$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.cer File: M0aPVoJh8tgI9wMOCc-rvh7g7RQ.cer (raw, json) Hash identifier: WHudHYrv92Fu1V0uCcglmvH4ogp+dMKJmjgC9x4gNEU= Subject key identifier: 33:46:8F:56:82:61:F2:D8:08:F7:03:0E:09:CF:AB:BE:1E:E0:ED:14 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CE5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:14:09 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.41.232.0/22 IP: 103.90.152.0/22 IP: 103.238.152.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52827 (0xce5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:14:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=33468F568261F2D808F7030E09CFABBE1EE0ED14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:63:b1:41:4d:85:8a:0a:5a:2f:4c:c6:df:a8: c3:58:09:47:8c:9b:9d:f4:e9:5a:05:05:0c:38:9a: c4:d1:1d:81:e1:ec:11:ec:fa:8f:3a:d0:f3:4c:00: 49:b1:75:d7:15:61:9d:42:33:87:68:5f:b5:31:1f: a0:01:bb:5d:e9:13:94:0f:94:19:2b:88:5c:10:00: cb:86:c7:b4:9b:13:71:5e:b1:bd:ae:ee:d9:e0:1c: ec:9b:bd:da:78:43:26:af:f9:c1:e8:ee:f8:d0:53: c8:f8:32:7e:ff:59:34:9d:15:9d:4a:83:f0:21:09: 02:36:06:b9:98:25:5c:2c:8a:2a:86:a2:92:4b:af: 76:b8:1d:fe:e8:c1:f7:1c:c6:01:a5:f1:af:f0:71: d0:4e:b0:ea:b8:a8:5a:78:f0:8c:6e:2c:94:37:b0: 23:ad:ae:d0:00:f7:da:04:93:da:f0:c0:fa:b6:b1: cc:b6:ee:c5:64:e8:85:62:c9:4f:c7:45:3b:8c:f2: d9:2c:39:ce:92:dd:63:f3:fe:60:7e:1d:6b:90:3f: d4:b8:ae:a4:45:d5:50:19:7f:cc:fa:9d:bd:e3:ff: cb:e2:4f:cf:10:7b:54:12:3c:a8:21:4d:11:0b:da: c3:40:bd:e4:fa:78:92:0e:19:15:64:f5:a9:15:5a: 73:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:46:8F:56:82:61:F2:D8:08:F7:03:0E:09:CF:AB:BE:1E:E0:ED:14 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3228/M0aPVoJh8tgI9wMOCc-rvh7g7RQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.41.232.0/22 103.90.152.0/22 103.238.152.0/23 Signature Algorithm: sha256WithRSAEncryption 0d:1f:6a:1d:18:5c:b0:93:fd:fd:d9:3b:4e:54:7d:10:4e:ff: dd:1e:53:77:fb:e1:d5:3a:89:d3:19:67:a9:d3:44:f1:76:f6: 20:a1:af:6c:1b:02:dd:87:b3:51:44:6a:b1:91:be:31:71:64: 65:d7:85:d6:05:62:e2:7d:e5:e9:be:e6:8a:4c:f1:e3:ce:90: bb:e1:2c:23:34:c1:f3:dc:3f:a4:ce:a7:b7:f8:04:0b:ad:a0: 72:c6:36:0b:1c:10:3d:56:13:64:9e:29:4c:be:0e:d7:db:3a: 37:dd:09:26:a6:15:dd:d6:5e:10:18:c4:47:6c:25:8f:67:5f: f0:e4:d1:43:e8:df:45:dd:01:90:f5:c6:13:fa:36:58:0e:d4: 5f:4e:f9:0e:01:0d:df:b6:3c:85:6d:95:cf:89:c0:ee:3d:e4: 98:d4:3b:e8:f6:0f:39:9e:94:a8:09:c8:c0:03:47:94:15:62: c4:13:1b:d7:c9:b4:9b:f0:74:41:3d:24:c7:5e:38:36:8f:a3: 01:36:06:00:79:67:af:ed:06:9c:8a:a1:f2:4e:7d:13:dc:8b: cb:ed:03:67:51:1b:55:50:63:c8:c7:5c:d8:65:07:70:69:b8: 07:33:d5:39:bf:f8:33:6d:00:b8:8b:61:aa:16:4a:ea:4f:84: 9e:10:fd:92 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIDAM5bMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE0MDlaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDMzNDY4RjU2ODI2MUYyRDgwOEY3MDMwRTA5Q0ZBQkJFMUVFMEVE MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMY7FBTYWKClovTMbf qMNYCUeMm5306VoFBQw4msTRHYHh7BHs+o860PNMAEmxddcVYZ1CM4doX7UxH6AB u13pE5QPlBkriFwQAMuGx7SbE3Fesb2u7tngHOybvdp4Qyav+cHo7vjQU8j4Mn7/ WTSdFZ1Kg/AhCQI2BrmYJVwsiiqGopJLr3a4Hf7owfccxgGl8a/wcdBOsOq4qFp4 8IxuLJQ3sCOtrtAA99oEk9rwwPq2scy27sVk6IViyU/HRTuM8tksOc6S3WPz/mB+ HWuQP9S4rqRF1VAZf8z6nb3j/8viT88Qe1QSPKghTREL2sNAveT6eJIOGRVk9akV WnPVAgMBAAGjggJhMIICXTAdBgNVHQ4EFgQUM0aPVoJh8tgI9wMOCc+rvh7g7RQw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MjgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIyOC9NMGFQVm9KaDh0Z0k5d01PQ2MtcnZoN2c3UlEubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCZynoAwQCZ1qYAwQBZ+6YMA0G CSqGSIb3DQEBCwUAA4IBAQANH2odGFywk/392TtOVH0QTv/dHlN3++HVOonTGWep 00TxdvYgoa9sGwLdh7NRRGqxkb4xcWRl14XWBWLifeXpvuaKTPHjzpC74SwjNMHz 3D+kzqe3+AQLraByxjYLHBA9VhNknilMvg7X2zo33QkmphXd1l4QGMRHbCWPZ1/w 5NFD6N9F3QGQ9cYT+jZYDtRfTvkOAQ3ftjyFbZXPicDuPeSY1Dvo9g85npSoCcjA A0eUFWLEExvXybSb8HRBPSTHXjg2j6MBNgYAeWev7QaciqHyTn0T3IvL7QNnURtV UGPIx1zYZQdwabgHM9U5v/gzbQC4i2GqFkrqT4SeEP2S -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:46 2025 by rpki-client