$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer (raw, json) Hash identifier: 6SChgPC9U5slxwVBt77cee9lvWj6lbF4OnNb4T9YInA= Subject key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CE21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:13:04 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.20.44.0/22 IP: 114.112.0.0/22 IP: 114.112.14.0/23 IP: 116.196.14.0/23 IP: 182.50.4.0/22 IP: 183.81.172.0/22 IP: 202.69.6.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52769 (0xce21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:13:04 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ea:b6:94:1c:a1:e5:de:d5:55:4e:4b:43:05: db:c1:7d:a1:6f:87:85:a6:d0:e2:72:10:05:b9:01: e1:f4:1b:be:98:b8:1e:23:54:61:6a:f9:1f:db:90: 89:cf:e6:1f:81:6c:be:a0:53:de:43:c4:65:30:70: f2:0e:3d:f3:fa:bd:fe:27:7f:a6:a0:fd:2c:39:c6: b0:10:62:b0:51:d0:0a:f7:c4:2f:ac:f3:b6:94:0d: 13:93:9e:2e:aa:01:f7:ca:b5:be:5c:a1:a3:9a:4b: b9:b7:bd:ba:01:67:60:a8:e2:4b:bc:14:04:1c:48: 40:65:58:fb:b6:29:e1:69:eb:2f:62:a4:28:0f:39: 2a:70:0b:88:ad:7d:4e:fa:83:82:67:61:76:a5:ee: b2:cc:d1:f7:07:d8:f8:5a:d6:b8:e5:0e:bf:88:a5: 77:47:44:f5:77:02:c5:61:f8:2f:c1:9b:54:8c:98: c4:59:f2:d1:2e:f5:41:99:41:0b:e0:44:a1:25:c5: 82:ee:a9:e2:0d:69:18:42:78:09:18:dd:98:84:a9: a1:22:83:33:e3:b4:af:90:fb:e8:4d:8b:81:4b:0a: 55:56:9b:99:74:8a:b4:26:f1:a6:20:05:3c:75:f8: 46:c1:fe:6f:21:b5:42:12:54:58:c0:e3:14:d3:c6: 3d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.20.44.0/22 114.112.0.0/22 114.112.14.0/23 116.196.14.0/23 182.50.4.0/22 183.81.172.0/22 202.69.6.0/23 Signature Algorithm: sha256WithRSAEncryption 5e:c2:86:24:28:80:53:a2:91:d8:65:f6:35:2c:a0:a0:83:a4: 1a:a0:a1:a3:03:c8:21:8f:f2:9d:d7:27:50:b8:0b:df:58:4c: fa:00:d3:c2:77:b3:ee:bf:5b:8f:51:7e:8f:cd:0f:0d:6e:de: fb:9c:62:6f:c2:fa:f0:0d:8b:4d:d4:db:12:eb:3b:6c:bf:8c: 5d:1a:e3:b8:2e:92:e1:9b:0e:b1:f0:f0:56:77:3d:36:84:0b: 6e:db:e9:0a:af:75:f4:c0:d5:d4:7a:e8:ad:35:26:e3:55:1d: 46:9d:bd:5a:49:c6:8e:09:22:da:09:c7:b3:e4:0c:1f:fc:56: 87:4e:c6:1c:82:61:63:95:79:6c:2b:6c:8c:bc:fa:ab:5d:83: fb:36:31:71:f3:b0:d7:21:90:9a:84:32:23:18:b7:70:dc:f8: eb:02:b0:fe:13:10:f3:07:4e:c1:71:53:83:8e:d7:98:af:82: 10:c9:af:ac:34:54:96:82:bf:51:5a:d5:c1:b4:4d:8e:a1:37: de:79:36:2c:08:06:2a:98:db:fc:9e:ad:e3:09:80:4a:d4:26: d5:d9:ea:6e:e1:8a:8a:dd:f3:4a:75:28:7f:c3:65:05:12:f2: 22:58:51:9e:7e:53:3b:23:32:ff:56:0a:1e:bb:6b:83:09:a7: 38:cc:bb:69 -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgIDAM4hMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODEzMDRaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDVEQTBBNUVDQzIxODJEQjAwRUI4NUM2MjMxM0Q1N0I5NkI3RkQ2 OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6raUHKHl3tVVTktD BdvBfaFvh4Wm0OJyEAW5AeH0G76YuB4jVGFq+R/bkInP5h+BbL6gU95DxGUwcPIO PfP6vf4nf6ag/Sw5xrAQYrBR0Ar3xC+s87aUDROTni6qAffKtb5coaOaS7m3vboB Z2Co4ku8FAQcSEBlWPu2KeFp6y9ipCgPOSpwC4itfU76g4JnYXal7rLM0fcH2Pha 1rjlDr+IpXdHRPV3AsVh+C/Bm1SMmMRZ8tEu9UGZQQvgRKElxYLuqeINaRhCeAkY 3ZiEqaEigzPjtK+Q++hNi4FLClVWm5l0irQm8aYgBTx1+EbB/m8htUISVFjA4xTT xj1BAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUXaCl7MIYLbAOuFxiMT1XuWt/1o4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0 MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTQwNy9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCZxQsAwQCcnAAAwQBcnAOAwQB dMQOAwQCtjIEAwQCt1GsAwQBykUGMA0GCSqGSIb3DQEBCwUAA4IBAQBewoYkKIBT opHYZfY1LKCgg6QaoKGjA8ghj/Kd1ydQuAvfWEz6ANPCd7Puv1uPUX6PzQ8Nbt77 nGJvwvrwDYtN1NsS6ztsv4xdGuO4LpLhmw6x8PBWdz02hAtu2+kKr3X0wNXUeuit NSbjVR1Gnb1aScaOCSLaCcez5Awf/FaHTsYcgmFjlXlsK2yMvPqrXYP7NjFx87DX IZCahDIjGLdw3PjrArD+ExDzB07BcVODjteYr4IQya+sNFSWgr9RWtXBtE2OoTfe eTYsCAYqmNv8nq3jCYBK1CbV2epu4YqK3fNKdSh/w2UFEvIiWFGeflM7IzL/Vgoe u2uDCac4zLtp -----END CERTIFICATE-----Generated at Fri Apr 4 02:17:44 2025 by rpki-client