$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/REpvrwhyRfumTIvW5EyRKvs9IGY.cer File: REpvrwhyRfumTIvW5EyRKvs9IGY.cer (raw, json) Hash identifier: +NUTNh6sMqjQW9IAWGXGUOGKr5uVbgz+5M1WsIYp09Q= Subject key identifier: 44:4A:6F:AF:08:72:45:FB:A6:4C:8B:D6:E4:4C:91:2A:FB:3D:20:66 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CD8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3295/REpvrwhyRfumTIvW5EyRKvs9IGY.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3295/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:09:39 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 2401:cfe0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52623 (0xcd8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:09:39 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=444A6FAF087245FBA64C8BD6E44C912AFB3D2066 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:12:dd:e0:28:fd:26:ec:a1:e9:cc:a9:25:85: 16:7d:ce:ee:be:5f:e4:44:bb:74:f5:bd:f9:94:b8: 29:7e:cd:77:dd:82:4f:e5:fa:4b:90:5d:84:0b:9a: 5b:e9:3f:a8:b7:77:16:9a:07:d4:b6:31:17:d5:8c: f5:f0:61:68:d6:ad:86:07:2b:dd:e2:3d:81:e9:45: b2:6b:e5:67:27:9b:e5:01:2b:a1:ba:8b:1d:9e:b4: 90:89:c1:aa:98:d3:4d:8c:1e:af:e5:8d:e1:3f:78: c9:3d:9a:e2:e7:48:99:61:80:d0:73:f7:4e:11:4e: f5:f6:86:76:0a:a1:02:a2:76:37:bf:34:85:d9:e1: 2e:4c:64:27:20:0c:2b:ab:fc:8f:b3:93:0f:b0:3e: 1d:61:27:c7:99:8e:9b:fc:e5:6c:28:a8:4d:78:66: c5:9c:d9:02:db:fd:e8:21:26:3d:e2:af:b9:ad:95: a7:d0:1c:98:fb:0b:f8:b1:de:86:e1:08:b1:75:1a: c1:ff:18:66:8a:cf:2d:f6:03:dc:98:0b:aa:26:af: 0e:35:2b:2a:4a:6b:c7:c4:e6:c6:02:31:3d:50:c6: b6:67:e1:07:0e:06:3f:b1:66:5c:89:73:02:be:c9: 03:89:ed:ba:b4:90:23:44:71:f8:2e:db:3c:53:b1: 1e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:4A:6F:AF:08:72:45:FB:A6:4C:8B:D6:E4:4C:91:2A:FB:3D:20:66 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3295/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3295/REpvrwhyRfumTIvW5EyRKvs9IGY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:cfe0::/32 Signature Algorithm: sha256WithRSAEncryption 81:11:6a:77:82:04:ef:b0:7e:16:2c:a0:8a:5d:0c:34:3a:02: 14:c4:b2:02:38:51:4d:be:ca:0c:c8:87:e5:a9:b0:76:1d:62: 3e:72:93:0d:bb:d0:65:e3:d2:82:1c:d3:7e:51:d8:59:f5:c6: 5d:14:b0:a2:d0:a3:26:69:34:10:92:e2:ea:6f:89:a3:68:fe: a2:2e:90:2d:17:a4:41:d1:77:75:9e:8e:bc:7f:aa:40:d1:4d: 43:dc:70:a4:0b:99:de:33:32:ac:06:59:98:25:08:38:dd:86: dd:88:5f:9e:6a:7c:eb:f2:35:d6:74:9d:b3:39:a6:b8:ad:8c: 08:6c:8e:cb:8e:ce:dc:f3:c0:2c:bd:44:97:7a:49:0f:2f:aa: eb:d2:5e:f7:2c:2a:14:1e:35:fc:14:57:72:82:22:22:63:3e: f2:67:61:93:f6:ab:b1:fc:0c:21:ec:d4:ce:ae:3d:29:d4:ff: 14:0f:74:cd:ca:fd:39:6d:a9:bb:10:39:f7:7a:72:a9:0a:95: 18:10:e2:06:4d:64:ac:e8:7c:6a:fc:ab:a7:d1:7c:f8:70:69: bd:e2:0f:bf:4e:2c:7d:2f:cd:a2:0b:74:a1:df:ef:e2:48:e9: 6f:79:51:b0:8f:3f:e1:82:dd:84:44:c8:df:7e:9d:52:4f:ed: a6:97:c0:e1 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDAM2PMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA5MzlaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDQ0NEE2RkFGMDg3MjQ1RkJBNjRDOEJENkU0NEM5MTJBRkIzRDIw NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjEt3gKP0m7KHpzKkl hRZ9zu6+X+REu3T1vfmUuCl+zXfdgk/l+kuQXYQLmlvpP6i3dxaaB9S2MRfVjPXw YWjWrYYHK93iPYHpRbJr5Wcnm+UBK6G6ix2etJCJwaqY002MHq/ljeE/eMk9muLn SJlhgNBz904RTvX2hnYKoQKidje/NIXZ4S5MZCcgDCur/I+zkw+wPh1hJ8eZjpv8 5WwoqE14ZsWc2QLb/eghJj3ir7mtlafQHJj7C/ix3obhCLF1GsH/GGaKzy32A9yY C6omrw41KypKa8fE5sYCMT1QxrZn4QcOBj+xZlyJcwK+yQOJ7bq0kCNEcfgu2zxT sR4hAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUREpvrwhyRfumTIvW5EyRKvs9IGYw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy OTUvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI5NS9SRXB2cndoeVJmdW1USXZXNUV5Ukt2czlJR1kubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHP4DANBgkqhkiG9w0BAQsF AAOCAQEAgRFqd4IE77B+Fiygil0MNDoCFMSyAjhRTb7KDMiH5amwdh1iPnKTDbvQ ZePSghzTflHYWfXGXRSwotCjJmk0EJLi6m+Jo2j+oi6QLRekQdF3dZ6OvH+qQNFN Q9xwpAuZ3jMyrAZZmCUION2G3Yhfnmp86/I11nSdszmmuK2MCGyOy47O3PPALL1E l3pJDy+q69Je9ywqFB41/BRXcoIiImM+8mdhk/arsfwMIezUzq49KdT/FA90zcr9 OW2puxA593pyqQqVGBDiBk1krOh8avyrp9F8+HBpveIPv04sfS/Nogt0od/v4kjp b3lRsI8/4YLdhETI336dUk/tppfA4Q== -----END CERTIFICATE-----Generated at Fri Apr 4 02:20:56 2025 by rpki-client