$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XKE6BySDCbt_94ACW5r5LaxechE.cer File: XKE6BySDCbt_94ACW5r5LaxechE.cer (raw, json) Hash identifier: 8Ejk9B08ltyN0rzZijVcT5VyeYAXDHxQSzc1j2UaFnM= Subject key identifier: 5C:A1:3A:07:24:83:09:BB:7F:F7:80:02:5B:9A:F9:2D:AC:5E:72:11 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CD77 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3280/XKE6BySDCbt_94ACW5r5LaxechE.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3280/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:09:12 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 2401:9d20::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52599 (0xcd77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:09:12 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5CA13A07248309BB7FF780025B9AF92DAC5E7211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a2:1d:d9:78:59:a9:2f:96:9f:49:0b:cc:8d: 6e:1a:3f:7c:3b:5a:5e:50:92:55:e7:cf:5f:8b:5e: 3b:42:5a:14:c4:06:72:30:7a:3e:bb:49:80:2c:e7: 16:fc:cc:5e:85:e9:9e:09:1d:f2:b1:76:fe:a0:39: 83:bb:1e:96:62:d8:32:69:4a:92:bd:6f:27:0e:50: ce:aa:ad:fe:b3:5f:3d:39:2c:1d:b7:b0:d6:3c:45: aa:fc:7f:e8:e0:2e:8e:95:6f:e5:31:48:d9:63:21: 8f:12:2c:43:3f:1a:c4:db:45:7d:d3:58:c3:50:38: 15:a7:30:81:2d:e0:ea:55:77:3e:39:67:5b:62:5d: c3:0e:08:2d:a3:c3:0f:d9:bc:7f:c6:9a:a6:77:59: b5:8d:a2:ff:cb:22:bb:e5:2f:62:d9:6c:6c:88:16: 86:fd:f6:c9:47:27:51:b8:23:51:81:31:f9:3f:ec: eb:01:46:4c:b9:1d:db:1a:67:da:44:a7:17:2e:cb: e2:65:8f:49:1a:6f:d0:8c:0e:96:4a:1a:5c:83:cb: 55:bf:5c:62:24:53:5a:2d:f7:d3:b5:2a:4c:84:7b: f3:20:da:4b:00:c5:e3:d8:fe:ae:b9:fe:5e:8d:fd: 2b:dc:0d:ad:fa:79:bc:2d:8b:42:df:99:3e:22:c8: d0:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A1:3A:07:24:83:09:BB:7F:F7:80:02:5B:9A:F9:2D:AC:5E:72:11 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3280/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3280/XKE6BySDCbt_94ACW5r5LaxechE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:9d20::/32 Signature Algorithm: sha256WithRSAEncryption 59:29:28:73:b4:18:19:61:df:08:80:ed:0f:c3:5d:e0:f5:21: 9b:07:7b:60:66:51:a5:19:57:ab:4e:3b:16:f3:de:1d:f8:1a: 00:54:74:67:a6:02:3c:a3:c4:76:e1:53:1b:23:60:fd:cf:fe: e0:90:6c:57:45:01:4b:f0:de:82:f2:8e:fc:0b:cd:95:20:6d: 84:62:96:96:86:74:83:52:67:54:02:6e:8d:d6:a7:ae:83:7d: 12:c9:39:42:cf:78:13:0b:d5:9c:e5:d0:af:0b:94:0a:fe:e1: f9:da:e2:a6:8c:57:93:5b:fc:2c:9b:ed:68:7e:7b:11:36:63: db:3b:16:a9:54:64:37:dc:d5:11:f0:d6:07:26:a3:e5:2a:0f: 26:8d:10:2c:16:8b:6d:74:b1:74:23:66:89:80:ff:73:aa:81: 0f:13:0f:7b:c2:ef:1c:8c:00:cb:c6:d2:a2:3b:80:c0:96:d8: 83:bf:e6:70:fc:0a:89:b1:4a:b3:8c:72:c5:f5:f7:4c:58:5c: f0:d3:2c:06:18:15:19:33:b0:4b:c6:18:5f:c9:73:82:85:6b: e4:5f:a4:a2:51:ba:88:d8:a7:61:cd:7e:f8:77:3a:4c:82:1d: 03:73:33:fb:9b:49:a1:e4:ac:79:93:62:d8:e8:fc:f2:1a:36: f4:2e:c7:35 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDAM13MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA5MTJaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDVDQTEzQTA3MjQ4MzA5QkI3RkY3ODAwMjVCOUFGOTJEQUM1RTcy MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkoh3ZeFmpL5afSQvM jW4aP3w7Wl5QklXnz1+LXjtCWhTEBnIwej67SYAs5xb8zF6F6Z4JHfKxdv6gOYO7 HpZi2DJpSpK9bycOUM6qrf6zXz05LB23sNY8Rar8f+jgLo6Vb+UxSNljIY8SLEM/ GsTbRX3TWMNQOBWnMIEt4OpVdz45Z1tiXcMOCC2jww/ZvH/GmqZ3WbWNov/LIrvl L2LZbGyIFob99slHJ1G4I1GBMfk/7OsBRky5HdsaZ9pEpxcuy+Jlj0kab9CMDpZK GlyDy1W/XGIkU1ot99O1KkyEe/Mg2ksAxePY/q65/l6N/SvcDa36ebwti0LfmT4i yNC7AgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUXKE6BySDCbt/94ACW5r5LaxechEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy ODAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI4MC9YS0U2QnlTRENidF85NEFDVzVyNUxheGVjaEUubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGdIDANBgkqhkiG9w0BAQsF AAOCAQEAWSkoc7QYGWHfCIDtD8Nd4PUhmwd7YGZRpRlXq047FvPeHfgaAFR0Z6YC PKPEduFTGyNg/c/+4JBsV0UBS/DegvKO/AvNlSBthGKWloZ0g1JnVAJujdanroN9 Esk5Qs94EwvVnOXQrwuUCv7h+dripoxXk1v8LJvtaH57ETZj2zsWqVRkN9zVEfDW Byaj5SoPJo0QLBaLbXSxdCNmiYD/c6qBDxMPe8LvHIwAy8bSojuAwJbYg7/mcPwK ibFKs4xyxfX3TFhc8NMsBhgVGTOwS8YYX8lzgoVr5F+kolG6iNinYc1++Hc6TIId A3Mz+5tJoeSseZNi2Oj88ho29C7HNQ== -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:58 2025 by rpki-client