$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer File: Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer (raw, json) Hash identifier: vHIUbTSZw1QFP8w5MinSmC7i9SbDuJUam7nUE0BHeww= Subject key identifier: 67:9B:3B:01:A4:80:62:02:0B:A0:A0:C1:8B:C7:DD:0E:DE:1C:BB:D2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3CD7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/Z5s7AaSAYgILoKDBi8fdDt4cu9I.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:14:21 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 139.148.0.0/16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 01:37:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15575 (0x3cd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Apr 3 08:14:21 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=679B3B01A48062020BA0A0C18BC7DD0EDE1CBBD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:8f:e0:64:cc:6b:72:3b:a6:7f:38:9c:d9:f1: 99:af:bd:34:f3:fa:9c:ae:70:b3:d7:bc:eb:0a:6c: 75:e2:ce:fb:8f:d4:dd:02:33:84:b6:51:d7:06:57: f1:19:74:50:86:cc:c5:a7:b9:3b:21:f4:7b:4e:c0: 97:4d:fd:6f:14:a6:43:75:c6:a3:f6:56:34:4a:72: 6a:60:4f:a4:c3:1e:22:27:19:81:13:de:d5:9f:a5: a6:1b:f4:08:a0:a4:20:e7:7a:d7:0a:46:9f:c1:56: 60:2f:7b:8c:2d:e7:81:f0:80:18:c6:0e:dd:77:4c: 06:0e:ca:d0:2d:91:f7:1f:9b:e1:45:55:11:dc:cd: 5b:8c:a8:ec:9a:74:62:77:4f:01:c6:40:b9:ee:b0: 66:17:2f:55:ef:16:73:23:96:ff:02:e8:69:dd:4e: ce:48:7e:ae:2b:8d:e3:5e:01:e0:29:8d:f9:51:b3: ad:76:df:3b:26:5e:a0:0b:9a:0e:cf:96:6f:2e:88: 34:d6:86:8c:cd:55:4b:f0:d5:73:c8:5f:92:a1:2d: 92:44:21:61:8d:c9:f4:c4:81:ee:16:be:be:8a:03: 9f:0d:17:aa:f0:cf:f8:b8:c2:22:0b:00:60:79:47: 09:12:84:64:e3:c0:39:8e:da:83:a3:38:c0:62:07: d5:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:9B:3B:01:A4:80:62:02:0B:A0:A0:C1:8B:C7:DD:0E:DE:1C:BB:D2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/Z5s7AaSAYgILoKDBi8fdDt4cu9I.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.148.0.0/16 Signature Algorithm: sha256WithRSAEncryption 09:1c:44:e2:09:b1:33:1c:40:70:22:24:ae:59:2b:15:4a:14: 38:93:30:04:a7:7b:3d:f3:0b:09:f2:04:62:51:39:5c:91:12: 54:81:9c:60:08:4c:b5:51:b2:ca:df:26:66:9a:d6:cf:ef:ff: c6:9e:b7:c8:9d:40:d0:c8:80:d5:3b:51:9f:07:b9:27:94:c4: 6a:72:65:3f:3d:49:57:c5:a3:7c:72:4c:08:b9:0c:12:29:58: dd:4a:a8:b8:8b:96:c1:24:3a:09:4e:9e:da:cc:71:f4:4d:fa: 94:f6:0c:d5:e9:8f:99:11:3d:60:95:01:cc:dc:e8:42:ba:5b: 8d:88:1a:ba:ee:65:7d:85:68:94:96:23:36:b3:17:0f:a0:c0: 25:3c:15:0e:29:45:1b:de:ec:3a:58:bb:27:ef:74:aa:3c:32: 23:2b:b9:ed:db:8d:6c:d9:bd:66:08:46:64:8f:2d:4b:d9:fc: 78:5a:f2:74:58:6f:2e:54:e0:6b:af:fc:6e:1d:0d:f7:84:a2: 21:a3:eb:3e:95:fe:c8:2c:27:5e:2b:51:b2:aa:c3:d1:e8:bc: 2e:ef:1c:02:cd:63:03:0c:10:a2:ad:c4:27:ee:2e:85:59:1c: 3f:98:cd:b9:69:43:3b:95:92:52:23:6d:c9:20:f1:6a:11:bd: ef:ac:34:c4 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICPNcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MTQyMVoXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoNjc5QjNCMDFBNDgwNjIwMjBCQTBBMEMxOEJDN0REMEVERTFDQkJE MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGP4GTMa3I7pn84nNnx ma+9NPP6nK5ws9e86wpsdeLO+4/U3QIzhLZR1wZX8Rl0UIbMxae5OyH0e07Al039 bxSmQ3XGo/ZWNEpyamBPpMMeIicZgRPe1Z+lphv0CKCkIOd61wpGn8FWYC97jC3n gfCAGMYO3XdMBg7K0C2R9x+b4UVVEdzNW4yo7Jp0YndPAcZAue6wZhcvVe8WcyOW /wLoad1Ozkh+riuN414B4CmN+VGzrXbfOyZeoAuaDs+Wby6INNaGjM1VS/DVc8hf kqEtkkQhYY3J9MSB7ha+vooDnw0XqvDP+LjCIgsAYHlHCRKEZOPAOY7ag6M4wGIH 1ZsCAwEAAaOCAlIwggJOMB0GA1UdDgQWBBRnmzsBpIBiAgugoMGLx90O3hy70jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzI2MS9aNXM3QWFTQVlnSUxvS0RCaThmZER0NGN1OUkubWZ0MDEGCCsG AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMB4G CCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAi5QwDQYJKoZIhvcNAQELBQADggEB AAkcROIJsTMcQHAiJK5ZKxVKFDiTMASnez3zCwnyBGJROVyRElSBnGAITLVRssrf Jmaa1s/v/8aet8idQNDIgNU7UZ8HuSeUxGpyZT89SVfFo3xyTAi5DBIpWN1KqLiL lsEkOglOntrMcfRN+pT2DNXpj5kRPWCVAczc6EK6W42IGrruZX2FaJSWIzazFw+g wCU8FQ4pRRve7DpYuyfvdKo8MiMrue3bjWzZvWYIRmSPLUvZ/Hha8nRYby5U4Guv /G4dDfeEoiGj6z6V/sgsJ14rUbKqw9HovC7vHALNYwMMEKKtxCfuLoVZHD+Yzblp QzuVklIjbckg8WoRve+sNMQ= -----END CERTIFICATE-----Generated at Wed Apr 16 00:13:05 2025 by rpki-client