$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/HGWVpCrOOFPHh2cE5lvoX1wYUnk.cer File: HGWVpCrOOFPHh2cE5lvoX1wYUnk.cer (raw, json) Hash identifier: nBsXrG2zm16pf6uG/OdsCtNubuRGsm4e2PU+eeI7430= Subject key identifier: 1C:65:95:A4:2A:CE:38:53:C7:87:67:04:E6:5B:E8:5F:5C:18:52:79 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CE13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/HGWVpCrOOFPHh2cE5lvoX1wYUnk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:12:14 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: AS: 146805 IP: 2401:dd20::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52755 (0xce13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:12:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1C6595A42ACE3853C7876704E65BE85F5C185279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5d:c4:75:ea:7e:11:c9:d1:d7:4c:0a:a5:15: 05:11:45:a6:03:7a:49:14:8b:ae:a7:c5:f4:e5:f1: a6:c6:9f:8b:24:68:38:9c:69:b9:57:01:c2:04:bc: 8d:dc:6e:5e:8c:0f:c8:9f:b6:a5:61:56:4a:e4:36: 9f:3d:11:a1:30:f9:43:63:8f:99:53:57:b2:b8:a6: dc:81:cc:f5:26:76:ee:4a:49:37:86:cf:80:6a:08: b9:ba:94:23:b1:9a:49:1e:87:c6:d7:c9:97:7b:f1: 82:3e:79:0e:ed:10:dc:bd:fb:d8:9f:f6:0d:ba:7e: f2:8f:10:1e:54:43:1c:20:48:9e:b2:a5:c7:23:b4: f5:e5:98:49:d7:c4:a5:bf:f3:67:cb:ee:35:97:d4: 48:c1:2f:1b:70:cb:9c:15:3a:83:c5:8b:70:b0:07: b0:ac:31:03:2a:c7:2a:a8:7b:f0:8c:13:5f:bd:d7: be:12:6f:5f:52:00:2c:6b:25:c2:64:8f:20:15:b5: 0b:a5:8a:c7:69:18:56:e3:c5:25:10:ef:af:3e:30: 0c:d8:8e:7f:0e:b3:bc:cb:79:d7:b8:bf:62:02:4b: 4c:da:33:b8:32:59:df:67:85:54:89:65:55:f2:95: 97:ed:e1:56:97:a1:7c:00:15:01:0d:b0:46:df:9f: 9c:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:65:95:A4:2A:CE:38:53:C7:87:67:04:E6:5B:E8:5F:5C:18:52:79 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/HGWVpCrOOFPHh2cE5lvoX1wYUnk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 146805 sbgp-ipAddrBlock: critical IPv6: 2401:dd20::/32 Signature Algorithm: sha256WithRSAEncryption 18:16:ca:c9:aa:18:99:a5:66:42:1a:b5:b9:28:bd:a5:d9:09: 31:fb:9f:1d:f3:30:66:3e:35:d7:ef:77:b6:7a:d2:0f:55:7b: 32:8a:ee:dd:dc:5f:51:d6:2e:28:99:d8:e4:d6:ca:45:71:15: 51:2b:8d:6e:99:dc:85:59:e5:c2:7b:5b:13:71:85:f7:9a:d7: 96:e7:4d:47:c8:4d:83:35:80:b9:6c:31:ce:9d:f2:57:2e:9f: 29:87:fd:d2:e9:18:74:0b:a4:a1:33:ef:ed:b0:0f:c4:be:70: 2a:ff:aa:2c:6b:64:4a:ce:ff:8b:08:83:05:c5:ba:de:c8:42: d9:f4:13:ec:09:59:5d:2c:3a:e3:37:bd:04:5d:fe:12:9a:b7: ec:21:d9:5e:9b:a2:24:02:16:76:7e:1d:5f:d5:d1:71:dd:48: 41:d1:13:23:bb:c8:ba:4d:bc:fe:1c:4c:e5:23:cb:b9:f5:c6: d6:fb:ec:7b:b4:45:5e:aa:f2:f3:48:5b:30:de:88:8a:89:0c: e6:1c:5f:48:fc:64:49:99:d8:a4:87:a3:9b:be:b2:c9:4d:4e: a5:50:a1:3c:d5:f4:0c:06:a8:6f:1f:6e:6b:c7:2a:1c:9a:5f: 6e:e5:5e:52:3e:44:91:4e:5b:50:82:af:77:6d:57:a2:8d:6b: a9:a2:94:5f -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAM4TMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODEyMTRaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDFDNjU5NUE0MkFDRTM4NTNDNzg3NjcwNEU2NUJFODVGNUMxODUy NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8XcR16n4RydHXTAql FQURRaYDekkUi66nxfTl8abGn4skaDicablXAcIEvI3cbl6MD8iftqVhVkrkNp89 EaEw+UNjj5lTV7K4ptyBzPUmdu5KSTeGz4BqCLm6lCOxmkkeh8bXyZd78YI+eQ7t ENy9+9if9g26fvKPEB5UQxwgSJ6ypccjtPXlmEnXxKW/82fL7jWX1EjBLxtwy5wV OoPFi3CwB7CsMQMqxyqoe/CME1+9174Sb19SACxrJcJkjyAVtQulisdpGFbjxSUQ 768+MAzYjn8Os7zLede4v2ICS0zaM7gyWd9nhVSJZVXylZft4VaXoXwAFQENsEbf n5yDAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQUHGWVpCrOOFPHh2cE5lvoX1wYUnkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MzUvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMzNS9IR1dWcENyT09GUEhoMmNFNWx2b1gxd1lVbmsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwI9dTAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQB3SAwDQYJKoZIhvcNAQELBQADggEBABgWysmqGJmlZkIatbko vaXZCTH7nx3zMGY+Ndfvd7Z60g9VezKK7t3cX1HWLiiZ2OTWykVxFVErjW6Z3IVZ 5cJ7WxNxhfea15bnTUfITYM1gLlsMc6d8lcunymH/dLpGHQLpKEz7+2wD8S+cCr/ qixrZErO/4sIgwXFut7IQtn0E+wJWV0sOuM3vQRd/hKat+wh2V6boiQCFnZ+HV/V 0XHdSEHREyO7yLpNvP4cTOUjy7n1xtb77Hu0RV6q8vNIWzDeiIqJDOYcX0j8ZEmZ 2KSHo5u+sslNTqVQoTzV9AwGqG8fbmvHKhyaX27lXlI+RJFOW1CCr3dtV6KNa6mi lF8= -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:58 2025 by rpki-client