$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer File: Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer (raw, json) Hash identifier: rYB5rZ18xjFNjXjK0NpjCg0uyQ7LPdwlXh2S2f8vmpA= Subject key identifier: 63:D6:C9:D8:94:17:44:BA:15:48:00:50:C0:4E:F5:33:20:CA:0F:C3 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: B0FB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 28 Mar 2024 11:24:54 +0000 Certificate not after: Fri 28 Mar 2025 11:22:23 +0000 Subordinate resources: IP: 103.125.236.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 05:56:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45307 (0xb0fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Mar 28 11:24:54 2024 GMT Not After : Mar 28 11:22:23 2025 GMT Subject: CN=63D6C9D8941744BA15480050C04EF53320CA0FC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:e0:8c:f1:7e:31:a0:64:44:fc:77:af:de:fc: 5f:50:59:e6:7d:b4:f2:36:b6:53:a8:d2:df:17:59: 00:49:a9:74:14:7c:33:63:de:f6:63:13:17:a2:12: a1:a7:a8:7b:ee:1b:9e:87:5a:72:4f:f3:89:ae:37: f8:63:d0:29:ce:45:41:56:24:5d:d1:b5:b9:88:d2: 98:7c:d9:2d:93:36:3b:eb:14:22:db:d7:ac:6b:b7: c8:a5:25:fa:ba:d3:ac:cd:a6:9e:84:83:c1:ad:9b: 7f:5b:64:4f:6f:cf:57:97:03:ce:72:46:e0:7a:98: 4d:77:91:d5:07:d6:90:65:1b:2b:54:57:30:d9:44: 9c:30:7d:56:8f:42:76:0c:3f:6d:fc:32:dc:ce:89: e1:ad:9a:1b:9e:3e:27:69:97:53:d1:47:6e:cb:1e: 47:39:43:4a:b6:62:ee:78:ac:b8:bf:ac:c1:fe:d3: 44:21:04:9b:14:cf:94:f4:d4:c9:cd:ad:eb:2c:e7: d7:b0:36:95:e7:fe:12:af:e0:08:bc:81:e2:c3:8f: 42:cf:52:d2:d4:2e:34:19:ad:db:33:c2:e0:22:20: e3:20:ab:57:d8:2f:60:5d:63:b3:b1:b6:bb:04:ca: 6d:9f:1a:85:78:ce:b0:80:aa:a0:9a:52:a1:8c:8f: 50:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D6:C9:D8:94:17:44:BA:15:48:00:50:C0:4E:F5:33:20:CA:0F:C3 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.125.236.0/22 Signature Algorithm: sha256WithRSAEncryption 53:30:5d:31:78:29:91:91:c3:a0:1f:8d:5b:81:d6:46:a3:6a: 0c:3d:87:85:06:33:33:89:51:f5:5d:27:c1:85:37:37:54:21: 00:7a:1c:ec:ea:65:28:f4:00:5c:1c:99:b7:5e:02:d1:c5:7c: 73:e8:dc:12:5d:3c:83:fb:e2:17:a7:24:db:2f:07:5a:08:78: e3:64:4f:87:83:7f:be:77:bf:20:d1:51:f0:ad:9c:92:df:23: 83:62:2a:a1:be:ef:9c:57:7d:71:95:4d:0c:c9:24:dc:40:70: b1:55:d7:c8:79:0d:c1:3c:b4:f7:f8:08:98:df:ec:52:f0:93: 59:17:fa:3c:b5:54:03:3f:d0:21:00:76:49:9d:78:da:f6:da: 9a:ef:64:f3:69:db:d9:af:b8:c3:8e:f5:a8:8d:62:02:3c:9e: 9a:7e:12:fb:b2:c8:1a:d1:b2:5a:ed:43:0d:df:d8:25:d2:e1: af:fd:07:8b:00:84:e1:ed:27:63:28:74:ff:cb:fc:43:2f:ed: 53:a3:74:78:95:2a:8d:ab:6a:49:2b:3a:c5:f2:0d:47:a3:f9: 8e:c7:87:e6:97:0a:0a:e7:66:94:b5:b7:a7:54:6a:10:ed:e2: ac:b1:26:d7:0f:84:0e:44:25:8b:20:47:b5:3d:0e:b3:75:66: 51:d2:f2:b1 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDALD7MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNDAzMjgxMTI0NTRaFw0yNTAzMjgxMTIyMjNaMDMx MTAvBgNVBAMTKDYzRDZDOUQ4OTQxNzQ0QkExNTQ4MDA1MEMwNEVGNTMzMjBDQTBG QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo4IzxfjGgZET8d6/e /F9QWeZ9tPI2tlOo0t8XWQBJqXQUfDNj3vZjExeiEqGnqHvuG56HWnJP84muN/hj 0CnORUFWJF3RtbmI0ph82S2TNjvrFCLb16xrt8ilJfq606zNpp6Eg8Gtm39bZE9v z1eXA85yRuB6mE13kdUH1pBlGytUVzDZRJwwfVaPQnYMP238MtzOieGtmhuePidp l1PRR27LHkc5Q0q2Yu54rLi/rMH+00QhBJsUz5T01MnNress59ewNpXn/hKv4Ai8 geLDj0LPUtLULjQZrdszwuAiIOMgq1fYL2BdY7OxtrsEym2fGoV4zrCAqqCaUqGM j1BtAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUY9bJ2JQXRLoVSABQwE71MyDKD8Mw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 MzMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjgzMy9ZOWJKMkpRWFJMb1ZTQUJRd0U3MU15REtEOE0ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ33sMA0GCSqGSIb3DQEBCwUA A4IBAQBTMF0xeCmRkcOgH41bgdZGo2oMPYeFBjMziVH1XSfBhTc3VCEAehzs6mUo 9ABcHJm3XgLRxXxz6NwSXTyD++IXpyTbLwdaCHjjZE+Hg3++d78g0VHwrZyS3yOD Yiqhvu+cV31xlU0MySTcQHCxVdfIeQ3BPLT3+AiY3+xS8JNZF/o8tVQDP9AhAHZJ nXja9tqa72TzadvZr7jDjvWojWICPJ6afhL7ssga0bJa7UMN39gl0uGv/QeLAITh 7SdjKHT/y/xDL+1To3R4lSqNq2pJKzrF8g1Ho/mOx4fmlwoK52aUtbenVGoQ7eKs sSbXD4QORCWLIEe1PQ6zdWZR0vKx -----END CERTIFICATE-----Generated at Mon May 20 00:52:46 2024 by rpki-client on console-ams.rpki-client.org