$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer File: HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer (raw, json) Hash identifier: AZh9X8RCfBU/bdlbcTckmu4D43TtozunSeu5/y8FDZI= Subject key identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 31D7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 01 Feb 2024 01:19:30 +0000 Certificate not after: Fri 31 Jan 2025 01:13:46 +0000 Subordinate resources: IP: 157.10.130.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 May 2024 12:56:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12759 (0x31d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Feb 1 01:19:30 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1E099E05E6C1A101EF057912FBC133F170DEE0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:ec:8c:27:2d:bd:d8:dd:41:24:67:7e:97: 13:8f:b3:d8:a2:4a:bb:6a:6f:8c:dd:38:e9:98:c4: b7:10:d1:28:6b:c8:a8:d2:5e:fa:d1:ad:97:c9:c8: db:5b:e8:d6:86:c3:24:05:58:b2:d6:b8:6f:71:66: 9b:b1:41:3c:2b:d9:38:b6:7c:fb:90:61:4b:a9:4e: 0c:ba:f9:01:ec:ac:3f:c6:fa:e3:b5:98:5f:4f:e3: 31:39:2c:a6:cf:fa:c6:b6:e0:b7:34:6b:9c:d1:66: cb:54:2c:7a:ac:2f:f9:aa:ba:02:6b:9f:43:1d:9d: 2d:d1:96:fe:55:34:a4:29:20:ab:9a:3a:d9:b1:a9: e7:ba:21:cf:d6:f5:a9:ad:41:f9:4c:e4:11:8d:70: 64:cb:b9:09:8f:95:1e:d5:cd:6d:28:0c:ca:82:b5: 53:6c:3c:85:57:8e:c4:9b:80:e2:f1:3c:2b:9a:2e: ca:04:43:9d:49:e7:14:9a:c6:9d:27:d9:cf:ae:3e: 19:1a:31:0c:7c:42:c9:2c:8d:2a:d0:77:9b:82:97: 12:6d:b9:4a:94:60:0c:25:30:9b:15:5a:3b:73:e0: f5:cd:51:f4:a5:0b:32:87:19:35:a6:1d:50:7b:9a: dc:4e:86:09:20:cc:bf:ff:0b:e7:d5:f9:70:94:db: ff:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.130.0/23 Signature Algorithm: sha256WithRSAEncryption a5:bf:47:84:76:98:45:f2:09:c5:09:db:40:3d:95:97:48:df: 8f:31:92:dc:25:af:ec:96:4a:c8:87:27:11:c5:40:12:32:c9: 2b:f7:ce:f6:93:cc:ee:7c:c0:bb:6e:88:94:47:ba:b6:7a:8a: 60:24:03:aa:24:76:d6:1f:7d:cd:3f:62:0a:70:9c:9f:6b:21: 2f:3f:f4:51:ff:5e:96:a9:ed:e3:dc:c7:2c:51:4d:ce:99:5d: 0d:21:81:ca:c3:ac:3d:41:fd:96:28:83:46:31:a0:b4:04:e5: 29:8d:cb:6a:4b:52:17:d8:07:d8:e1:5e:71:55:56:49:34:cf: 90:ae:95:7c:f3:ad:47:c0:0d:ac:fc:07:c5:e0:79:af:21:a7: 13:a4:42:64:8e:94:f3:64:59:be:89:40:47:c6:12:41:6c:cc: d3:2f:44:ae:e2:d1:17:b0:19:d3:10:a2:07:92:bf:3d:28:1a: 0f:ff:36:3b:4a:f4:9d:76:0e:35:1d:c9:dc:f0:fc:90:b2:ee: ea:4f:83:8d:bd:ec:c1:0d:d4:e7:a7:fd:1a:49:b2:0f:3c:5b: a8:d6:2b:89:7f:bb:09:c2:eb:b0:b0:07:5c:3e:8f:46:22:14: 3b:0f:b1:d3:05:7e:eb:f7:76:5c:a9:ff:93:c5:fd:69:24:20: 5e:59:85:ec -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICMdcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI0MDIwMTAxMTkzMFoXDTI1MDEzMTAxMTM0NlowMzEx MC8GA1UEAxMoMUUwOTlFMDVFNkMxQTEwMUVGMDU3OTEyRkJDMTMzRjE3MERFRTBB NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOV17IwnLb3Y3UEkZ36X E4+z2KJKu2pvjN046ZjEtxDRKGvIqNJe+tGtl8nI21vo1obDJAVYsta4b3Fmm7FB PCvZOLZ8+5BhS6lODLr5AeysP8b647WYX0/jMTksps/6xrbgtzRrnNFmy1Qseqwv +aq6AmufQx2dLdGW/lU0pCkgq5o62bGp57ohz9b1qa1B+UzkEY1wZMu5CY+VHtXN bSgMyoK1U2w8hVeOxJuA4vE8K5ouygRDnUnnFJrGnSfZz64+GRoxDHxCySyNKtB3 m4KXEm25SpRgDCUwmxVaO3Pg9c1R9KULMocZNaYdUHua3E6GCSDMv/8L59X5cJTb /x8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQeCZ4F5sGhAe8FeRL7wTPxcN7gpzAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 Ni8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU2L0hnbWVCZWJCb1FIdkJYa1MtOEV6OFhEZTRLYy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCoIwDQYJKoZIhvcNAQELBQAD ggEBAKW/R4R2mEXyCcUJ20A9lZdI348xktwlr+yWSsiHJxHFQBIyySv3zvaTzO58 wLtuiJRHurZ6imAkA6okdtYffc0/YgpwnJ9rIS8/9FH/Xpap7ePcxyxRTc6ZXQ0h gcrDrD1B/ZYog0YxoLQE5SmNy2pLUhfYB9jhXnFVVkk0z5CulXzzrUfADaz8B8Xg ea8hpxOkQmSOlPNkWb6JQEfGEkFszNMvRK7i0RewGdMQogeSvz0oGg//NjtK9J12 DjUdydzw/JCy7upPg4297MEN1Oen/RpJsg88W6jWK4l/uwnC67CwB1w+j0YiFDsP sdMFfuv3dlyp/5PF/WkkIF5Zhew= -----END CERTIFICATE-----Generated at Tue May 28 08:45:01 2024 by rpki-client on console-ams.rpki-client.org