$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/H4HG-W0BkJkB20LNehLnmKk_Trc.cer File: H4HG-W0BkJkB20LNehLnmKk_Trc.cer (raw, json) Hash identifier: pLlcFDw6I62wBwgJ7cOSZm/7Rq4E0Fr8P2rhDkWaQkI= Subject key identifier: 1F:81:C6:F9:6D:01:90:99:01:DB:42:CD:7A:12:E7:98:A9:3F:4E:B7 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: BC85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/H4HG-W0BkJkB20LNehLnmKk_Trc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 27 Sep 2024 02:56:29 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 103.156.174.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48261 (0xbc85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 27 02:56:29 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1F81C6F96D01909901DB42CD7A12E798A93F4EB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:09:8d:2d:b4:3d:5b:15:aa:2c:1c:52:eb:92: 31:d7:8b:50:c4:ab:6c:27:6e:cd:a5:49:c2:c3:12: 8c:7e:48:cf:f2:e1:34:ee:f0:1f:64:98:70:4f:45: 2d:95:1f:2d:1f:b1:93:d0:04:31:50:25:1d:03:20: 47:64:61:13:05:77:33:fc:4b:35:34:97:6b:01:dd: bb:ca:1a:eb:f9:c6:b4:61:63:d8:20:73:fc:fc:4c: a4:2f:c4:16:95:4c:6d:06:96:75:91:65:ab:01:6a: bf:fc:72:85:b7:ff:3b:73:65:8a:e5:60:53:70:4a: d3:99:bf:65:c4:d3:77:91:cf:6e:8f:2d:ef:b0:cd: b0:58:57:ec:fa:f9:28:67:f5:f2:b6:b9:2d:3e:ca: 0e:ce:c6:f7:4b:9d:30:27:d5:7b:4e:50:bb:ec:4f: 01:8c:66:37:4e:fb:63:c1:56:a1:53:e5:ea:b5:7a: dd:6f:36:11:c3:27:be:71:d7:5c:94:d4:42:31:c8: 5a:24:63:3f:c1:fe:c4:35:51:2d:08:c5:c9:fb:e8: 90:fd:b9:d6:67:5d:7c:ee:cd:b9:a8:e0:c5:c1:86: 86:0b:79:af:0a:ee:2a:72:af:42:1e:75:18:53:d1: 3d:a9:53:f8:d4:39:34:0b:35:d8:5e:e1:70:96:01: 1c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:81:C6:F9:6D:01:90:99:01:DB:42:CD:7A:12:E7:98:A9:3F:4E:B7 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3023/H4HG-W0BkJkB20LNehLnmKk_Trc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.156.174.0/23 Signature Algorithm: sha256WithRSAEncryption 26:6b:a0:b3:b6:d5:93:76:95:6d:b7:ae:36:06:a3:ee:c0:39: c4:7a:5c:5e:31:98:75:25:d4:f1:6e:28:ff:aa:0d:af:87:18: dd:88:e9:cb:d0:57:75:cc:8a:36:01:22:30:4d:86:12:4c:36: e6:5c:92:9e:25:63:64:aa:05:73:7b:f0:ce:11:59:b5:95:d4: bd:90:bd:42:25:d9:5a:73:cf:93:6c:45:30:71:31:05:19:8d: 80:1a:89:df:b3:7a:ae:ac:23:87:69:79:0c:22:27:4a:ae:77: 10:8a:aa:99:7a:d5:fc:3f:26:9b:7a:2c:61:3b:25:b2:65:4d: 2b:1a:33:96:36:af:21:db:94:93:8f:63:d7:06:79:1c:d2:93: 96:15:6c:fb:a5:19:1e:46:ae:77:24:cd:cf:b7:46:21:2f:a4: 81:1c:31:ad:77:c1:8c:15:da:69:06:0d:1c:d2:0d:1f:fc:4d: b5:ac:85:a6:25:ab:e8:25:c3:48:29:a1:b1:91:62:9f:51:96: b6:e3:2e:4b:d6:07:de:3e:5f:49:4c:03:12:0d:45:bd:79:ca: 93:c0:b9:95:2d:a7:8e:e5:f1:23:53:8c:9a:fd:38:19:a9:e8: ba:30:15:fc:27:ce:df:7f:e5:b6:05:71:18:36:d2:f9:88:22: 44:0c:20:56 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALyFMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjU2MjlaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDFGODFDNkY5NkQwMTkwOTkwMURCNDJDRDdBMTJFNzk4QTkzRjRF QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+CY0ttD1bFaosHFLr kjHXi1DEq2wnbs2lScLDEox+SM/y4TTu8B9kmHBPRS2VHy0fsZPQBDFQJR0DIEdk YRMFdzP8SzU0l2sB3bvKGuv5xrRhY9ggc/z8TKQvxBaVTG0GlnWRZasBar/8coW3 /ztzZYrlYFNwStOZv2XE03eRz26PLe+wzbBYV+z6+Shn9fK2uS0+yg7OxvdLnTAn 1XtOULvsTwGMZjdO+2PBVqFT5eq1et1vNhHDJ75x11yU1EIxyFokYz/B/sQ1US0I xcn76JD9udZnXXzuzbmo4MXBhoYLea8K7ipyr0IedRhT0T2pU/jUOTQLNdhe4XCW ARzxAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUH4HG+W0BkJkB20LNehLnmKk/Trcw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw MjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzAyMy9INEhHLVcwQmtKa0IyMExOZWhMbm1La19UcmMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5yuMA0GCSqGSIb3DQEBCwUA A4IBAQAma6CzttWTdpVtt642BqPuwDnEelxeMZh1JdTxbij/qg2vhxjdiOnL0Fd1 zIo2ASIwTYYSTDbmXJKeJWNkqgVze/DOEVm1ldS9kL1CJdlac8+TbEUwcTEFGY2A Gonfs3qurCOHaXkMIidKrncQiqqZetX8PyabeixhOyWyZU0rGjOWNq8h25STj2PX Bnkc0pOWFWz7pRkeRq53JM3Pt0YhL6SBHDGtd8GMFdppBg0c0g0f/E21rIWmJavo JcNIKaGxkWKfUZa24y5L1gfePl9JTAMSDUW9ecqTwLmVLaeO5fEjU4ya/TgZqei6 MBX8J87ff+W2BXEYNtL5iCJEDCBW -----END CERTIFICATE-----Generated at Fri Nov 22 09:42:26 2024 by rpki-client on console-ams.rpki-client.org