$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/H4HG-W0BkJkB20LNehLnmKk_Trc.cer File: H4HG-W0BkJkB20LNehLnmKk_Trc.cer (raw, json) Hash identifier: e/zy2QeEUSZVGVNjSGcYDuvFPgiFD4yaI4aZ2BsxWuw= Subject key identifier: 1F:81:C6:F9:6D:01:90:99:01:DB:42:CD:7A:12:E7:98:A9:3F:4E:B7 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CE27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/H4HG-W0BkJkB20LNehLnmKk_Trc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:13:10 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.156.174.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52775 (0xce27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:13:10 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1F81C6F96D01909901DB42CD7A12E798A93F4EB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:09:8d:2d:b4:3d:5b:15:aa:2c:1c:52:eb:92: 31:d7:8b:50:c4:ab:6c:27:6e:cd:a5:49:c2:c3:12: 8c:7e:48:cf:f2:e1:34:ee:f0:1f:64:98:70:4f:45: 2d:95:1f:2d:1f:b1:93:d0:04:31:50:25:1d:03:20: 47:64:61:13:05:77:33:fc:4b:35:34:97:6b:01:dd: bb:ca:1a:eb:f9:c6:b4:61:63:d8:20:73:fc:fc:4c: a4:2f:c4:16:95:4c:6d:06:96:75:91:65:ab:01:6a: bf:fc:72:85:b7:ff:3b:73:65:8a:e5:60:53:70:4a: d3:99:bf:65:c4:d3:77:91:cf:6e:8f:2d:ef:b0:cd: b0:58:57:ec:fa:f9:28:67:f5:f2:b6:b9:2d:3e:ca: 0e:ce:c6:f7:4b:9d:30:27:d5:7b:4e:50:bb:ec:4f: 01:8c:66:37:4e:fb:63:c1:56:a1:53:e5:ea:b5:7a: dd:6f:36:11:c3:27:be:71:d7:5c:94:d4:42:31:c8: 5a:24:63:3f:c1:fe:c4:35:51:2d:08:c5:c9:fb:e8: 90:fd:b9:d6:67:5d:7c:ee:cd:b9:a8:e0:c5:c1:86: 86:0b:79:af:0a:ee:2a:72:af:42:1e:75:18:53:d1: 3d:a9:53:f8:d4:39:34:0b:35:d8:5e:e1:70:96:01: 1c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:81:C6:F9:6D:01:90:99:01:DB:42:CD:7A:12:E7:98:A9:3F:4E:B7 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/H4HG-W0BkJkB20LNehLnmKk_Trc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.156.174.0/23 Signature Algorithm: sha256WithRSAEncryption 17:98:50:47:db:83:95:8a:f2:17:4a:3c:11:67:15:41:a9:5e: 31:16:bd:d4:ad:ba:da:ae:a0:62:44:cd:d4:55:49:11:39:1e: 0a:42:3f:8f:0b:fa:22:b4:fe:7b:56:6f:d1:6d:2a:91:98:85: 2a:8e:63:48:3c:78:9e:34:26:ee:8f:86:28:d2:10:04:6c:0c: 61:10:3b:05:dd:f8:6d:92:30:05:1d:a0:e1:ad:83:c3:29:47: 97:51:d5:bc:0b:ad:d4:f8:89:f8:b9:c2:16:57:c9:be:2f:aa: 29:5f:58:bc:2b:62:fb:da:c1:2f:3b:c5:64:2f:15:39:b8:c0: 4f:d1:97:9b:6d:3a:12:f9:73:33:be:e3:a1:89:da:a8:7b:89: e3:68:eb:bd:b8:04:ae:4f:a9:e8:de:d6:c0:05:85:23:0e:94: 44:ef:92:f3:a1:fa:bf:7b:12:ce:a9:f0:9d:69:a5:72:10:c3: 39:a2:63:37:ad:59:1f:1c:09:4f:f5:e1:77:73:04:6e:6e:d1: 05:38:4d:91:32:09:d9:d4:a8:47:5b:e2:4c:60:14:af:58:13: ce:e3:57:b8:de:f6:98:3b:5e:8a:c8:d4:55:ee:1d:34:d6:1d: a3:5b:5c:f0:23:d8:f5:ec:ff:dd:67:f8:28:f9:e4:c2:fe:96: 43:fc:54:e5 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAM4nMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODEzMTBaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDFGODFDNkY5NkQwMTkwOTkwMURCNDJDRDdBMTJFNzk4QTkzRjRF QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+CY0ttD1bFaosHFLr kjHXi1DEq2wnbs2lScLDEox+SM/y4TTu8B9kmHBPRS2VHy0fsZPQBDFQJR0DIEdk YRMFdzP8SzU0l2sB3bvKGuv5xrRhY9ggc/z8TKQvxBaVTG0GlnWRZasBar/8coW3 /ztzZYrlYFNwStOZv2XE03eRz26PLe+wzbBYV+z6+Shn9fK2uS0+yg7OxvdLnTAn 1XtOULvsTwGMZjdO+2PBVqFT5eq1et1vNhHDJ75x11yU1EIxyFokYz/B/sQ1US0I xcn76JD9udZnXXzuzbmo4MXBhoYLea8K7ipyr0IedRhT0T2pU/jUOTQLNdhe4XCW ARzxAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUH4HG+W0BkJkB20LNehLnmKk/Trcw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw MjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzAyMy9INEhHLVcwQmtKa0IyMExOZWhMbm1La19UcmMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5yuMA0GCSqGSIb3DQEBCwUA A4IBAQAXmFBH24OVivIXSjwRZxVBqV4xFr3UrbrarqBiRM3UVUkROR4KQj+PC/oi tP57Vm/RbSqRmIUqjmNIPHieNCbuj4Yo0hAEbAxhEDsF3fhtkjAFHaDhrYPDKUeX UdW8C63U+In4ucIWV8m+L6opX1i8K2L72sEvO8VkLxU5uMBP0ZebbToS+XMzvuOh idqoe4njaOu9uASuT6no3tbABYUjDpRE75Lzofq/exLOqfCdaaVyEMM5omM3rVkf HAlP9eF3cwRubtEFOE2RMgnZ1KhHW+JMYBSvWBPO41e43vaYO16KyNRV7h001h2j W1zwI9j17P/dZ/go+eTC/pZD/FTl -----END CERTIFICATE-----Generated at Fri Apr 4 02:18:48 2025 by rpki-client