$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer File: HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer (raw, json) Hash identifier: JI6PoxrotihyPn0ES3X+Eon0Axpanfou1AcjtHwVoQU= Subject key identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3C77 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:07:24 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 157.10.130.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15479 (0x3c77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:07:24 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1E099E05E6C1A101EF057912FBC133F170DEE0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:ec:8c:27:2d:bd:d8:dd:41:24:67:7e:97: 13:8f:b3:d8:a2:4a:bb:6a:6f:8c:dd:38:e9:98:c4: b7:10:d1:28:6b:c8:a8:d2:5e:fa:d1:ad:97:c9:c8: db:5b:e8:d6:86:c3:24:05:58:b2:d6:b8:6f:71:66: 9b:b1:41:3c:2b:d9:38:b6:7c:fb:90:61:4b:a9:4e: 0c:ba:f9:01:ec:ac:3f:c6:fa:e3:b5:98:5f:4f:e3: 31:39:2c:a6:cf:fa:c6:b6:e0:b7:34:6b:9c:d1:66: cb:54:2c:7a:ac:2f:f9:aa:ba:02:6b:9f:43:1d:9d: 2d:d1:96:fe:55:34:a4:29:20:ab:9a:3a:d9:b1:a9: e7:ba:21:cf:d6:f5:a9:ad:41:f9:4c:e4:11:8d:70: 64:cb:b9:09:8f:95:1e:d5:cd:6d:28:0c:ca:82:b5: 53:6c:3c:85:57:8e:c4:9b:80:e2:f1:3c:2b:9a:2e: ca:04:43:9d:49:e7:14:9a:c6:9d:27:d9:cf:ae:3e: 19:1a:31:0c:7c:42:c9:2c:8d:2a:d0:77:9b:82:97: 12:6d:b9:4a:94:60:0c:25:30:9b:15:5a:3b:73:e0: f5:cd:51:f4:a5:0b:32:87:19:35:a6:1d:50:7b:9a: dc:4e:86:09:20:cc:bf:ff:0b:e7:d5:f9:70:94:db: ff:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.130.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:f4:7d:4f:5c:fc:da:2d:6d:a0:a7:75:89:44:d0:ee:a2:d1: 2f:2e:fc:cf:f5:f0:d6:c1:0f:ba:1c:9d:a9:6d:b0:81:5f:a9: d8:f3:3f:31:80:d2:fe:2b:7a:56:25:be:10:93:90:a1:35:00: fe:b2:59:09:89:ee:ad:6b:9a:b8:96:6c:d6:82:f0:85:84:ae: b0:93:39:8b:44:c7:0a:8d:70:a6:cb:42:60:78:9e:bd:40:7b: f4:db:15:e1:9e:81:87:d3:dc:a5:47:0f:9e:54:68:3d:fb:d2: 2d:01:12:7d:8f:e8:1f:75:98:b7:86:ec:1e:b3:89:69:2a:ef: 67:d9:33:6d:e6:24:86:7a:2c:db:5f:45:30:25:17:cd:d4:46: 69:89:3f:68:f4:d8:d2:b1:5e:05:00:11:4d:fc:1e:5a:73:ca: 22:26:64:79:9d:83:e1:18:b0:ab:47:87:06:f1:ee:6a:bb:5c: 02:60:ea:4e:ec:48:01:0e:d7:72:f7:02:ec:13:40:97:a8:15: 1f:a8:a7:c6:06:05:8f:46:ac:cd:ae:2a:dd:88:84:a6:37:05: 5f:c9:73:3b:c6:6a:e0:a5:48:96:d4:90:27:d6:e2:8d:82:d3: 78:c9:2f:4e:61:e4:38:ac:6f:5d:e1:59:78:b6:54:b4:ea:fb: 47:83:65:e7 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICPHcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MDcyNFoXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoMUUwOTlFMDVFNkMxQTEwMUVGMDU3OTEyRkJDMTMzRjE3MERFRTBB NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOV17IwnLb3Y3UEkZ36X E4+z2KJKu2pvjN046ZjEtxDRKGvIqNJe+tGtl8nI21vo1obDJAVYsta4b3Fmm7FB PCvZOLZ8+5BhS6lODLr5AeysP8b647WYX0/jMTksps/6xrbgtzRrnNFmy1Qseqwv +aq6AmufQx2dLdGW/lU0pCkgq5o62bGp57ohz9b1qa1B+UzkEY1wZMu5CY+VHtXN bSgMyoK1U2w8hVeOxJuA4vE8K5ouygRDnUnnFJrGnSfZz64+GRoxDHxCySyNKtB3 m4KXEm25SpRgDCUwmxVaO3Pg9c1R9KULMocZNaYdUHua3E6GCSDMv/8L59X5cJTb /x8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQeCZ4F5sGhAe8FeRL7wTPxcN7gpzAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 Ni8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU2L0hnbWVCZWJCb1FIdkJYa1MtOEV6OFhEZTRLYy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCoIwDQYJKoZIhvcNAQELBQAD ggEBAB/0fU9c/NotbaCndYlE0O6i0S8u/M/18NbBD7ocnaltsIFfqdjzPzGA0v4r elYlvhCTkKE1AP6yWQmJ7q1rmriWbNaC8IWErrCTOYtExwqNcKbLQmB4nr1Ae/Tb FeGegYfT3KVHD55UaD370i0BEn2P6B91mLeG7B6ziWkq72fZM23mJIZ6LNtfRTAl F83URmmJP2j02NKxXgUAEU38HlpzyiImZHmdg+EYsKtHhwbx7mq7XAJg6k7sSAEO 13L3AuwTQJeoFR+op8YGBY9GrM2uKt2IhKY3BV/JczvGauClSJbUkCfW4o2C03jJ L05h5Disb13hWXi2VLTq+0eDZec= -----END CERTIFICATE-----Generated at Fri Apr 4 02:22:03 2025 by rpki-client