$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer File: Al4teU5v-uKVus5JEQDj0YuccUE.cer (raw, json) Hash identifier: H49L0MlQ184PSgV/xRV8F9NSgWmZyAs5p5VvjrK3Hos= Subject key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E36D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:14:34 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 60.247.128.0/17 IP: 211.149.128.0/17 IP: 2403:db00::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 16:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58221 (0xe36d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:14:34 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:44:b4:bb:96:6f:6c:4d:08:ae:46:d0:82:23: 8b:91:0b:34:51:d9:8f:3c:ff:88:d7:7b:45:bd:24: ab:39:23:51:7c:a4:22:0a:e8:29:55:ce:66:d9:f0: 30:92:fd:aa:80:f3:48:50:d2:e5:cd:64:04:d5:93: 04:ec:04:ab:60:c9:d9:3f:fa:96:12:4e:9c:63:2b: 55:5d:4d:61:bf:87:09:8f:20:3e:a0:e6:53:1a:c0: 33:e6:69:2b:67:3b:46:bc:c9:3a:1e:50:76:28:0f: 2a:d8:e8:45:2d:fd:0b:6d:26:45:b9:2c:ed:fe:72: 97:3f:c2:74:9d:c8:ff:6a:88:7d:13:9d:33:ee:09: 19:b4:bf:d9:4f:ff:a5:1a:c5:c5:23:5c:6e:fb:1b: b5:fa:f8:19:a0:72:57:27:ad:10:01:57:1c:08:ee: c7:b5:56:3a:b6:7c:fe:51:e8:21:d4:4b:6f:a8:29: 89:a1:af:c8:b7:14:08:0b:91:3c:fe:c2:a4:86:77: 04:14:87:87:83:d4:f8:48:95:21:45:a7:64:ac:db: 2f:be:87:38:c7:ca:15:37:3b:a7:5f:83:ea:9f:ca: fa:7e:ad:2e:06:4b:cd:f8:4f:a6:49:d6:30:2c:81: 61:31:a0:7b:fc:a2:66:24:dc:b7:91:12:04:3f:cc: 4a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.247.128.0/17 211.149.128.0/17 IPv6: 2403:db00::/32 Signature Algorithm: sha256WithRSAEncryption ab:63:9b:0c:b7:08:4d:49:eb:96:50:7f:7a:2b:d1:0b:78:5e: 34:4e:65:e2:c9:f5:07:77:ed:9d:88:b9:7e:94:8a:47:15:02: 4c:02:8b:55:87:56:b8:75:02:65:d5:7f:78:c5:25:b2:21:fd: 6f:30:f2:85:39:a2:54:dc:f9:cc:b3:c4:cd:8b:9d:c7:19:f1: 60:01:f1:21:84:1d:10:47:87:cc:05:4c:16:03:28:0d:be:b0: dc:64:00:f7:53:94:4a:ac:3b:ae:cc:40:32:a1:e8:d4:13:f6: 52:23:b3:b6:1e:ec:3b:bd:30:e6:31:c7:c0:53:3d:5a:8e:af: 17:82:af:19:37:dc:6b:fb:1f:55:61:24:b1:b1:fe:fc:b6:14: 4b:9e:31:84:cd:89:b3:e4:90:1f:32:20:cb:12:ab:72:6f:e3: ab:f1:c7:f2:5d:31:4d:5d:c3:bb:34:29:e7:df:3b:56:d2:e2: 3f:00:26:92:49:32:07:84:47:b4:f7:08:c9:d0:d2:57:33:94: 3d:fa:3f:ae:65:f5:1e:b6:fc:e0:59:ac:da:9e:08:72:f5:7b: 2f:60:6b:63:7a:6d:98:02:f2:00:05:c9:63:2f:3c:bc:b3:c6: 28:68:24:d8:f9:04:74:dd:c0:78:d0:4c:a4:5b:9e:0d:3f:7f: 0f:9c:4d:45 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgIDAONtMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzE0MzRaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKDAyNUUyRDc5NEU2RkZBRTI5NUJBQ0U0OTExMDBFM0QxOEI5Qzcx NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7RLS7lm9sTQiuRtCC I4uRCzRR2Y88/4jXe0W9JKs5I1F8pCIK6ClVzmbZ8DCS/aqA80hQ0uXNZATVkwTs BKtgydk/+pYSTpxjK1VdTWG/hwmPID6g5lMawDPmaStnO0a8yToeUHYoDyrY6EUt /QttJkW5LO3+cpc/wnSdyP9qiH0TnTPuCRm0v9lP/6UaxcUjXG77G7X6+Bmgclcn rRABVxwI7se1Vjq2fP5R6CHUS2+oKYmhr8i3FAgLkTz+wqSGdwQUh4eD1PhIlSFF p2Ss2y++hzjHyhU3O6dfg+qfyvp+rS4GS834T6ZJ1jAsgWExoHv8omYk3LeREgQ/ zEo5AgMBAAGjggJoMIICZDAdBgNVHQ4EFgQUAl4teU5v+uKVus5JEQDj0YuccUEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQ3 OS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC80NzkvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA0 BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBzz3gAMEB9OVgDANBAIAAjAHAwUA JAPbADANBgkqhkiG9w0BAQsFAAOCAQEAq2ObDLcITUnrllB/eivRC3heNE5l4sn1 B3ftnYi5fpSKRxUCTAKLVYdWuHUCZdV/eMUlsiH9bzDyhTmiVNz5zLPEzYudxxnx YAHxIYQdEEeHzAVMFgMoDb6w3GQA91OUSqw7rsxAMqHo1BP2UiOzth7sO70w5jHH wFM9Wo6vF4KvGTfca/sfVWEksbH+/LYUS54xhM2Js+SQHzIgyxKrcm/jq/HH8l0x TV3DuzQp5987VtLiPwAmkkkyB4RHtPcIydDSVzOUPfo/rmX1Hrb84Fms2p4IcvV7 L2BrY3ptmALyAAXJYy88vLPGKGgk2PkEdN3AeNBMpFueDT9/D5xNRQ== -----END CERTIFICATE-----Generated at Thu Oct 23 13:03:28 2025 by rpki-client