP: 202.158.160.0/19
IP: 211.144.64.0/19
IP: 211.154.64.0/19
IP: 211.167.96.0/19
IP: 218.242.0.0/16
IP: 219.233.0.0/16
IP: 220.232.64.0/18
IP: 220.234.0.0/16
IP: 221.137.0.0/16
IP: 223.248.0.0/14
IP: 2400:6600::/32
IP: 2401:800::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 Aug 2025 07:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55796 (0xd9f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Aug 3 09:17:53 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:52:8f:5f:ff:34:8c:db:a9:1c:83:0f:8c:
93:e3:34:9d:17:3a:f1:6a:36:2c:42:e3:92:44:50:
ed:58:4c:22:7b:d7:2d:f9:e5:d6:f9:d2:69:4c:0a:
99:81:5b:5e:7c:b3:58:3c:6d:2d:e0:b8:1e:dd:1a:
93:04:b0:4b:78:74:1f:95:cf:86:d1:d1:3d:32:dc:
11:39:12:b9:6f:6e:70:18:fc:9e:a3:01:1f:44:a8:
ab:27:1a:18:bb:b1:41:d7:8f:06:71:37:7f:9f:7c:
80:78:1f:7b:ee:28:85:0e:a3:47:a1:3c:8c:00:43:
b6:e4:0b:58:2e:ce:22:33:6a:a9:f5:25:dc:14:d8:
04:7b:8a:e3:90:36:b1:e6:bc:c8:9f:90:b0:09:c9:
e0:a5:98:d1:d8:37:9e:4c:80:6f:b6:08:0c:04:fb:
e9:82:82:41:05:b6:bf:60:bb:26:b4:b0:41:d5:25:
2c:30:8b:e8:fd:db:71:69:e2:9e:e2:cc:38:07:83:
cc:ee:ce:bc:92:74:8a:9f:5d:b1:a5:f6:5b:fe:c9:
4a:ee:a5:8b:66:47:69:47:77:96:7a:61:88:59:a0:
e3:d2:7a:3f:7d:81:9f:6e:a2:00:36:2a:58:2c:ca:
79:1e:ae:b5:1e:60:f6:55:90:e9:f4:57:6a:b2:dd:
c6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9812
23850
sbgp-ipAddrBlock: critical
IPv4:
58.24.0.0/15
60.63.0.0/16
61.87.192.0/18
111.212.0.0/14
114.60.0.0/14
118.132.0.0/14
121.76.0.0/15
124.28.192.0/18
124.151.0.0/16
202.158.160.0/19
211.144.64.0/19
211.154.64.0/19
211.167.96.0/19
218.242.0.0/16
219.233.0.0/16
220.232.64.0/18
220.234.0.0/16
221.137.0.0/16
223.248.0.0/14
IPv6:
2400:6600::/32
2401:800::/32
Signature Algorithm: sha256WithRSAEncryption
09:be:18:c2:0a:77:39:73:a6:25:72:60:16:1a:4f:c7:e4:1b:
aa:22:ff:b5:22:76:35:1d:e9:19:42:cc:84:66:94:25:96:6d:
16:cc:ef:0d:46:45:77:b5:33:d7:17:62:28:27:dd:c0:a7:9d:
7e:0e:71:25:bc:22:ab:09:dd:75:e6:ff:71:f9:89:7d:cd:23:
f2:67:23:4b:e1:2b:a9:d7:c5:b2:9c:3a:2d:a8:ef:4e:c3:72:
54:ca:71:89:3f:f5:fc:f2:0e:da:21:dd:62:7a:ef:02:63:8c:
c4:62:a5:da:d3:c4:b3:42:f1:30:cd:1b:a5:88:67:8f:ca:ac:
df:0b:83:0f:2d:47:2c:22:e1:ee:6d:11:8d:06:45:51:2f:f6:
47:01:ba:ef:ec:73:50:f7:4a:76:14:2f:fe:9d:59:3b:d9:42:
3d:df:51:eb:50:00:b2:be:83:2b:d5:72:b5:aa:e3:ef:11:6b:
fd:fb:ad:9e:57:63:29:6c:2b:6c:d9:71:f3:4f:50:f2:e9:b4:
cd:00:35:95:51:ae:0d:5f:e0:35:19:d2:4e:b5:cd:b9:43:a5:
85:c8:13:16:37:5d:54:48:69:84:6c:35:b9:32:4d:91:dc:fc:
44:5b:a7:c9:06:d0:ce:be:28:ae:0f:bf:b1:40:e7:1d:96:f9:
8d:ba:8a:f4
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgIDANn0MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA4MDMwOTE3NTNaFw0yNjA4MDMwODQ0NDBaMDMx
MTAvBgNVBAMTKERBMURBQkVDRjE5NDVERkY1M0I2MjBFMEI2QzQxMEU5MUU0NDcx
QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLFKPX/80jNupHIMP
jJPjNJ0XOvFqNixC45JEUO1YTCJ71y355db50mlMCpmBW158s1g8bS3guB7dGpME
sEt4dB+Vz4bR0T0y3BE5ErlvbnAY/J6jAR9EqKsnGhi7sUHXjwZxN3+ffIB4H3vu
KIUOo0ehPIwAQ7bkC1guziIzaqn1JdwU2AR7iuOQNrHmvMifkLAJyeClmNHYN55M
gG+2CAwE++mCgkEFtr9guya0sEHVJSwwi+j923Fp4p7izDgHg8zuzrySdIqfXbGl
9lv+yUrupYtmR2lHd5Z6YYhZoOPSej99gZ9uogA2KlgsynkerrUeYPZVkOn0V2qy
3cbLAgMBAAGjggLpMIIC5TAdBgNVHQ4EFgQU2h2r7PGUXf9TtiDgtsQQ6R5EcbEw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzUy
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzUyLzJoMnI3UEdVWGY5VHRpRGd0c1FRNlI1RWNiRS5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHQYI
KwYBBQUHAQgBAf8EDjAMoAowCAICJlQCAl0qMIGXBggrBgEFBQcBBwEB/wSBhzCB
hDBsBAIAATBmAwMBOhgDAwA8PwMEBj1XwAMDAm/UAwMCcjwDAwJ2hAMDAXlMAwQG
fBzAAwMAfJcDBAXKnqADBAXTkEADBAXTmkADBAXTp2ADAwDa8gMDANvpAwQG3OhA
AwMA3OoDAwDdiQMDAt/4MBQEAgACMA4DBQAkAGYAAwUAJAEIADANBgkqhkiG9w0B
AQsFAAOCAQEACb4Ywgp3OXOmJXJgFhpPx+QbqiL/tSJ2NR3pGULMhGaUJZZtFszv
DUZFd7Uz1xdiKCfdwKedfg5xJbwiqwnddeb/cfmJfc0j8mcjS+ErqdfFspw6Lajv
TsNyVMpxiT/1/PIO2iHdYnrvAmOMxGKl2tPEs0LxMM0bpYhnj8qs3wuDDy1HLCLh
7m0RjQZFUS/2RwG67+xzUPdKdhQv/p1ZO9lCPd9R61AAsr6DK9Vytarj7xFr/fut
nldjKWwrbNlx809Q8um0zQA1lVGuDV/gNRnSTrXNuUOlhcgTFjddVEhphGw1uTJN
kdz8RFunyQbQzr4org+/sUDnHZb5jbqK9A==
-----END CERTIFICATE-----
Generated at Wed Aug 13 04:26:17 2025 by rpki-client