Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/WEWiGKzSkgohXNUjz5m9fdFBmd8.cer
File: WEWiGKzSkgohXNUjz5m9fdFBmd8.cer (raw, json)
Hash identifier: kPgdV1uEEKrDb/NIBMNAMhQfJVudkakoyAXMD2ELx9Q=
Subject key identifier: 58:45:A2:18:AC:D2:92:0A:21:5C:D5:23:CF:99:BD:7D:D1:41:99:DF
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: CDBF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/WEWiGKzSkgohXNUjz5m9fdFBmd8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 03 Apr 2025 08:10:37 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 38356
AS: 45058
IP: 103.235.56.0/22
IP: 117.79.64.0 -- 117.79.255.255
IP: 180.188.48.0 -- 180.188.127.255
IP: 218.240.0.0/18
IP: 2400:c200::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 12:08:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52671 (0xcdbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Apr 3 08:10:37 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5845A218ACD2920A215CD523CF99BD7DD14199DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:fc:63:d0:50:2b:d8:2c:15:36:ab:7d:80:
7c:25:18:17:6a:14:73:2a:eb:61:7a:a7:b8:d9:46:
63:3b:99:94:0e:cd:56:12:39:e8:6f:e4:5c:01:18:
99:06:09:f8:9e:2b:08:14:1e:e6:70:5c:59:a3:bf:
6c:2c:8b:8e:66:8d:a6:57:4f:c6:8d:dc:05:e1:fc:
c3:58:a4:45:d4:ce:55:26:b7:26:f6:7e:4d:e3:c1:
0d:18:a8:1f:6b:98:b9:76:5d:5d:23:49:64:e0:1e:
f6:34:30:a2:93:85:76:a6:bc:9a:a1:a6:74:dc:f8:
e1:45:5e:88:17:e9:f8:f9:0c:d9:19:ca:90:47:b9:
2a:6b:88:e7:35:45:fd:a4:24:9c:87:b8:7a:44:d1:
6e:1e:d6:41:a6:62:00:ed:fc:5c:21:14:16:15:51:
d4:67:93:25:a5:90:31:da:b3:b6:8a:64:04:a0:94:
8f:7c:4e:f4:a4:76:24:61:c2:98:a8:ff:af:bc:61:
fd:a8:03:b8:ef:b7:b3:96:5a:99:77:3d:7f:17:be:
9e:6f:f5:24:4b:73:52:ed:d1:ef:0a:13:ba:67:54:
f6:6f:2f:08:30:d3:dd:76:31:cf:df:63:2b:b3:e5:
c6:9d:f3:c1:48:ca:b2:78:71:9b:2b:0c:5b:4c:91:
1d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:45:A2:18:AC:D2:92:0A:21:5C:D5:23:CF:99:BD:7D:D1:41:99:DF
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/WEWiGKzSkgohXNUjz5m9fdFBmd8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38356
45058
sbgp-ipAddrBlock: critical
IPv4:
103.235.56.0/22
117.79.64.0-117.79.255.255
180.188.48.0-180.188.127.255
218.240.0.0/18
IPv6:
2400:c200::/32
Signature Algorithm: sha256WithRSAEncryption
a9:9b:57:d4:40:3b:85:56:d2:0d:00:90:e2:e8:e0:a7:5c:e3:
b8:a1:18:f6:c8:ca:11:e9:54:7c:a3:6c:77:94:0d:ea:f5:e8:
dc:6b:1b:e0:5e:52:26:6e:70:f7:84:eb:b4:72:a8:ec:ac:dc:
40:c3:63:73:59:c2:48:e8:13:4f:9d:3c:b9:05:73:22:23:58:
62:00:55:de:62:c4:4d:5f:d4:b0:f5:0f:76:a4:96:e5:fd:46:
65:e6:94:b1:19:ad:1c:93:9e:b3:b4:29:74:d6:bb:b3:22:9e:
56:c1:ab:32:53:92:a8:54:7e:0e:e8:3f:ff:8c:15:50:1a:af:
2e:65:da:12:ad:72:90:d7:19:17:ac:5e:62:c6:cc:ed:9f:d1:
4c:ce:f2:6f:4e:0d:45:8d:67:ef:ce:20:09:bf:a5:8c:cd:65:
09:a1:96:8e:59:16:85:7b:1e:cd:f2:a8:3e:61:88:37:5e:a2:
b9:c9:5c:2b:48:33:8e:9c:d6:62:ac:fb:8d:3b:df:9d:cd:a6:
7e:b9:f5:10:2e:df:95:a6:ed:77:bb:d0:3e:3d:ab:95:14:7d:
46:6f:fa:a7:b7:3f:0e:c5:f9:6a:55:66:99:b1:10:66:d3:eb:
a2:04:76:05:3d:1b:11:bd:c5:52:60:df:49:14:2e:81:3e:e9:
e0:9f:0a:9d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAM2/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODEwMzdaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDU4NDVBMjE4QUNEMjkyMEEyMTVDRDUyM0NGOTlCRDdERDE0MTk5
REYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQf/xj0FAr2CwVNqt9
gHwlGBdqFHMq62F6p7jZRmM7mZQOzVYSOehv5FwBGJkGCfieKwgUHuZwXFmjv2ws
i45mjaZXT8aN3AXh/MNYpEXUzlUmtyb2fk3jwQ0YqB9rmLl2XV0jSWTgHvY0MKKT
hXamvJqhpnTc+OFFXogX6fj5DNkZypBHuSpriOc1Rf2kJJyHuHpE0W4e1kGmYgDt
/FwhFBYVUdRnkyWlkDHas7aKZASglI98TvSkdiRhwpio/6+8Yf2oA7jvt7OWWpl3
PX8Xvp5v9SRLc1Lt0e8KE7pnVPZvLwgw0912Mc/fYyuz5cad88FIyrJ4cZsrDFtM
kR3bAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWEWiGKzSkgohXNUjz5m9fdFBmd8w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQ2
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzQ2L1dFV2lHS3pTa2dvaFhOVWp6NW05ZmRGQm1kOC5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQgBAf8EEDAOoAwwCgIDAJXUAgMAsAIwTwYIKwYBBQUHAQcBAf8EQDA+
MC0EAgABMCcDBAJn6zgwCwMEBnVPQAMDBHVAMAwDBAS0vDADBAe0vAADBAba8AAw
DQQCAAIwBwMFACQAwgAwDQYJKoZIhvcNAQELBQADggEBAKmbV9RAO4VW0g0AkOLo
4Kdc47ihGPbIyhHpVHyjbHeUDer16NxrG+BeUiZucPeE67RyqOys3EDDY3NZwkjo
E0+dPLkFcyIjWGIAVd5ixE1f1LD1D3akluX9RmXmlLEZrRyTnrO0KXTWu7MinlbB
qzJTkqhUfg7oP/+MFVAary5l2hKtcpDXGResXmLGzO2f0UzO8m9ODUWNZ+/OIAm/
pYzNZQmhlo5ZFoV7Hs3yqD5hiDdeornJXCtIM46c1mKs+407353Npn659RAu35Wm
7Xe70D49q5UUfUZv+qe3Pw7F+WpVZpmxEGbT66IEdgU9GxG9xVJg30kULoE+6eCf
Cp0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:24:15 2025 by rpki-client