$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/406o9-mW0qoqsVi7lztBbAR30cw.cer File: 406o9-mW0qoqsVi7lztBbAR30cw.cer (raw, json) Hash identifier: CSVJlJm2FV5wAW0uDSaVur5SDBE3rxXoIHxf6+GerO4= Subject key identifier: E3:4E:A8:F7:E9:96:D2:AA:2A:B1:58:BB:97:3B:41:6C:04:77:D1:CC Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CDFD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/406o9-mW0qoqsVi7lztBbAR30cw.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:11:49 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: AS: 146800 IP: 2401:d7e0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52733 (0xcdfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:11:49 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E34EA8F7E996D2AA2AB158BB973B416C0477D1CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:34:9a:d4:a1:69:4a:41:1f:53:e8:0d:97:ba: ef:76:7b:a8:d3:cb:6e:53:c1:26:a0:c7:20:65:cb: 86:17:e0:05:07:04:86:cd:51:c6:ae:0d:9b:5f:7a: 6c:50:bf:85:c1:d0:8c:47:42:36:e5:b2:7c:f1:1f: 0d:51:37:6c:86:6e:9e:56:ac:8f:ae:e1:8b:e2:b4: fc:68:cb:da:79:ab:22:54:78:d9:dc:52:a7:bc:d4: 19:c9:cb:a2:a6:6d:9a:32:e4:5c:b2:7a:4b:38:f0: 07:aa:2b:16:ff:b5:c9:40:ff:e0:01:a9:3a:1e:7c: da:1c:2b:1a:e1:fd:ab:a0:b3:89:8e:2e:db:cb:c1: a8:b9:65:47:12:26:64:f3:b1:d3:63:84:1f:ee:98: 3c:a7:09:a4:6d:df:7b:7b:e7:28:30:88:d2:c8:b9: 0e:c8:5f:1c:33:b8:7c:8d:78:8b:fb:64:43:0e:f5: 0f:ee:e2:e9:ae:6d:e1:e9:4a:47:93:74:62:5e:26: 9b:f1:f9:95:4d:90:93:c1:8b:8f:9b:dd:95:74:c4: 42:b8:fc:8e:33:e3:b6:be:f6:32:d7:c2:df:91:60: d7:b9:29:9c:48:35:a3:21:d9:6d:c5:83:6d:0b:73: 57:95:b6:3a:01:1d:ff:a9:5a:1a:df:23:3a:5d:5e: 4c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:4E:A8:F7:E9:96:D2:AA:2A:B1:58:BB:97:3B:41:6C:04:77:D1:CC X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/406o9-mW0qoqsVi7lztBbAR30cw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 146800 sbgp-ipAddrBlock: critical IPv6: 2401:d7e0::/32 Signature Algorithm: sha256WithRSAEncryption 0b:8f:0b:f2:4a:57:0c:b8:aa:c1:2e:bb:d9:5c:74:19:40:75: 6f:d6:4a:f6:ff:1b:cc:7f:81:be:f2:fd:ba:5f:f3:64:bb:74: f3:62:94:de:cc:4d:73:48:45:25:9a:97:e2:57:33:56:99:e8: bb:f7:3a:1b:55:7b:24:32:1f:82:3d:d2:c4:46:59:7f:ff:39: a4:85:ec:76:1c:32:c0:15:9c:ae:59:3f:44:21:64:9e:27:c4: b6:af:32:67:e3:f6:2e:0c:b6:6f:05:58:33:d8:1e:8c:7c:14: 0a:cc:08:86:79:24:01:6d:c5:8e:28:4b:ae:55:37:44:2a:a0: 3f:cb:e9:97:2d:26:4e:ba:e8:14:7d:ae:2d:6e:1d:d4:f0:f1: 1a:36:99:7c:05:14:2c:9d:f6:60:3e:22:00:6f:50:65:ea:2f: a2:8e:d5:63:67:5a:bf:9a:bd:13:23:60:da:33:23:12:b7:e2: 57:89:bf:d0:21:d7:a0:a9:c3:26:82:ae:89:a6:bd:a8:59:df: a7:01:31:a4:00:88:ad:cd:56:0c:97:d3:af:85:73:e0:c2:fa: 9f:c5:6e:f6:fd:96:1b:49:9a:ec:17:96:4d:91:ea:20:7b:1b: 6f:d4:4a:0f:0b:c0:c7:aa:ed:60:c5:de:3d:c7:fd:3c:1e:17: e2:25:9f:77 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAM39MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODExNDlaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKEUzNEVBOEY3RTk5NkQyQUEyQUIxNThCQjk3M0I0MTZDMDQ3N0Qx Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRNJrUoWlKQR9T6A2X uu92e6jTy25TwSagxyBly4YX4AUHBIbNUcauDZtfemxQv4XB0IxHQjblsnzxHw1R N2yGbp5WrI+u4YvitPxoy9p5qyJUeNncUqe81BnJy6KmbZoy5Fyyeks48AeqKxb/ tclA/+ABqToefNocKxrh/augs4mOLtvLwai5ZUcSJmTzsdNjhB/umDynCaRt33t7 5ygwiNLIuQ7IXxwzuHyNeIv7ZEMO9Q/u4umubeHpSkeTdGJeJpvx+ZVNkJPBi4+b 3ZV0xEK4/I4z47a+9jLXwt+RYNe5KZxINaMh2W3Fg20Lc1eVtjoBHf+pWhrfIzpd XkwvAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQU406o9+mW0qoqsVi7lztBbAR30cww HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MjgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMyOC80MDZvOS1tVzBxb3FzVmk3bHp0QmJBUjMwY3cubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwI9cDAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQB1+AwDQYJKoZIhvcNAQELBQADggEBAAuPC/JKVwy4qsEuu9lc dBlAdW/WSvb/G8x/gb7y/bpf82S7dPNilN7MTXNIRSWal+JXM1aZ6Lv3OhtVeyQy H4I90sRGWX//OaSF7HYcMsAVnK5ZP0QhZJ4nxLavMmfj9i4Mtm8FWDPYHox8FArM CIZ5JAFtxY4oS65VN0QqoD/L6ZctJk666BR9ri1uHdTw8Ro2mXwFFCyd9mA+IgBv UGXqL6KO1WNnWr+avRMjYNozIxK34leJv9Ah16CpwyaCrommvahZ36cBMaQAiK3N VgyX06+Fc+DC+p/Fbvb9lhtJmuwXlk2R6iB7G2/USg8LwMeq7WDF3j3H/TweF+Il n3c= -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:47 2025 by rpki-client