$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer File: Al4teU5v-uKVus5JEQDj0YuccUE.cer (raw, json) Hash identifier: BXBbDPD4isVpoH16WDY2pTgo3Gn+3XjiXygcx3IhCu0= Subject key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CEC7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:16:15 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 60.247.128.0/17 IP: 211.149.128.0/17 IP: 2403:db00::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52935 (0xcec7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:16:15 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:44:b4:bb:96:6f:6c:4d:08:ae:46:d0:82:23: 8b:91:0b:34:51:d9:8f:3c:ff:88:d7:7b:45:bd:24: ab:39:23:51:7c:a4:22:0a:e8:29:55:ce:66:d9:f0: 30:92:fd:aa:80:f3:48:50:d2:e5:cd:64:04:d5:93: 04:ec:04:ab:60:c9:d9:3f:fa:96:12:4e:9c:63:2b: 55:5d:4d:61:bf:87:09:8f:20:3e:a0:e6:53:1a:c0: 33:e6:69:2b:67:3b:46:bc:c9:3a:1e:50:76:28:0f: 2a:d8:e8:45:2d:fd:0b:6d:26:45:b9:2c:ed:fe:72: 97:3f:c2:74:9d:c8:ff:6a:88:7d:13:9d:33:ee:09: 19:b4:bf:d9:4f:ff:a5:1a:c5:c5:23:5c:6e:fb:1b: b5:fa:f8:19:a0:72:57:27:ad:10:01:57:1c:08:ee: c7:b5:56:3a:b6:7c:fe:51:e8:21:d4:4b:6f:a8:29: 89:a1:af:c8:b7:14:08:0b:91:3c:fe:c2:a4:86:77: 04:14:87:87:83:d4:f8:48:95:21:45:a7:64:ac:db: 2f:be:87:38:c7:ca:15:37:3b:a7:5f:83:ea:9f:ca: fa:7e:ad:2e:06:4b:cd:f8:4f:a6:49:d6:30:2c:81: 61:31:a0:7b:fc:a2:66:24:dc:b7:91:12:04:3f:cc: 4a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.247.128.0/17 211.149.128.0/17 IPv6: 2403:db00::/32 Signature Algorithm: sha256WithRSAEncryption b7:5a:4e:ba:69:29:7f:d1:ed:9c:43:13:f3:fa:f3:b2:ee:29: a7:16:0a:7c:75:8a:d5:ad:89:13:60:c4:f8:ab:31:e2:c0:48: 4b:df:be:8c:4b:94:bf:5d:f6:11:3a:39:93:cb:fa:b4:30:72: 9d:ac:90:dd:df:98:98:03:52:d5:4f:84:c2:78:64:12:34:3b: ec:b4:a9:a8:41:a8:83:86:3c:42:13:db:c3:9f:bc:33:51:02: c1:21:39:a8:a8:7e:5d:83:de:9e:e2:ac:fa:05:ca:7e:8c:d0: 8e:5c:c9:0b:72:55:7a:23:d7:e9:e4:3a:a1:11:9c:88:5c:1e: ae:9e:cd:dd:9f:41:9e:02:4a:8d:f7:15:a3:37:9c:23:2f:76: b3:fa:3e:f1:70:7b:c8:c3:21:da:30:96:9d:09:47:1d:9a:6c: ac:83:dc:fd:21:00:3f:3d:84:5c:78:de:06:3f:53:8f:89:fb: a4:9b:30:0a:46:0b:f3:47:68:5c:e9:8d:f3:73:c6:5e:78:87: 0d:88:c0:f5:e5:7d:a0:bc:53:0f:1a:ef:5a:a3:5c:24:4f:fa: 78:dc:eb:02:f5:68:b8:14:12:b8:45:f5:80:bb:2a:77:a8:66: 7a:ca:ab:19:9e:18:3f:80:29:88:d8:42:d5:37:58:45:af:fe: c2:2b:0b:34 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgIDAM7HMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE2MTVaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDAyNUUyRDc5NEU2RkZBRTI5NUJBQ0U0OTExMDBFM0QxOEI5Qzcx NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7RLS7lm9sTQiuRtCC I4uRCzRR2Y88/4jXe0W9JKs5I1F8pCIK6ClVzmbZ8DCS/aqA80hQ0uXNZATVkwTs BKtgydk/+pYSTpxjK1VdTWG/hwmPID6g5lMawDPmaStnO0a8yToeUHYoDyrY6EUt /QttJkW5LO3+cpc/wnSdyP9qiH0TnTPuCRm0v9lP/6UaxcUjXG77G7X6+Bmgclcn rRABVxwI7se1Vjq2fP5R6CHUS2+oKYmhr8i3FAgLkTz+wqSGdwQUh4eD1PhIlSFF p2Ss2y++hzjHyhU3O6dfg+qfyvp+rS4GS834T6ZJ1jAsgWExoHv8omYk3LeREgQ/ zEo5AgMBAAGjggJoMIICZDAdBgNVHQ4EFgQUAl4teU5v+uKVus5JEQDj0YuccUEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQ3 OS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC80NzkvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA0 BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBzz3gAMEB9OVgDANBAIAAjAHAwUA JAPbADANBgkqhkiG9w0BAQsFAAOCAQEAt1pOumkpf9HtnEMT8/rzsu4ppxYKfHWK 1a2JE2DE+Ksx4sBIS9++jEuUv132ETo5k8v6tDBynayQ3d+YmANS1U+EwnhkEjQ7 7LSpqEGog4Y8QhPbw5+8M1ECwSE5qKh+XYPenuKs+gXKfozQjlzJC3JVeiPX6eQ6 oRGciFwerp7N3Z9BngJKjfcVozecIy92s/o+8XB7yMMh2jCWnQlHHZpsrIPc/SEA Pz2EXHjeBj9Tj4n7pJswCkYL80doXOmN83PGXniHDYjA9eV9oLxTDxrvWqNcJE/6 eNzrAvVouBQSuEX1gLsqd6hmesqrGZ4YP4ApiNhC1TdYRa/+wisLNA== -----END CERTIFICATE-----Generated at Fri Apr 4 02:17:46 2025 by rpki-client