$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer File: OstT3inBC2LxfO9hjR44QUU6wOg.cer (raw, json) Hash identifier: qugP6Q5kXloacSmqHwhlgebVb0RyqnaATwdzRuQsioE= Subject key identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 40D3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 05 Sep 2025 19:33:23 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 157.20.136.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 01:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16595 (0x40d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Sep 5 19:33:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4e:e9:16:cc:87:f3:cd:eb:61:bd:74:c8:d8: f0:18:f4:4b:ea:41:cc:d1:5f:84:1f:63:26:0a:3e: b2:2e:e0:09:c5:36:60:b6:d7:56:b5:0d:d8:82:06: 59:c1:ef:f8:4f:18:51:24:7a:5f:4d:e4:23:63:93: 24:30:d8:34:0e:02:e3:42:04:04:02:35:83:21:6d: ab:93:21:1c:af:ed:22:21:c7:be:e0:07:5b:fe:b8: 63:d9:5e:eb:03:84:e5:5b:75:41:bc:52:f4:e8:af: 87:79:de:ef:07:6c:ed:a3:16:39:b9:ea:c8:55:b9: 70:d7:ca:09:5f:fa:2c:00:86:1d:e0:41:54:01:7c: 8f:0b:9c:ae:53:34:d8:e8:c0:28:0d:0e:b1:cc:15: 6b:bb:d7:96:09:6f:d5:f9:ba:a8:b6:28:36:f5:98: 69:05:7d:58:cb:a8:a1:6b:90:de:be:b0:7d:6e:b7: 47:b4:88:be:cd:fa:b5:25:e6:c4:16:41:57:e0:67: fe:08:bc:e8:df:69:52:bf:42:29:1e:18:05:27:21: 48:f7:d4:a3:ab:ec:09:a7:85:5a:a5:d7:02:bd:20: df:ae:45:f2:23:03:df:c1:a5:7d:8b:a2:77:1a:0b: ff:7a:d4:c5:f7:7b:2c:52:41:64:35:6d:f2:a6:7d: 64:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.136.0/23 Signature Algorithm: sha256WithRSAEncryption aa:98:61:c7:88:23:39:e8:24:06:0c:8e:43:b1:5b:c4:1b:91: 20:b2:66:15:3b:84:59:c2:09:6d:00:5d:1a:a0:9c:97:4a:ac: de:3e:af:f0:06:a1:8e:49:d8:83:60:3d:c9:36:4d:fa:26:36: 8a:97:ce:53:f6:b8:ee:ba:97:c7:04:92:d4:17:07:e6:10:88: 7c:41:2b:4b:1d:17:74:85:19:bc:79:5e:d7:87:3e:f1:4e:01: fc:18:fe:6f:0b:bb:78:6b:73:bc:9d:b5:22:79:18:59:ad:d5: 16:8e:01:7a:ed:07:96:75:41:8a:04:d1:2a:e8:b8:94:a5:be: 8e:81:a7:60:89:d9:8b:60:68:1a:82:5c:38:de:69:85:42:3a: 7b:34:64:7c:71:de:c6:f9:6f:4f:02:78:2b:f1:17:8b:e7:99: 54:de:e0:36:53:39:dc:8d:f2:1e:89:2d:78:f9:7e:d6:13:10: d5:06:cf:9f:e9:80:8d:34:68:91:e8:1f:f2:46:25:24:61:59: ca:b3:a1:c0:ea:22:19:98:02:de:38:29:0c:33:6a:1b:01:f8: 6a:09:f9:53:d7:75:76:56:96:41:b4:b8:e1:14:8b:6d:6b:1d: 3c:94:80:9f:d3:0e:b0:36:aa:59:79:f0:03:ef:a2:2c:78:fe: 1a:bf:91:8c -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQNMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDkwNTE5MzMyM1oXDTI2MDgwMzA4NDQ0MFowMzEx MC8GA1UEAxMoM0FDQjUzREUyOUMxMEI2MkYxN0NFRjYxOEQxRTM4NDE0NTNBQzBF ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdO6RbMh/PN62G9dMjY 8Bj0S+pBzNFfhB9jJgo+si7gCcU2YLbXVrUN2IIGWcHv+E8YUSR6X03kI2OTJDDY NA4C40IEBAI1gyFtq5MhHK/tIiHHvuAHW/64Y9le6wOE5Vt1QbxS9Oivh3ne7wds 7aMWObnqyFW5cNfKCV/6LACGHeBBVAF8jwucrlM02OjAKA0OscwVa7vXlglv1fm6 qLYoNvWYaQV9WMuooWuQ3r6wfW63R7SIvs36tSXmxBZBV+Bn/gi86N9pUr9CKR4Y BSchSPfUo6vsCaeFWqXXAr0g365F8iMD38GlfYuidxoL/3rUxfd7LFJBZDVt8qZ9 ZL0CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBQ6y1PeKcELYvF872GNHjhBRTrA6DAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Ny8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjY3L09zdFQzaW5CQzJMeGZPOWhqUjQ0UVVVNndPZy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdFIgwDQYJKoZIhvcNAQELBQAD ggEBAKqYYceIIznoJAYMjkOxW8QbkSCyZhU7hFnCCW0AXRqgnJdKrN4+r/AGoY5J 2INgPck2TfomNoqXzlP2uO66l8cEktQXB+YQiHxBK0sdF3SFGbx5XteHPvFOAfwY /m8Lu3hrc7ydtSJ5GFmt1RaOAXrtB5Z1QYoE0SrouJSlvo6Bp2CJ2YtgaBqCXDje aYVCOns0ZHxx3sb5b08CeCvxF4vnmVTe4DZTOdyN8h6JLXj5ftYTENUGz5/pgI00 aJHoH/JGJSRhWcqzocDqIhmYAt44KQwzahsB+GoJ+VPXdXZWlkG0uOEUi21rHTyU gJ/TDrA2qll58APvoix4/hq/kYw= -----END CERTIFICATE-----Generated at Sat Sep 6 22:20:58 2025 by rpki-client