$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer File: Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer (raw, json) Hash identifier: X0qey9iT9BJqTT7zDSGD7DP9HFe5n8s3Ko9Fr4sZKeE= Subject key identifier: 67:9B:3B:01:A4:80:62:02:0B:A0:A0:C1:8B:C7:DD:0E:DE:1C:BB:D2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 4273 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/Z5s7AaSAYgILoKDBi8fdDt4cu9I.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:13:07 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 139.148.0.0/16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17011 (0x4273) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:13:07 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=679B3B01A48062020BA0A0C18BC7DD0EDE1CBBD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8f:e0:64:cc:6b:72:3b:a6:7f:38:9c:d9:f1: 99:af:bd:34:f3:fa:9c:ae:70:b3:d7:bc:eb:0a:6c: 75:e2:ce:fb:8f:d4:dd:02:33:84:b6:51:d7:06:57: f1:19:74:50:86:cc:c5:a7:b9:3b:21:f4:7b:4e:c0: 97:4d:fd:6f:14:a6:43:75:c6:a3:f6:56:34:4a:72: 6a:60:4f:a4:c3:1e:22:27:19:81:13:de:d5:9f:a5: a6:1b:f4:08:a0:a4:20:e7:7a:d7:0a:46:9f:c1:56: 60:2f:7b:8c:2d:e7:81:f0:80:18:c6:0e:dd:77:4c: 06:0e:ca:d0:2d:91:f7:1f:9b:e1:45:55:11:dc:cd: 5b:8c:a8:ec:9a:74:62:77:4f:01:c6:40:b9:ee:b0: 66:17:2f:55:ef:16:73:23:96:ff:02:e8:69:dd:4e: ce:48:7e:ae:2b:8d:e3:5e:01:e0:29:8d:f9:51:b3: ad:76:df:3b:26:5e:a0:0b:9a:0e:cf:96:6f:2e:88: 34:d6:86:8c:cd:55:4b:f0:d5:73:c8:5f:92:a1:2d: 92:44:21:61:8d:c9:f4:c4:81:ee:16:be:be:8a:03: 9f:0d:17:aa:f0:cf:f8:b8:c2:22:0b:00:60:79:47: 09:12:84:64:e3:c0:39:8e:da:83:a3:38:c0:62:07: d5:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:9B:3B:01:A4:80:62:02:0B:A0:A0:C1:8B:C7:DD:0E:DE:1C:BB:D2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/Z5s7AaSAYgILoKDBi8fdDt4cu9I.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.148.0.0/16 Signature Algorithm: sha256WithRSAEncryption ac:17:70:3f:9a:e0:7c:11:a2:5a:3f:69:95:c2:97:e0:70:49: b3:d2:0d:83:a0:a6:60:e9:69:2f:4d:96:ee:2a:6c:c0:1a:c0: e3:3c:e0:0d:a3:e5:d7:33:96:8f:7b:bc:9d:3e:df:d8:7d:79: 8d:1f:71:4e:c0:8e:95:ef:0f:1c:fb:67:34:71:a8:66:36:00: 0b:f4:3b:97:97:b3:c8:dc:13:6a:97:46:89:67:64:77:4e:25: 8c:36:1b:28:ca:d9:b9:29:28:5b:32:c9:d3:dd:ec:a3:51:4c: 68:c0:ab:cf:41:92:66:63:6b:0e:27:18:6f:4f:18:7d:fc:2a: fa:c2:bc:78:97:fd:b7:fd:f2:61:72:d4:00:8e:6d:6f:d6:b1: ca:e5:eb:1b:60:bc:36:64:60:3a:9a:73:10:c9:81:59:41:4c: c3:ba:86:da:29:1e:35:81:76:bd:0c:82:57:4b:15:10:4b:80: 20:90:5f:b7:99:41:22:80:16:2b:ab:c4:83:f9:98:81:dd:d3: fa:4e:99:68:de:da:5d:9d:5e:a7:42:af:c3:5b:ff:86:f0:d2: 9e:8f:57:66:31:dd:30:da:f2:ca:ef:be:33:ed:21:fb:35:58: 82:dd:a9:32:b0:e8:cd:30:cc:f6:7b:1a:40:bf:35:68:56:fa: 96:1b:3d:ab -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICQnMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMTMwN1oXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoNjc5QjNCMDFBNDgwNjIwMjBCQTBBMEMxOEJDN0REMEVERTFDQkJE MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGP4GTMa3I7pn84nNnx ma+9NPP6nK5ws9e86wpsdeLO+4/U3QIzhLZR1wZX8Rl0UIbMxae5OyH0e07Al039 bxSmQ3XGo/ZWNEpyamBPpMMeIicZgRPe1Z+lphv0CKCkIOd61wpGn8FWYC97jC3n gfCAGMYO3XdMBg7K0C2R9x+b4UVVEdzNW4yo7Jp0YndPAcZAue6wZhcvVe8WcyOW /wLoad1Ozkh+riuN414B4CmN+VGzrXbfOyZeoAuaDs+Wby6INNaGjM1VS/DVc8hf kqEtkkQhYY3J9MSB7ha+vooDnw0XqvDP+LjCIgsAYHlHCRKEZOPAOY7ag6M4wGIH 1ZsCAwEAAaOCAlIwggJOMB0GA1UdDgQWBBRnmzsBpIBiAgugoMGLx90O3hy70jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzI2MS9aNXM3QWFTQVlnSUxvS0RCaThmZER0NGN1OUkubWZ0MDEGCCsG AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMB4G CCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAi5QwDQYJKoZIhvcNAQELBQADggEB AKwXcD+a4HwRolo/aZXCl+BwSbPSDYOgpmDpaS9Nlu4qbMAawOM84A2j5dczlo97 vJ0+39h9eY0fcU7AjpXvDxz7ZzRxqGY2AAv0O5eXs8jcE2qXRolnZHdOJYw2GyjK 2bkpKFsyydPd7KNRTGjAq89BkmZjaw4nGG9PGH38KvrCvHiX/bf98mFy1ACObW/W scrl6xtgvDZkYDqacxDJgVlBTMO6htopHjWBdr0MgldLFRBLgCCQX7eZQSKAFiur xIP5mIHd0/pOmWje2l2dXqdCr8Nb/4bw0p6PV2Yx3TDa8srvvjPtIfs1WILdqTKw 6M0wzPZ7GkC/NWhW+pYbPas= -----END CERTIFICATE-----Generated at Fri Oct 24 08:56:14 2025 by rpki-client