$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer File: HgmeBebBoQHvBXkS-8Ez8XDe4Kc.cer (raw, json) Hash identifier: n5AoqXJ+CZQ+faO8TYw993W7MKjXXOct/i1RmF4jXFc= Subject key identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 41FF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:06:54 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 157.10.130.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16895 (0x41ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:06:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=1E099E05E6C1A101EF057912FBC133F170DEE0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:ec:8c:27:2d:bd:d8:dd:41:24:67:7e:97: 13:8f:b3:d8:a2:4a:bb:6a:6f:8c:dd:38:e9:98:c4: b7:10:d1:28:6b:c8:a8:d2:5e:fa:d1:ad:97:c9:c8: db:5b:e8:d6:86:c3:24:05:58:b2:d6:b8:6f:71:66: 9b:b1:41:3c:2b:d9:38:b6:7c:fb:90:61:4b:a9:4e: 0c:ba:f9:01:ec:ac:3f:c6:fa:e3:b5:98:5f:4f:e3: 31:39:2c:a6:cf:fa:c6:b6:e0:b7:34:6b:9c:d1:66: cb:54:2c:7a:ac:2f:f9:aa:ba:02:6b:9f:43:1d:9d: 2d:d1:96:fe:55:34:a4:29:20:ab:9a:3a:d9:b1:a9: e7:ba:21:cf:d6:f5:a9:ad:41:f9:4c:e4:11:8d:70: 64:cb:b9:09:8f:95:1e:d5:cd:6d:28:0c:ca:82:b5: 53:6c:3c:85:57:8e:c4:9b:80:e2:f1:3c:2b:9a:2e: ca:04:43:9d:49:e7:14:9a:c6:9d:27:d9:cf:ae:3e: 19:1a:31:0c:7c:42:c9:2c:8d:2a:d0:77:9b:82:97: 12:6d:b9:4a:94:60:0c:25:30:9b:15:5a:3b:73:e0: f5:cd:51:f4:a5:0b:32:87:19:35:a6:1d:50:7b:9a: dc:4e:86:09:20:cc:bf:ff:0b:e7:d5:f9:70:94:db: ff:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:09:9E:05:E6:C1:A1:01:EF:05:79:12:FB:C1:33:F1:70:DE:E0:A7 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3256/HgmeBebBoQHvBXkS-8Ez8XDe4Kc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.130.0/23 Signature Algorithm: sha256WithRSAEncryption 00:10:6c:29:99:8d:58:7c:db:46:c6:92:41:37:53:e7:79:a4: 3c:39:8f:20:10:e9:85:95:b5:34:0e:f7:f1:a7:e0:f1:04:b0: 1c:d3:4e:a4:a9:f7:ac:ea:e6:f4:d0:b8:69:9d:88:3d:ba:2a: 6b:68:a8:f7:d0:c7:a2:04:10:dd:5e:3a:ca:46:b4:77:69:97: df:6c:eb:09:93:37:96:59:9e:fd:ac:6b:3e:f5:11:18:c4:2b: e0:22:19:94:e8:c7:de:83:9e:1c:84:e8:79:ba:47:89:9e:56: 11:4a:1b:4d:8e:ad:b6:3b:08:71:1f:5e:a1:94:23:01:8b:e0: ea:9b:72:91:1a:7b:a9:e9:32:c4:3c:6d:14:15:af:f4:1e:a2: 44:a9:2c:76:78:50:32:1c:86:12:29:a4:96:78:73:92:95:ae: a6:60:05:93:c5:e2:15:7d:98:8f:ee:0a:aa:ae:fb:44:8e:33: be:5d:00:96:d6:46:f5:95:28:21:b6:62:10:5a:4a:ba:e2:a0: 1b:22:50:d1:41:2f:0f:9e:ed:47:1d:ef:91:d8:53:28:bc:7d: d3:c3:18:10:fb:4f:07:6f:4c:ae:e6:34:04:96:18:86:00:f3: b5:7c:80:2b:8e:87:9c:b1:39:77:78:2c:32:57:0b:5f:72:53: 17:76:86:f1 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQf8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMDY1NFoXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoMUUwOTlFMDVFNkMxQTEwMUVGMDU3OTEyRkJDMTMzRjE3MERFRTBB NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOV17IwnLb3Y3UEkZ36X E4+z2KJKu2pvjN046ZjEtxDRKGvIqNJe+tGtl8nI21vo1obDJAVYsta4b3Fmm7FB PCvZOLZ8+5BhS6lODLr5AeysP8b647WYX0/jMTksps/6xrbgtzRrnNFmy1Qseqwv +aq6AmufQx2dLdGW/lU0pCkgq5o62bGp57ohz9b1qa1B+UzkEY1wZMu5CY+VHtXN bSgMyoK1U2w8hVeOxJuA4vE8K5ouygRDnUnnFJrGnSfZz64+GRoxDHxCySyNKtB3 m4KXEm25SpRgDCUwmxVaO3Pg9c1R9KULMocZNaYdUHua3E6GCSDMv/8L59X5cJTb /x8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQeCZ4F5sGhAe8FeRL7wTPxcN7gpzAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 Ni8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU2L0hnbWVCZWJCb1FIdkJYa1MtOEV6OFhEZTRLYy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCoIwDQYJKoZIhvcNAQELBQAD ggEBAAAQbCmZjVh820bGkkE3U+d5pDw5jyAQ6YWVtTQO9/Gn4PEEsBzTTqSp96zq 5vTQuGmdiD26KmtoqPfQx6IEEN1eOspGtHdpl99s6wmTN5ZZnv2saz71ERjEK+Ai GZTox96DnhyE6Hm6R4meVhFKG02OrbY7CHEfXqGUIwGL4OqbcpEae6npMsQ8bRQV r/QeokSpLHZ4UDIchhIppJZ4c5KVrqZgBZPF4hV9mI/uCqqu+0SOM75dAJbWRvWV KCG2YhBaSrrioBsiUNFBLw+e7Ucd75HYUyi8fdPDGBD7TwdvTK7mNASWGIYA87V8 gCuOh5yxOXd4LDJXC19yUxd2hvE= -----END CERTIFICATE-----Generated at Fri Oct 24 08:56:14 2025 by rpki-client