$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer File: OstT3inBC2LxfO9hjR44QUU6wOg.cer (raw, json) Hash identifier: ybf94MU0iHHx7auS2u05vHnOEJIJQapx7PRWD7vf4J4= Subject key identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 4243 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:10:05 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 157.20.136.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16963 (0x4243) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:10:05 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4e:e9:16:cc:87:f3:cd:eb:61:bd:74:c8:d8: f0:18:f4:4b:ea:41:cc:d1:5f:84:1f:63:26:0a:3e: b2:2e:e0:09:c5:36:60:b6:d7:56:b5:0d:d8:82:06: 59:c1:ef:f8:4f:18:51:24:7a:5f:4d:e4:23:63:93: 24:30:d8:34:0e:02:e3:42:04:04:02:35:83:21:6d: ab:93:21:1c:af:ed:22:21:c7:be:e0:07:5b:fe:b8: 63:d9:5e:eb:03:84:e5:5b:75:41:bc:52:f4:e8:af: 87:79:de:ef:07:6c:ed:a3:16:39:b9:ea:c8:55:b9: 70:d7:ca:09:5f:fa:2c:00:86:1d:e0:41:54:01:7c: 8f:0b:9c:ae:53:34:d8:e8:c0:28:0d:0e:b1:cc:15: 6b:bb:d7:96:09:6f:d5:f9:ba:a8:b6:28:36:f5:98: 69:05:7d:58:cb:a8:a1:6b:90:de:be:b0:7d:6e:b7: 47:b4:88:be:cd:fa:b5:25:e6:c4:16:41:57:e0:67: fe:08:bc:e8:df:69:52:bf:42:29:1e:18:05:27:21: 48:f7:d4:a3:ab:ec:09:a7:85:5a:a5:d7:02:bd:20: df:ae:45:f2:23:03:df:c1:a5:7d:8b:a2:77:1a:0b: ff:7a:d4:c5:f7:7b:2c:52:41:64:35:6d:f2:a6:7d: 64:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.136.0/23 Signature Algorithm: sha256WithRSAEncryption 58:06:21:ff:02:84:58:91:0c:b8:10:6d:da:a4:5c:c0:ae:62: 16:f4:17:c8:6e:fc:15:2a:00:17:14:fb:98:51:fd:e0:ac:20: 2e:a9:2f:60:1e:a8:58:d3:d7:e8:2a:92:1d:d5:93:70:16:87: 34:3c:3b:78:ad:e7:f1:b2:85:c0:d5:a4:a9:d4:bc:07:20:84: 51:4c:41:af:1c:a6:a3:67:79:42:c6:9c:a3:be:a9:ff:81:66: 2f:7c:53:e5:72:e4:80:0e:66:56:42:fa:3f:08:0a:9a:6a:97: 95:ff:13:36:c0:bd:c1:a0:df:c9:18:82:ae:b4:3b:cd:3b:df: 14:ee:50:ed:e8:b7:ee:8a:19:d5:f0:f6:90:8b:d9:80:b7:f9: 88:03:ef:d4:6b:30:5f:67:a9:a1:ac:63:9f:8c:97:39:86:50: a2:dc:0d:00:ea:15:6f:a6:0c:03:ad:4a:b8:e5:f5:00:09:05: 8e:53:81:c3:3f:1f:ca:41:48:ee:cc:3a:c8:5b:55:b4:83:77: 80:ea:b9:76:d6:83:11:1c:64:d9:88:2f:3c:24:04:4a:69:02: e7:87:c5:ff:60:8c:57:8b:06:f5:e7:21:98:23:71:71:07:cf: cf:74:64:75:d1:f9:6c:41:66:fc:bd:1c:9e:ae:a2:84:8b:dc: 77:23:96:02 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQkMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMTAwNVoXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoM0FDQjUzREUyOUMxMEI2MkYxN0NFRjYxOEQxRTM4NDE0NTNBQzBF ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdO6RbMh/PN62G9dMjY 8Bj0S+pBzNFfhB9jJgo+si7gCcU2YLbXVrUN2IIGWcHv+E8YUSR6X03kI2OTJDDY NA4C40IEBAI1gyFtq5MhHK/tIiHHvuAHW/64Y9le6wOE5Vt1QbxS9Oivh3ne7wds 7aMWObnqyFW5cNfKCV/6LACGHeBBVAF8jwucrlM02OjAKA0OscwVa7vXlglv1fm6 qLYoNvWYaQV9WMuooWuQ3r6wfW63R7SIvs36tSXmxBZBV+Bn/gi86N9pUr9CKR4Y BSchSPfUo6vsCaeFWqXXAr0g365F8iMD38GlfYuidxoL/3rUxfd7LFJBZDVt8qZ9 ZL0CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQ6y1PeKcELYvF872GNHjhBRTrA6DAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Ny8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjY3L09zdFQzaW5CQzJMeGZPOWhqUjQ0UVVVNndPZy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdFIgwDQYJKoZIhvcNAQELBQAD ggEBAFgGIf8ChFiRDLgQbdqkXMCuYhb0F8hu/BUqABcU+5hR/eCsIC6pL2AeqFjT 1+gqkh3Vk3AWhzQ8O3it5/GyhcDVpKnUvAcghFFMQa8cpqNneULGnKO+qf+BZi98 U+Vy5IAOZlZC+j8ICppql5X/EzbAvcGg38kYgq60O8073xTuUO3ot+6KGdXw9pCL 2YC3+YgD79RrMF9nqaGsY5+MlzmGUKLcDQDqFW+mDAOtSrjl9QAJBY5TgcM/H8pB SO7MOshbVbSDd4DquXbWgxEcZNmILzwkBEppAueHxf9gjFeLBvXnIZgjcXEHz890 ZHXR+WxBZvy9HJ6uooSL3HcjlgI= -----END CERTIFICATE-----Generated at Fri Oct 24 08:56:14 2025 by rpki-client