$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer File: Um3mirHCXqVTIWuhLuNonNVrlkU.cer (raw, json) Hash identifier: BrbKxWLSIfOnl8UehiUxyVvZHrg78UWRJFMgxW84aKM= Subject key identifier: 52:6D:E6:8A:B1:C2:5E:A5:53:21:6B:A1:2E:E3:68:9C:D5:6B:96:45 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CD49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:08:25 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 2405:5d40::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52553 (0xcd49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:08:25 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=526DE68AB1C25EA553216BA12EE3689CD56B9645 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a1:66:98:72:36:42:8e:20:ec:8e:8e:bb:b5: be:80:d4:0f:09:d1:8d:c3:ff:3a:7b:22:87:44:f4: 21:5f:7a:24:cc:c1:a3:89:4e:54:31:3e:65:f0:cd: f4:df:bf:0b:32:ce:91:1e:c4:41:ee:cd:cb:9c:51: 18:7c:4c:0d:fc:dd:b5:41:b5:c9:9f:f6:72:37:4e: f9:d0:d6:3c:d8:93:5b:0f:12:b3:0b:73:21:e4:29: 2e:4f:60:fc:b2:a7:c4:f1:16:f6:2f:b5:6e:aa:87: b8:69:4d:1c:27:90:2f:a9:e8:19:e4:55:bf:e1:70: a7:da:2d:f3:48:2b:aa:23:bc:a6:ba:4c:3d:99:04: 6a:95:1e:d1:d1:cd:e9:68:0e:26:5c:fd:46:e0:07: 1b:b4:35:9d:6e:f0:46:00:86:ae:a6:85:79:97:99: e3:01:bc:44:bc:90:b7:e1:fa:f1:69:72:f9:0b:2d: 20:92:c8:b5:93:ae:0b:46:9c:73:ca:31:9d:a4:bb: c9:e8:e3:a1:65:63:39:39:dd:27:9f:57:dc:8b:dd: 9b:20:e2:55:88:b3:95:3f:91:3d:e6:e3:ff:08:fa: e9:cb:77:cd:d8:da:86:83:dc:34:c3:09:e0:07:e0: fa:2e:a5:dc:30:35:6b:6c:8b:0d:41:59:a2:3f:d1: b1:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:6D:E6:8A:B1:C2:5E:A5:53:21:6B:A1:2E:E3:68:9C:D5:6B:96:45 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:5d40::/32 Signature Algorithm: sha256WithRSAEncryption 2b:5f:24:fc:48:ae:2e:f4:b6:59:b6:a4:19:7b:e6:59:8e:ed: 62:c2:60:46:5d:3f:bb:86:99:5f:5a:5f:e6:19:9e:db:c2:f5: 99:12:e2:4e:a2:50:15:15:97:1d:02:cc:c8:43:a6:e5:2c:91: 22:6a:da:98:fc:26:85:38:17:bd:db:9c:05:11:94:17:19:21: b6:18:a9:57:f3:8d:ae:62:4a:77:1f:03:d3:90:73:c3:ce:69: 11:ac:5e:98:f9:e5:86:f2:69:42:36:72:c7:ff:01:00:04:4b: a9:3b:3d:71:37:eb:6a:4c:b3:81:b0:69:4f:48:e5:be:57:6f: 72:36:a5:5e:3c:2c:0c:f3:c1:df:17:62:ff:b9:24:d2:91:76: ad:32:98:b6:65:56:44:89:5a:e2:18:1a:82:bf:25:45:e2:6a: ad:cf:69:39:a4:57:26:aa:79:9e:2a:40:b3:78:21:b6:20:58: ba:9d:bc:ba:b7:bd:dc:3a:b2:84:c7:57:cd:b2:2d:c9:3e:42: 58:34:4d:f7:79:47:1f:6f:93:d6:fe:53:cf:ed:03:cf:c1:2e: 1b:8a:49:af:27:8e:d9:79:57:44:67:f6:b5:d4:36:dc:73:e3: 39:16:30:37:82:cf:76:89:5d:0f:3c:e5:e9:55:98:58:1e:ea: 82:bd:32:17 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDAM1JMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA4MjVaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDUyNkRFNjhBQjFDMjVFQTU1MzIxNkJBMTJFRTM2ODlDRDU2Qjk2 NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUoWaYcjZCjiDsjo67 tb6A1A8J0Y3D/zp7IodE9CFfeiTMwaOJTlQxPmXwzfTfvwsyzpEexEHuzcucURh8 TA383bVBtcmf9nI3TvnQ1jzYk1sPErMLcyHkKS5PYPyyp8TxFvYvtW6qh7hpTRwn kC+p6BnkVb/hcKfaLfNIK6ojvKa6TD2ZBGqVHtHRzeloDiZc/UbgBxu0NZ1u8EYA hq6mhXmXmeMBvES8kLfh+vFpcvkLLSCSyLWTrgtGnHPKMZ2ku8no46FlYzk53Sef V9yL3Zsg4lWIs5U/kT3m4/8I+unLd83Y2oaD3DTDCeAH4PoupdwwNWtsiw1BWaI/ 0bGXAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUUm3mirHCXqVTIWuhLuNonNVrlkUw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy ODYvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI4Ni9VbTNtaXJIQ1hxVlRJV3VoTHVOb25OVnJsa1UubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAVdQDANBgkqhkiG9w0BAQsF AAOCAQEAK18k/EiuLvS2WbakGXvmWY7tYsJgRl0/u4aZX1pf5hme28L1mRLiTqJQ FRWXHQLMyEOm5SyRImramPwmhTgXvducBRGUFxkhthipV/ONrmJKdx8D05Bzw85p EaxemPnlhvJpQjZyx/8BAARLqTs9cTfrakyzgbBpT0jlvldvcjalXjwsDPPB3xdi /7kk0pF2rTKYtmVWRIla4hgagr8lReJqrc9pOaRXJqp5nipAs3ghtiBYup28ure9 3DqyhMdXzbItyT5CWDRN93lHH2+T1v5Tz+0Dz8EuG4pJryeO2XlXRGf2tdQ23HPj ORYwN4LPdoldDzzl6VWYWB7qgr0yFw== -----END CERTIFICATE-----Generated at Fri Apr 4 02:22:18 2025 by rpki-client