Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
File: lIG05AkBXY630D82A4gw7BCYq8A.cer (raw, json)
Hash identifier: 9zJYY/k2PxCb/t+FYK5dM4fLLiAAA+2BVetti4MQom0=
Subject key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: D0C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 25 Apr 2025 19:36:36 +0000
Certificate not after: Fri 03 Apr 2026 08:00:09 +0000
Subordinate resources: AS: 23852
IP: 58.66.0.0/15
IP: 59.107.0.0/16
IP: 124.172.0.0/15
IP: 203.88.192.0/19
IP: 211.147.224.0/19
IP: 211.155.16.0/20
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 12:08:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53441 (0xd0c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Apr 25 19:36:36 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:12:b5:d5:0f:09:cf:53:c1:eb:72:7a:74:e4:
fc:bf:f2:70:a0:e4:95:02:fd:4b:f8:41:db:cd:3d:
1d:e3:24:a9:1d:10:87:35:81:56:1a:dd:ab:d1:93:
20:62:7a:b7:ed:03:e9:73:bd:ad:93:3e:01:e7:6c:
44:0e:23:a3:88:76:e8:ed:c9:62:6b:dd:f8:53:4b:
be:f5:5c:5c:f9:20:d2:85:d2:c1:52:52:eb:ab:ca:
8c:2e:b5:ba:06:86:e6:30:ab:a3:16:2d:1f:68:89:
cb:e8:db:84:24:7a:cc:48:dc:ce:ee:6c:40:4e:95:
a8:47:42:35:09:b8:1a:a3:a9:5e:5c:96:a3:6e:06:
64:95:49:e3:3a:c1:44:dd:00:50:fa:27:7d:52:e3:
c2:ea:ac:2d:f4:31:96:7a:2a:62:48:e9:e3:b5:8c:
63:4a:6a:5d:f2:d9:63:a8:ba:b5:97:68:60:d4:60:
43:a9:4a:16:cf:74:43:af:54:65:2b:6e:8a:56:3d:
fe:5f:c4:3e:73:2f:38:6e:03:4c:30:32:15:64:1e:
09:42:01:6c:9c:e9:b8:ad:2d:bc:e0:ba:f7:d9:2e:
31:ad:00:02:30:47:2f:f2:b0:01:84:94:e3:e0:b6:
27:3a:d6:92:09:e1:a7:c0:a0:41:2a:f7:d8:4b:d9:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23852
sbgp-ipAddrBlock: critical
IPv4:
58.66.0.0/15
59.107.0.0/16
124.172.0.0/15
203.88.192.0/19
211.147.224.0/19
211.155.16.0/20
Signature Algorithm: sha256WithRSAEncryption
56:41:61:38:05:2f:f9:8f:18:8f:94:18:6f:11:a7:64:aa:92:
8c:e0:a5:aa:b8:c8:6c:df:de:73:7c:06:c5:90:49:ec:00:b3:
a1:38:90:19:ab:12:f1:87:9f:19:b0:6c:7c:de:b8:41:2f:59:
ca:b3:ce:7a:1a:1d:1e:cf:1f:3f:d9:51:ef:2c:53:08:7c:0c:
13:5a:db:54:89:e1:97:d8:43:ee:70:00:94:21:c2:c7:cf:de:
51:49:72:74:50:01:d3:37:23:6a:36:09:7c:ed:fb:21:25:e5:
96:9a:f6:54:d9:9a:e6:a6:85:a7:5a:ff:c6:3a:53:bb:87:32:
b2:97:40:56:00:bd:20:a0:f1:a9:15:ab:bd:2a:8c:db:0b:1f:
ee:74:a5:dc:50:c0:4e:43:33:a0:88:c4:f4:f9:a3:17:b0:d3:
33:77:8c:c6:1a:6d:fc:80:7d:24:a5:81:38:78:2a:de:29:e9:
62:b7:3b:8f:46:ca:34:6b:0c:59:c8:be:c7:e8:1c:dc:b9:fb:
de:98:a8:a5:bd:c7:23:df:5b:0e:88:b4:c8:18:df:4b:ef:eb:
89:d8:b5:cd:7f:70:37:16:a5:3a:7f:4f:e9:b9:13:e7:6c:b9:
ce:cc:07:b1:c4:3d:5e:39:17:04:7f:9d:0e:fd:31:dc:d4:8f:
14:9e:d2:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANDBMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTA0MjUxOTM2MzZaFw0yNjA0MDMwODAwMDlaMDMx
MTAvBgNVBAMTKDk0ODFCNEU0MDkwMTVEOEVCN0QwM0YzNjAzODgzMEVDMTA5OEFC
QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjErXVDwnPU8Hrcnp0
5Py/8nCg5JUC/Uv4QdvNPR3jJKkdEIc1gVYa3avRkyBierftA+lzva2TPgHnbEQO
I6OIdujtyWJr3fhTS771XFz5INKF0sFSUuuryowutboGhuYwq6MWLR9oicvo24Qk
esxI3M7ubEBOlahHQjUJuBqjqV5clqNuBmSVSeM6wUTdAFD6J31S48LqrC30MZZ6
KmJI6eO1jGNKal3y2WOourWXaGDUYEOpShbPdEOvVGUrbopWPf5fxD5zLzhuA0ww
MhVkHglCAWyc6bitLbzguvfZLjGtAAIwRy/ysAGElOPgtic61pIJ4afAoEEq99hL
2TVzAgMBAAGjggKFMIICgTAdBgNVHQ4EFgQUlIG05AkBXY630D82A4gw7BCYq8Aw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHSBggrBgEFBQcBCwSBxTCBwjA2BggrBgEF
BQcwBYYqcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYv
MFUGCCsGAQUFBzAKhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNi9sSUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEubWZ0MDEGCCsGAQUF
BzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMBkGCCsG
AQUFBwEIAQH/BAowCKAGMAQCAl0sMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAh
AwMBOkIDAwA7awMDAXysAwQFy1jAAwQF05PgAwQE05sQMA0GCSqGSIb3DQEBCwUA
A4IBAQBWQWE4BS/5jxiPlBhvEadkqpKM4KWquMhs395zfAbFkEnsALOhOJAZqxLx
h58ZsGx83rhBL1nKs856Gh0ezx8/2VHvLFMIfAwTWttUieGX2EPucACUIcLHz95R
SXJ0UAHTNyNqNgl87fshJeWWmvZU2ZrmpoWnWv/GOlO7hzKyl0BWAL0goPGpFau9
KozbCx/udKXcUMBOQzOgiMT0+aMXsNMzd4zGGm38gH0kpYE4eCreKelitzuPRso0
awxZyL7H6BzcufvemKilvccj31sOiLTIGN9L7+uJ2LXNf3A3FqU6f0/puRPnbLnO
zAexxD1eORcEf50O/THc1I8UntJ9
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:23:53 2025 by rpki-client