$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer File: LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer (raw, json) Hash identifier: kuFbbi6TVlbtFcEnRNbj4pZMFJ3eA9C5XST9ZoGT/gA= Subject key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: C9B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 21 Mar 2025 02:58:33 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: AS: 59033 AS: 63689 IP: 103.204.72.0/22 IP: 202.160.140.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51636 (0xc9b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Mar 21 02:58:33 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4a:82:ea:4d:d5:e4:c0:7b:f5:35:92:f6:f8: 74:65:2e:9a:8b:9c:9d:67:41:85:8f:a0:1d:9d:b9: 1c:5e:fe:27:9c:6f:87:d8:6a:53:0f:0e:e2:62:2e: ec:cc:6a:97:d9:b6:ab:f0:9b:59:4a:b6:5d:5d:72: 41:f8:d8:1d:b4:e6:77:0d:ec:96:d3:f4:9e:8b:8a: 2c:76:be:7d:9d:c6:36:bc:9d:10:a6:89:bb:39:93: 5d:f0:89:cb:24:80:38:20:34:19:08:1d:a9:71:6f: 0f:37:5b:2e:2a:90:d8:cf:61:7a:60:fc:a5:71:c5: 0b:cd:4e:b0:c3:b9:e4:01:9c:c4:f7:04:df:84:4d: 3c:c4:62:9f:94:77:89:0b:1c:e2:0d:86:a8:8f:e0: be:29:1c:46:4e:19:fe:4f:0a:b1:0a:e0:38:b8:30: db:17:2e:b6:28:ce:75:54:93:9a:e9:26:fe:2f:a7: 21:17:ca:4d:29:76:74:65:50:7f:86:e1:ef:87:f6: f2:41:fe:42:4b:b6:53:3e:88:01:dd:a1:7e:d2:cb: 98:00:b2:c7:8a:47:d9:b1:e1:7e:4a:74:91:b3:f8: 86:82:83:68:d8:c9:88:99:b0:1f:f8:05:8b:4c:c3: 43:68:cd:d5:d3:e0:3a:2b:5a:12:61:7e:12:14:e9: 53:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 59033 63689 sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/22 202.160.140.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:a5:be:79:ff:04:26:18:0e:97:0c:3e:07:83:64:0c:19:37: 5f:ce:e9:db:86:2b:74:52:0a:a5:6d:90:97:b6:2a:ac:c5:5d: 16:86:d3:88:49:34:42:b1:68:b9:43:37:b1:29:c1:9f:2f:4e: 94:3f:22:08:9f:d5:ab:0c:c2:d9:9c:db:0d:d8:e7:90:57:28: 39:2c:8f:9d:36:91:e4:5d:3e:1d:43:ac:fe:7d:1c:d7:f9:48: 9b:92:0b:d2:08:94:8b:45:51:20:fd:ee:19:ec:cb:4b:99:c2: 8c:31:df:f3:42:80:f8:a0:0c:d1:52:55:de:2f:a5:3f:bf:14: 77:d3:9b:88:56:7b:46:0d:8e:ae:fd:53:f4:e1:2c:ec:41:a0: 74:74:8c:4e:84:3f:78:1c:37:c4:a6:9f:ca:92:f6:4b:b2:8b: 2d:51:6a:77:54:11:58:07:92:ae:31:22:84:39:ba:46:5b:d1: 18:16:9e:5a:73:5f:17:45:09:bd:f7:7b:1d:cf:60:fc:14:f8: f9:5e:98:0b:a0:85:c7:7b:de:6e:5c:07:91:46:88:1e:b3:7a: d1:1b:df:7d:67:ca:2a:03:33:2b:e9:14:d5:ba:95:65:8e:a1: 96:97:3c:0c:da:c5:c0:f5:e7:89:45:a3:6c:d9:84:49:25:50: d6:91:cf:4e -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgIDAMm0MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTAzMjEwMjU4MzNaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKDJERTE0RjJBQzdGMDIzODEzNzA1MkVBQTMxNUM1QkQ2NDMxMzQw MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+SoLqTdXkwHv1NZL2 +HRlLpqLnJ1nQYWPoB2duRxe/iecb4fYalMPDuJiLuzMapfZtqvwm1lKtl1dckH4 2B205ncN7JbT9J6Liix2vn2dxja8nRCmibs5k13wicskgDggNBkIHalxbw83Wy4q kNjPYXpg/KVxxQvNTrDDueQBnMT3BN+ETTzEYp+Ud4kLHOINhqiP4L4pHEZOGf5P CrEK4Di4MNsXLrYoznVUk5rpJv4vpyEXyk0pdnRlUH+G4e+H9vJB/kJLtlM+iAHd oX7Sy5gAsseKR9mx4X5KdJGz+IaCg2jYyYiZsB/4BYtMw0NozdXT4DorWhJhfhIU 6VNpAgMBAAGjggJ8MIICeDAdBgNVHQ4EFgQULeFPKsfwI4E3BS6qMVxb1kMTQCIw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1 ODcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTU4Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDmmQIDAPjJMCUGCCsGAQUFBwEHAQH/ BBYwFDASBAIAATAMAwQCZ8xIAwQCyqCMMA0GCSqGSIb3DQEBCwUAA4IBAQBtpb55 /wQmGA6XDD4Hg2QMGTdfzunbhit0UgqlbZCXtiqsxV0WhtOISTRCsWi5QzexKcGf L06UPyIIn9WrDMLZnNsN2OeQVyg5LI+dNpHkXT4dQ6z+fRzX+UibkgvSCJSLRVEg /e4Z7MtLmcKMMd/zQoD4oAzRUlXeL6U/vxR305uIVntGDY6u/VP04SzsQaB0dIxO hD94HDfEpp/KkvZLsostUWp3VBFYB5KuMSKEObpGW9EYFp5ac18XRQm993sdz2D8 FPj5XpgLoIXHe95uXAeRRoges3rRG999Z8oqAzMr6RTVupVljqGWlzwM2sXA9eeJ RaNs2YRJJVDWkc9O -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:55 2025 by rpki-client