$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/KnUvQ6QxoheyTTXOiiVkyVhFESE.cer File: KnUvQ6QxoheyTTXOiiVkyVhFESE.cer (raw, json) Hash identifier: Ds+pyP/u1QmcAs0OY5eOscIPKJi+pfLwRqkLZcrnkZM= Subject key identifier: 2A:75:2F:43:A4:31:A2:17:B2:4D:35:CE:8A:25:64:C9:58:45:11:21 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CD51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2991/KnUvQ6QxoheyTTXOiiVkyVhFESE.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2991/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:08:32 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.152.208.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52561 (0xcd51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:08:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=2A752F43A431A217B24D35CE8A2564C958451121 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a6:68:aa:4e:e2:c8:33:17:9a:02:68:3e:e7: a5:12:36:02:b5:00:15:44:ea:9d:5b:27:4a:e8:7f: 6c:6a:35:54:52:bc:18:8a:03:04:68:af:da:e7:80: 81:5e:b6:50:fc:62:37:fb:bb:c0:24:58:10:47:97: b7:d5:d1:a3:29:ae:f0:3c:c1:31:e6:47:5b:61:f4: 46:ec:f9:f1:64:bb:f9:67:24:9b:ba:d5:79:f8:56: b6:62:d7:33:e8:c9:75:f6:39:1c:15:4a:31:60:03: a8:03:e0:c9:25:98:56:3f:d2:04:01:80:ee:d9:2f: bc:35:4e:29:13:cd:ce:a5:e0:d7:61:7d:60:c6:a4: 94:2c:a3:2b:5b:1e:09:47:76:16:c3:a9:dc:8f:8a: df:08:03:ff:08:d5:94:10:82:4d:10:43:ea:aa:34: 01:d5:34:54:07:47:c7:14:21:4b:27:4a:bc:1e:e7: 71:54:e3:ee:73:b4:2f:af:7f:05:97:4e:29:1f:53: 84:ee:56:3d:18:76:1a:a3:0a:be:b6:9c:6d:3a:61: 8b:19:14:96:55:c5:2a:bf:f4:31:c3:96:56:a0:25: ad:16:a1:56:54:a7:36:fd:3c:fb:4d:79:9d:4d:f2: 44:9e:1b:90:5b:ee:d3:f2:ef:ee:16:80:96:dd:cd: 4d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:75:2F:43:A4:31:A2:17:B2:4D:35:CE:8A:25:64:C9:58:45:11:21 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2991/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2991/KnUvQ6QxoheyTTXOiiVkyVhFESE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.208.0/23 Signature Algorithm: sha256WithRSAEncryption 24:59:18:a4:94:cb:ac:35:12:30:85:ec:c1:d6:b4:cd:a5:c3: b8:da:58:ab:79:d0:7e:81:73:96:55:aa:e6:01:78:c7:25:49: eb:c6:dc:06:94:20:13:ab:59:ca:ae:60:f8:d9:cd:5a:aa:be: 55:da:6c:d1:48:dc:f8:f2:19:21:d1:4b:d1:67:a1:e4:d6:dc: 43:2d:5f:08:d7:ef:7a:e4:74:7c:98:32:f7:68:60:69:8d:1d: 19:b5:33:87:93:9d:70:e8:38:9b:7b:bf:ab:c0:ad:6b:1c:8e: 25:f4:aa:a9:44:41:db:78:77:30:61:c3:29:c4:d0:28:8c:8b: 19:42:9e:13:a5:f3:bf:6b:59:11:1e:ed:9d:fd:93:a9:85:de: fc:e6:be:8f:8f:16:30:77:7c:f1:46:80:f0:8a:29:9e:ff:14: 53:a5:55:ac:4f:e4:0c:0d:b2:ba:40:05:b3:9d:34:07:7e:6a: 1b:78:49:fb:22:2b:d1:f6:04:a3:fe:da:eb:d4:48:b4:1f:7b: c2:94:53:21:41:de:70:e7:bd:32:44:cb:ec:1c:61:ab:54:53: b7:f4:8a:06:07:c9:36:85:93:91:78:80:da:b5:d1:33:0e:44: 34:64:7b:8e:07:02:15:4c:2e:62:e1:c0:f8:98:61:73:02:40: d6:d9:76:6c -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAM1RMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA4MzJaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDJBNzUyRjQzQTQzMUEyMTdCMjREMzVDRThBMjU2NEM5NTg0NTEx MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6pmiqTuLIMxeaAmg+ 56USNgK1ABVE6p1bJ0rof2xqNVRSvBiKAwRor9rngIFetlD8Yjf7u8AkWBBHl7fV 0aMprvA8wTHmR1th9Ebs+fFku/lnJJu61Xn4VrZi1zPoyXX2ORwVSjFgA6gD4Mkl mFY/0gQBgO7ZL7w1TikTzc6l4NdhfWDGpJQsoytbHglHdhbDqdyPit8IA/8I1ZQQ gk0QQ+qqNAHVNFQHR8cUIUsnSrwe53FU4+5ztC+vfwWXTikfU4TuVj0YdhqjCr62 nG06YYsZFJZVxSq/9DHDllagJa0WoVZUpzb9PPtNeZ1N8kSeG5Bb7tPy7+4WgJbd zU1xAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUKnUvQ6QxoheyTTXOiiVkyVhFESEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5 OTEvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjk5MS9LblV2UTZReG9oZXlUVFhPaWlWa3lWaEZFU0UubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5jQMA0GCSqGSIb3DQEBCwUA A4IBAQAkWRiklMusNRIwhezB1rTNpcO42liredB+gXOWVarmAXjHJUnrxtwGlCAT q1nKrmD42c1aqr5V2mzRSNz48hkh0UvRZ6Hk1txDLV8I1+965HR8mDL3aGBpjR0Z tTOHk51w6Dibe7+rwK1rHI4l9KqpREHbeHcwYcMpxNAojIsZQp4TpfO/a1kRHu2d /ZOphd785r6PjxYwd3zxRoDwiime/xRTpVWsT+QMDbK6QAWznTQHfmobeEn7IivR 9gSj/trr1Ei0H3vClFMhQd5w570yRMvsHGGrVFO39IoGB8k2hZOReIDatdEzDkQ0 ZHuOBwIVTC5i4cD4mGFzAkDW2XZs -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:57 2025 by rpki-client