$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Abqns7epjYr5LS2VVnUO4m3D7pk.cer File: Abqns7epjYr5LS2VVnUO4m3D7pk.cer (raw, json) Hash identifier: 4bBS0n9JJ8JxMGvL6NahMINrX1ryf42/5OQuAHiJrig= Subject key identifier: 01:BA:A7:B3:B7:A9:8D:8A:F9:2D:2D:95:56:75:0E:E2:6D:C3:EE:99 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: D345 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3372/Abqns7epjYr5LS2VVnUO4m3D7pk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3372/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 22 May 2025 08:56:27 +0000 Certificate not after: Fri 22 May 2026 08:46:04 +0000 Subordinate resources: AS: 151290 IP: 103.107.164.0/23 IP: 2402:5940::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Jun 2025 09:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54085 (0xd345) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: May 22 08:56:27 2025 GMT Not After : May 22 08:46:04 2026 GMT Subject: CN=01BAA7B3B7A98D8AF92D2D9556750EE26DC3EE99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:a6:b1:d1:70:e1:d5:df:e5:18:4a:3b:77:ba: 3a:01:1b:32:95:6a:a1:89:d0:c4:c2:7b:19:47:00: 21:60:07:76:70:99:5d:ec:67:a8:69:9a:0e:84:2a: c2:a3:f8:3d:04:9d:e1:2a:de:b9:d1:68:4a:8a:81: ab:93:3c:3d:d3:01:d0:a3:3e:06:1a:92:4b:be:a8: e8:35:1e:94:80:93:64:fe:77:aa:94:b9:de:a6:95: d9:45:1f:7e:95:db:0d:5e:e6:d8:13:c1:15:97:7a: 0e:24:05:e4:22:cd:0a:a7:6b:17:15:41:4a:02:58: 02:53:08:ee:ac:0b:1d:2b:36:8f:ea:8a:d1:95:3a: 37:97:9a:31:cd:84:c3:55:0d:40:53:25:23:e9:5e: bb:98:0a:37:df:37:33:e6:8c:44:d0:f6:ec:d8:4c: 28:4d:bf:8d:e9:22:98:b1:9d:d2:e3:db:c9:37:45: 2a:06:6b:7f:59:26:24:c2:dc:81:3a:c3:c1:60:96: bc:ee:f0:b3:4a:67:db:ab:23:26:69:11:ea:67:4f: c2:9c:04:eb:6b:0a:07:e9:ba:79:4d:5e:eb:45:6b: a0:de:f7:20:12:62:55:4c:01:14:47:93:7a:22:1c: 04:dd:67:a9:38:2b:22:fe:4a:33:1b:e5:de:7c:92: d4:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:BA:A7:B3:B7:A9:8D:8A:F9:2D:2D:95:56:75:0E:E2:6D:C3:EE:99 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3372/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3372/Abqns7epjYr5LS2VVnUO4m3D7pk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151290 sbgp-ipAddrBlock: critical IPv4: 103.107.164.0/23 IPv6: 2402:5940::/32 Signature Algorithm: sha256WithRSAEncryption 7e:69:aa:31:51:d5:c0:5a:e0:04:8a:2f:0f:c3:c8:4a:96:e5: 63:a6:ad:a5:87:92:91:3d:3c:90:43:c6:24:9d:48:56:53:04: 10:a8:bb:52:29:18:38:59:23:3c:93:d9:37:a8:b8:9b:45:8a: 4f:2f:c3:1a:df:3a:51:ba:ba:f8:68:60:9f:43:d9:b7:29:f8: ad:99:e7:63:f4:87:aa:8e:91:6e:3f:80:9c:f6:63:b0:bb:83: 0c:d6:f0:2d:83:c0:23:0c:0e:1e:ec:96:98:a8:9e:6f:8c:b3: 18:3d:87:7b:6c:a4:52:13:23:10:cc:dd:e0:93:a9:e1:02:8e: 73:b4:d2:3b:1a:7f:23:85:0f:d1:57:d7:31:2b:ee:5f:ec:e0: 9a:67:f9:43:a9:a3:52:cd:78:95:f8:cb:61:e4:25:04:c2:3c: 24:1a:35:5c:b5:c9:e8:03:6e:db:8d:e7:31:66:c9:88:cd:dc: 17:bd:53:ef:80:55:a8:51:a8:cf:3c:f0:4d:46:06:86:f9:1e: d7:09:c5:62:77:a8:04:76:3a:4a:f6:04:ef:7d:ad:3b:25:b6: b9:6c:7e:8a:4b:44:3c:d2:af:20:de:28:a1:42:15:bc:9f:77: 7d:6a:d7:1b:eb:c2:c7:c8:5e:fa:e6:6b:32:ba:00:99:56:75: 75:2a:dd:33 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIDANNFMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA1MjIwODU2MjdaFw0yNjA1MjIwODQ2MDRaMDMx MTAvBgNVBAMTKDAxQkFBN0IzQjdBOThEOEFGOTJEMkQ5NTU2NzUwRUUyNkRDM0VF OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmprHRcOHV3+UYSjt3 ujoBGzKVaqGJ0MTCexlHACFgB3ZwmV3sZ6hpmg6EKsKj+D0EneEq3rnRaEqKgauT PD3TAdCjPgYakku+qOg1HpSAk2T+d6qUud6mldlFH36V2w1e5tgTwRWXeg4kBeQi zQqnaxcVQUoCWAJTCO6sCx0rNo/qitGVOjeXmjHNhMNVDUBTJSPpXruYCjffNzPm jETQ9uzYTChNv43pIpixndLj28k3RSoGa39ZJiTC3IE6w8Fglrzu8LNKZ9urIyZp EepnT8KcBOtrCgfpunlNXutFa6De9yASYlVMARRHk3oiHATdZ6k4KyL+SjMb5d58 ktTbAgMBAAGjggKAMIICfDAdBgNVHQ4EFgQUAbqns7epjYr5LS2VVnUO4m3D7pkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz NzIvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzM3Mi9BYnFuczdlcGpZcjVMUzJWVm5VTzRtM0Q3cGsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJO+jAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAWdrpDANBAIAAjAHAwUAJAJZQDANBgkqhkiG9w0BAQsFAAOCAQEA fmmqMVHVwFrgBIovD8PISpblY6atpYeSkT08kEPGJJ1IVlMEEKi7UikYOFkjPJPZ N6i4m0WKTy/DGt86Ubq6+Ghgn0PZtyn4rZnnY/SHqo6Rbj+AnPZjsLuDDNbwLYPA IwwOHuyWmKieb4yzGD2He2ykUhMjEMzd4JOp4QKOc7TSOxp/I4UP0VfXMSvuX+zg mmf5Q6mjUs14lfjLYeQlBMI8JBo1XLXJ6ANu243nMWbJiM3cF71T74BVqFGozzzw TUYGhvke1wnFYneoBHY6SvYE732tOyW2uWx+iktEPNKvIN4ooUIVvJ93fWrXG+vC x8he+uZrMroAmVZ1dSrdMw== -----END CERTIFICATE-----Generated at Mon Jun 2 07:21:03 2025 by rpki-client