$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/a5mV9HjPG2vSjnyeKoOeyeBpgKg.cer File: a5mV9HjPG2vSjnyeKoOeyeBpgKg.cer (raw, json) Hash identifier: bafa6ydE5zj3VrHluox12/FxxqSGt26y4qjmY/sCFd8= Subject key identifier: 6B:99:95:F4:78:CF:1B:6B:D2:8E:7C:9E:2A:83:9E:C9:E0:69:80:A8 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 426D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3344/a5mV9HjPG2vSjnyeKoOeyeBpgKg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3344/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:12:49 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 161.248.42.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17005 (0x426d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:12:49 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=6B9995F478CF1B6BD28E7C9E2A839EC9E06980A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:41:7f:e3:6c:a5:39:03:95:3d:82:0a:06:e4: 7e:c3:5e:a0:a0:be:e5:4a:73:46:7b:41:d2:92:37: 4b:ba:3c:d6:3e:bb:c6:76:f7:9e:ce:d5:56:66:ca: 08:da:0f:f2:bd:50:8a:b0:b5:1b:30:d9:a2:a6:41: a8:eb:31:76:91:30:fb:72:79:f3:fe:07:15:1a:d4: 89:41:c1:d4:08:e3:ee:5b:4d:c1:d8:aa:0c:c9:5e: c7:d6:c6:24:d0:e6:e7:ac:93:24:97:ff:bf:d0:3f: 9a:cb:0c:4b:85:76:e3:2a:57:67:05:ea:5a:94:a3: b4:f2:69:18:53:59:71:04:02:f5:8e:09:e2:30:9a: fa:9b:25:95:90:96:34:7e:ee:f5:7e:a8:ee:75:98: 82:cb:dc:9f:cb:5d:cb:6d:41:ca:03:0e:1c:3e:29: 40:6f:d2:41:58:2f:f6:4c:94:ce:27:3d:5a:32:76: 2f:a0:2a:f1:4f:ce:37:ad:8f:f6:30:06:bc:64:f1: cf:a1:fe:cd:5f:7c:39:1c:39:e9:c7:7c:71:be:1d: ca:5a:19:67:99:61:02:65:3a:d6:01:70:4c:7a:b4: cb:de:6f:f2:c8:5b:8c:04:ee:49:ec:86:c4:77:0a: d2:58:bc:05:6f:15:a3:b0:2d:3d:40:eb:ce:94:68: a6:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:99:95:F4:78:CF:1B:6B:D2:8E:7C:9E:2A:83:9E:C9:E0:69:80:A8 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3344/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3344/a5mV9HjPG2vSjnyeKoOeyeBpgKg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 161.248.42.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:f9:78:3c:e0:6f:ac:07:37:c7:36:d8:b1:b5:cf:3f:69:c0: 35:83:2b:02:24:dc:1b:2a:0d:78:7f:a5:15:46:3f:57:37:4f: 6d:24:38:bf:cd:5b:dd:a3:87:67:b6:4d:c9:93:ca:94:8d:50: 3f:7a:45:83:2e:56:24:9b:a0:f9:0a:f9:76:f8:12:fa:45:ce: 4b:cf:a1:ee:e6:dc:08:bc:48:21:7a:b1:67:7e:99:ac:d8:1b: 05:18:b7:6d:79:5f:c5:39:53:42:c9:d6:4e:65:e1:01:84:6f: 2c:21:29:75:41:4e:cd:f2:f3:18:bc:7f:56:1e:0a:94:36:ae: 8a:40:f6:26:13:ca:2f:55:ac:bd:cc:a1:38:6b:6f:23:bd:33: 40:6a:6b:12:67:d2:bc:10:2b:81:ed:ce:bb:69:72:e4:4d:f3: 0f:f7:42:ee:87:c2:83:da:8c:3f:4b:68:88:56:46:02:5f:35: 2e:44:64:22:6e:b0:90:1a:13:47:12:74:25:0e:7a:4e:44:fd: 6b:86:4f:be:cb:ae:44:89:b6:11:b1:32:21:20:f5:dc:d8:82: 33:37:41:0b:2e:5b:d1:08:6d:e7:0e:c6:38:20:9d:66:6c:ed: 9d:a7:be:71:23:b3:07:f3:10:19:d5:54:20:ae:52:75:5c:3e: 60:b3:19:b8 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQm0wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMTI0OVoXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoNkI5OTk1RjQ3OENGMUI2QkQyOEU3QzlFMkE4MzlFQzlFMDY5ODBB ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANFBf+NspTkDlT2CCgbk fsNeoKC+5UpzRntB0pI3S7o81j67xnb3ns7VVmbKCNoP8r1QirC1GzDZoqZBqOsx dpEw+3J58/4HFRrUiUHB1Ajj7ltNwdiqDMlex9bGJNDm56yTJJf/v9A/mssMS4V2 4ypXZwXqWpSjtPJpGFNZcQQC9Y4J4jCa+psllZCWNH7u9X6o7nWYgsvcn8tdy21B ygMOHD4pQG/SQVgv9kyUzic9WjJ2L6Aq8U/ON62P9jAGvGTxz6H+zV98ORw56cd8 cb4dyloZZ5lhAmU61gFwTHq0y95v8shbjATuSeyGxHcK0li8BW8Vo7AtPUDrzpRo pkcCAwEAAaOCAlUwggJRMB0GA1UdDgQWBBRrmZX0eM8ba9KOfJ4qg57J4GmAqDAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 NC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzQ0L2E1bVY5SGpQRzJ2U2pueWVLb09leWVCcGdLZy5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGh+CowDQYJKoZIhvcNAQELBQAD ggEBAEz5eDzgb6wHN8c22LG1zz9pwDWDKwIk3BsqDXh/pRVGP1c3T20kOL/NW92j h2e2TcmTypSNUD96RYMuViSboPkK+Xb4EvpFzkvPoe7m3Ai8SCF6sWd+mazYGwUY t215X8U5U0LJ1k5l4QGEbywhKXVBTs3y8xi8f1YeCpQ2ropA9iYTyi9VrL3MoThr byO9M0BqaxJn0rwQK4HtzrtpcuRN8w/3Qu6HwoPajD9LaIhWRgJfNS5EZCJusJAa E0cSdCUOek5E/WuGT77LrkSJthGxMiEg9dzYgjM3QQsuW9EIbecOxjggnWZs7Z2n vnEjswfzEBnVVCCuUnVcPmCzGbg= -----END CERTIFICATE-----Generated at Fri Oct 24 08:56:15 2025 by rpki-client