$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer File: Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer (raw, json) Hash identifier: GcnT2LJe0CQeIUV1DmdEpvpqWMFMehvkwj3ZSBOWyvs= Subject key identifier: 67:9B:3B:01:A4:80:62:02:0B:A0:A0:C1:8B:C7:DD:0E:DE:1C:BB:D2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3A53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/Z5s7AaSAYgILoKDBi8fdDt4cu9I.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Tue 14 Jan 2025 03:04:47 +0000 Certificate not after: Wed 14 Jan 2026 03:00:41 +0000 Subordinate resources: IP: 139.148.0.0/16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 21:29:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14931 (0x3a53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Jan 14 03:04:47 2025 GMT Not After : Jan 14 03:00:41 2026 GMT Subject: CN=679B3B01A48062020BA0A0C18BC7DD0EDE1CBBD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8f:e0:64:cc:6b:72:3b:a6:7f:38:9c:d9:f1: 99:af:bd:34:f3:fa:9c:ae:70:b3:d7:bc:eb:0a:6c: 75:e2:ce:fb:8f:d4:dd:02:33:84:b6:51:d7:06:57: f1:19:74:50:86:cc:c5:a7:b9:3b:21:f4:7b:4e:c0: 97:4d:fd:6f:14:a6:43:75:c6:a3:f6:56:34:4a:72: 6a:60:4f:a4:c3:1e:22:27:19:81:13:de:d5:9f:a5: a6:1b:f4:08:a0:a4:20:e7:7a:d7:0a:46:9f:c1:56: 60:2f:7b:8c:2d:e7:81:f0:80:18:c6:0e:dd:77:4c: 06:0e:ca:d0:2d:91:f7:1f:9b:e1:45:55:11:dc:cd: 5b:8c:a8:ec:9a:74:62:77:4f:01:c6:40:b9:ee:b0: 66:17:2f:55:ef:16:73:23:96:ff:02:e8:69:dd:4e: ce:48:7e:ae:2b:8d:e3:5e:01:e0:29:8d:f9:51:b3: ad:76:df:3b:26:5e:a0:0b:9a:0e:cf:96:6f:2e:88: 34:d6:86:8c:cd:55:4b:f0:d5:73:c8:5f:92:a1:2d: 92:44:21:61:8d:c9:f4:c4:81:ee:16:be:be:8a:03: 9f:0d:17:aa:f0:cf:f8:b8:c2:22:0b:00:60:79:47: 09:12:84:64:e3:c0:39:8e:da:83:a3:38:c0:62:07: d5:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:9B:3B:01:A4:80:62:02:0B:A0:A0:C1:8B:C7:DD:0E:DE:1C:BB:D2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/Z5s7AaSAYgILoKDBi8fdDt4cu9I.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.148.0.0/16 Signature Algorithm: sha256WithRSAEncryption 12:2e:7b:a4:75:b8:0c:53:03:e0:94:c7:f5:41:06:81:b4:1f: 85:32:96:91:d3:85:6e:82:58:ba:e6:77:60:dc:7b:10:8e:81: af:ea:1e:44:90:82:44:05:c6:29:de:e9:71:3e:2e:28:62:2b: bf:28:46:e1:6f:a5:8a:d1:ef:3e:5b:a5:a4:19:f2:39:eb:59: 2b:52:0d:a9:f7:10:4b:b9:c6:53:36:0b:37:90:44:57:1a:1e: 52:cf:37:29:a7:f2:cf:01:32:43:d3:bd:2d:dd:4f:bf:88:30: 57:ad:ca:35:c2:38:96:48:4a:85:d8:7f:e5:5c:f8:f8:ae:0a: 39:aa:f9:be:23:11:e1:72:36:1c:1e:31:bc:8d:77:5b:2a:e3: 5e:47:49:46:df:d2:27:2e:a1:cc:ef:e4:24:0e:e2:57:70:1c: 58:29:cb:11:75:eb:a9:24:a8:19:0d:0a:c4:8c:3b:ae:20:fa: bc:25:ee:90:88:70:54:fa:92:bc:21:41:6e:ce:cd:ee:a1:30: bf:72:f2:eb:8b:5f:22:8e:05:6f:d8:e2:40:a0:5f:3d:93:35: 08:70:e5:8f:e7:5a:41:6c:c1:ea:13:67:ee:d9:21:c7:ad:d1: 20:5c:97:47:d2:89:77:eb:96:c1:42:7b:59:95:73:4b:e5:71: 8b:bd:75:a1 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICOlMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDExNDAzMDQ0N1oXDTI2MDExNDAzMDA0MVowMzEx MC8GA1UEAxMoNjc5QjNCMDFBNDgwNjIwMjBCQTBBMEMxOEJDN0REMEVERTFDQkJE MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGP4GTMa3I7pn84nNnx ma+9NPP6nK5ws9e86wpsdeLO+4/U3QIzhLZR1wZX8Rl0UIbMxae5OyH0e07Al039 bxSmQ3XGo/ZWNEpyamBPpMMeIicZgRPe1Z+lphv0CKCkIOd61wpGn8FWYC97jC3n gfCAGMYO3XdMBg7K0C2R9x+b4UVVEdzNW4yo7Jp0YndPAcZAue6wZhcvVe8WcyOW /wLoad1Ozkh+riuN414B4CmN+VGzrXbfOyZeoAuaDs+Wby6INNaGjM1VS/DVc8hf kqEtkkQhYY3J9MSB7ha+vooDnw0XqvDP+LjCIgsAYHlHCRKEZOPAOY7ag6M4wGIH 1ZsCAwEAAaOCAlIwggJOMB0GA1UdDgQWBBRnmzsBpIBiAgugoMGLx90O3hy70jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzI2MS9aNXM3QWFTQVlnSUxvS0RCaThmZER0NGN1OUkubWZ0MDEGCCsG AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMB4G CCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAi5QwDQYJKoZIhvcNAQELBQADggEB ABIue6R1uAxTA+CUx/VBBoG0H4UylpHThW6CWLrmd2DcexCOga/qHkSQgkQFxine 6XE+LihiK78oRuFvpYrR7z5bpaQZ8jnrWStSDan3EEu5xlM2CzeQRFcaHlLPNymn 8s8BMkPTvS3dT7+IMFetyjXCOJZISoXYf+Vc+PiuCjmq+b4jEeFyNhweMbyNd1sq 415HSUbf0icuoczv5CQO4ldwHFgpyxF166kkqBkNCsSMO64g+rwl7pCIcFT6krwh QW7Oze6hML9y8uuLXyKOBW/Y4kCgXz2TNQhw5Y/nWkFsweoTZ+7ZIcet0SBcl0fS iXfrlsFCe1mVc0vlcYu9daE= -----END CERTIFICATE-----Generated at Wed Feb 19 20:37:13 2025 by rpki-client