$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/RJgA4NOab6QpLdGwZto9qI0i-rw.cer File: RJgA4NOab6QpLdGwZto9qI0i-rw.cer (raw, json) Hash identifier: eoIb4kpaxiSqQOuCBT7fh2S0MhWPOrt5j1PIEQrBuhE= Subject key identifier: 44:98:00:E0:D3:9A:6F:A4:29:2D:D1:B0:66:DA:3D:A8:8D:22:FA:BC Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 425F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/RJgA4NOab6QpLdGwZto9qI0i-rw.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:12:12 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 160.250.14.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16991 (0x425f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:12:12 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=449800E0D39A6FA4292DD1B066DA3DA88D22FABC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:9b:13:67:6d:f8:d2:3d:ae:b1:9d:c5:c1:08: d5:de:1d:5b:36:a2:82:72:cf:22:96:c6:52:b1:a0: 53:79:6f:47:32:ff:9e:b5:75:f0:c3:1e:04:5e:7b: 03:08:3d:3c:cb:db:11:a2:4d:c9:57:73:f0:3a:37: 8e:73:b1:29:0f:71:71:ef:0a:b3:7a:7b:79:ff:33: 23:b9:bb:c5:8b:8b:b7:24:da:5f:19:ce:19:e0:4e: 3f:ea:af:67:5d:73:61:51:54:29:17:a5:8f:d8:7d: 11:19:9c:ac:f1:ee:35:2d:01:98:15:1e:9e:f0:6e: e6:48:85:5f:9b:fc:9a:24:8d:0f:ad:cb:b3:e7:ea: 95:27:a7:5c:79:9f:af:8a:71:01:b3:21:80:29:9b: 5b:8e:a7:0f:b6:39:e6:5f:95:72:4a:60:03:59:9f: d6:86:31:59:52:40:4b:45:0b:2e:dc:8a:31:12:28: ed:7c:5c:cf:b5:ea:a4:53:19:de:36:2b:ce:bd:57: c4:2d:39:2e:9e:da:af:be:d4:72:49:7d:50:a7:b4: ef:d7:a3:7b:8b:f1:96:96:54:87:71:5d:78:f9:5d: 7e:9f:13:7f:95:65:bd:9d:05:4f:2f:7c:12:f6:36: 3d:8e:c9:b9:da:45:a3:a3:a0:11:5a:9c:b2:9e:5f: a7:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:98:00:E0:D3:9A:6F:A4:29:2D:D1:B0:66:DA:3D:A8:8D:22:FA:BC X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3324/RJgA4NOab6QpLdGwZto9qI0i-rw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.250.14.0/23 Signature Algorithm: sha256WithRSAEncryption 0d:f3:71:2d:96:10:e6:9c:59:46:ff:c0:ad:70:40:f9:70:6c: 47:7d:a2:36:d3:3f:9a:23:24:74:8c:50:77:e5:79:5f:eb:c4: 4f:17:3f:5c:1a:c1:15:9d:15:e3:6c:da:72:db:38:1d:6b:f4: 9e:72:bd:60:82:fd:db:de:af:2c:dd:e4:e6:be:ec:d6:69:fe: 4e:92:60:b8:1e:13:96:c7:47:e2:ec:ac:36:01:b0:09:e4:37: d8:df:14:09:14:44:94:56:eb:d0:4e:b0:06:ac:d4:79:e6:6c: ad:71:e0:30:76:68:43:0c:19:9a:90:26:8c:b6:9d:3c:18:4f: d3:1d:68:5f:17:56:27:15:7d:67:d6:b7:2e:6c:7b:47:66:10: 0f:0b:01:5a:54:d0:8b:0d:ad:12:88:9e:d4:a4:27:92:8f:6d: f3:04:03:d3:3c:c8:d1:b5:83:d0:a5:5e:c6:82:dc:fd:fb:9e: f7:75:64:65:a6:28:3a:e1:52:f1:35:e8:b5:75:fd:1a:50:80: 89:ea:2b:49:0f:7d:cc:2f:3a:a3:04:de:7f:e8:4c:09:0a:cc: bf:7e:a7:9a:63:ee:c5:c8:03:ab:07:45:16:6a:fc:1c:76:30: bf:d7:6f:ed:a9:e6:3e:05:77:b9:c0:57:0e:12:31:ee:17:e2: ae:f3:04:a3 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQl8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMTIxMloXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoNDQ5ODAwRTBEMzlBNkZBNDI5MkREMUIwNjZEQTNEQTg4RDIyRkFC QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2bE2dt+NI9rrGdxcEI 1d4dWzaignLPIpbGUrGgU3lvRzL/nrV18MMeBF57Awg9PMvbEaJNyVdz8Do3jnOx KQ9xce8Ks3p7ef8zI7m7xYuLtyTaXxnOGeBOP+qvZ11zYVFUKRelj9h9ERmcrPHu NS0BmBUenvBu5kiFX5v8miSND63Ls+fqlSenXHmfr4pxAbMhgCmbW46nD7Y55l+V ckpgA1mf1oYxWVJAS0ULLtyKMRIo7Xxcz7XqpFMZ3jYrzr1XxC05Lp7ar77Uckl9 UKe079eje4vxlpZUh3FdePldfp8Tf5VlvZ0FTy98EvY2PY7JudpFo6OgEVqcsp5f p/8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBREmADg05pvpCkt0bBm2j2ojSL6vDAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy NC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzI0L1JKZ0E0Tk9hYjZRcExkR3dadG85cUkwaS1ydy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg+g4wDQYJKoZIhvcNAQELBQAD ggEBAA3zcS2WEOacWUb/wK1wQPlwbEd9ojbTP5ojJHSMUHfleV/rxE8XP1wawRWd FeNs2nLbOB1r9J5yvWCC/dveryzd5Oa+7NZp/k6SYLgeE5bHR+LsrDYBsAnkN9jf FAkURJRW69BOsAas1HnmbK1x4DB2aEMMGZqQJoy2nTwYT9MdaF8XVicVfWfWty5s e0dmEA8LAVpU0IsNrRKIntSkJ5KPbfMEA9M8yNG1g9ClXsaC3P37nvd1ZGWmKDrh UvE16LV1/RpQgInqK0kPfcwvOqME3n/oTAkKzL9+p5pj7sXIA6sHRRZq/Bx2ML/X b+2p5j4Fd7nAVw4SMe4X4q7zBKM= -----END CERTIFICATE-----Generated at Fri Oct 24 08:47:53 2025 by rpki-client