$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/GNOMXLFLfmfU5pKTTsqs4rwzZes.cer File: GNOMXLFLfmfU5pKTTsqs4rwzZes.cer (raw, json) Hash identifier: /4mxSq2wuvCIE0Ldn1v11N585cbtKDYBNjx5OQRZMF4= Subject key identifier: 18:D3:8C:5C:B1:4B:7E:67:D4:E6:92:93:4E:CA:AC:E2:BC:33:65:EB Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CEC9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/GNOMXLFLfmfU5pKTTsqs4rwzZes.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:16:17 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.60.228.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52937 (0xcec9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:16:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=18D38C5CB14B7E67D4E692934ECAACE2BC3365EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1f:68:a4:2e:9a:55:2e:9e:e7:98:72:ec:ca: 4e:9a:d1:5f:18:55:ff:24:39:74:55:8d:96:da:82: 1e:42:c0:f0:ee:13:7f:da:45:14:76:d1:13:89:d0: ee:b8:10:0a:00:dd:86:47:ca:60:e9:be:0b:b0:c1: e3:43:09:a0:f3:e0:75:a8:b1:7f:07:5f:4b:e9:33: 75:f1:a5:c9:05:09:a9:77:4b:8b:d3:93:72:6d:33: b6:44:e0:19:de:db:5e:14:69:c6:cb:6f:6f:17:40: da:3a:e7:58:3c:4e:cd:cb:80:d4:45:d1:70:97:29: e0:4a:3c:f6:fd:35:89:18:20:d7:a6:9f:5d:46:64: 95:01:4b:73:03:1f:21:cf:fa:e2:d3:ff:e6:8d:3a: 79:fa:c0:24:fc:7c:35:4c:cd:5c:07:0b:9d:56:a5: 14:4f:61:15:cc:98:7b:0e:49:65:1a:bb:70:3f:a1: 28:0c:78:d6:3b:3d:61:98:31:34:84:b0:3e:bd:fe: 83:80:7d:de:f8:74:d9:f1:b1:94:1a:a2:c0:7e:2b: 79:99:7e:0d:54:c2:61:1a:c7:ac:28:57:75:6b:7f: dd:b0:d1:b5:4c:5a:a3:4a:d5:dd:92:19:21:71:79: 1e:c7:82:96:bb:48:fd:b1:93:69:94:8d:94:d3:83: 5b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D3:8C:5C:B1:4B:7E:67:D4:E6:92:93:4E:CA:AC:E2:BC:33:65:EB X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1230/GNOMXLFLfmfU5pKTTsqs4rwzZes.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.60.228.0/22 Signature Algorithm: sha256WithRSAEncryption b0:78:6d:b4:50:ce:05:24:51:1a:54:b4:82:7d:bc:34:d4:3e: 96:9f:da:61:1d:ea:c3:d5:70:d4:da:ea:74:a9:24:65:e6:d8: 7c:23:ac:2d:c9:eb:4b:fc:47:a3:78:4f:34:10:18:62:7b:ab: aa:a1:f9:c5:95:1f:80:23:8b:c5:25:b5:5e:4e:9d:86:54:c4: fd:c6:1d:45:ab:8c:6d:14:fe:97:4b:1e:f3:c3:02:b5:d0:c9: 9d:9e:36:a9:66:cb:c8:1a:b3:a3:a3:2a:f0:0e:41:25:0c:6d: 89:d6:a9:52:fd:4d:e0:f0:3d:e5:b2:63:96:7d:26:74:1f:98: d6:2c:66:17:bd:b7:ed:c2:7b:9a:f1:77:53:4a:fa:3c:18:0e: 2f:5a:ba:b8:46:ae:ff:5c:dc:5d:e4:52:1c:be:39:c4:62:1b: 24:37:02:e0:3a:c7:ab:26:bd:eb:e7:cb:62:b1:54:02:a5:fb: a5:60:23:6c:05:c8:21:e2:ac:6e:57:69:cf:e4:eb:58:2b:a2: 18:d7:f5:24:8d:46:d0:b1:f5:67:03:8a:fc:fa:3b:9b:26:a9: d2:2a:84:67:70:37:ba:9e:a7:73:fa:9b:20:1a:bd:65:14:63: 63:e6:38:c2:eb:20:47:1b:ae:40:64:16:98:6b:11:f8:16:01: 10:dd:48:90 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAM7JMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE2MTdaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDE4RDM4QzVDQjE0QjdFNjdENEU2OTI5MzRFQ0FBQ0UyQkMzMzY1 RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCH2ikLppVLp7nmHLs yk6a0V8YVf8kOXRVjZbagh5CwPDuE3/aRRR20ROJ0O64EAoA3YZHymDpvguwweND CaDz4HWosX8HX0vpM3XxpckFCal3S4vTk3JtM7ZE4Bne214UacbLb28XQNo651g8 Ts3LgNRF0XCXKeBKPPb9NYkYINemn11GZJUBS3MDHyHP+uLT/+aNOnn6wCT8fDVM zVwHC51WpRRPYRXMmHsOSWUau3A/oSgMeNY7PWGYMTSEsD69/oOAfd74dNnxsZQa osB+K3mZfg1UwmEax6woV3Vrf92w0bVMWqNK1d2SGSFxeR7Hgpa7SP2xk2mUjZTT g1uvAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUGNOMXLFLfmfU5pKTTsqs4rwzZesw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEy MzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTIzMC9HTk9NWExGTGZtZlU1cEtUVHNxczRyd3paZXMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZzzkMA0GCSqGSIb3DQEBCwUA A4IBAQCweG20UM4FJFEaVLSCfbw01D6Wn9phHerD1XDU2up0qSRl5th8I6wtyetL /EejeE80EBhie6uqofnFlR+AI4vFJbVeTp2GVMT9xh1Fq4xtFP6XSx7zwwK10Mmd njapZsvIGrOjoyrwDkElDG2J1qlS/U3g8D3lsmOWfSZ0H5jWLGYXvbftwnua8XdT Svo8GA4vWrq4Rq7/XNxd5FIcvjnEYhskNwLgOserJr3r58tisVQCpfulYCNsBcgh 4qxuV2nP5OtYK6IY1/UkjUbQsfVnA4r8+jubJqnSKoRncDe6nqdz+psgGr1lFGNj 5jjC6yBHG65AZBaYaxH4FgEQ3UiQ -----END CERTIFICATE-----Generated at Fri Apr 4 02:22:12 2025 by rpki-client