$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/hPLNDLUaQjf34fOuhRnjzCZEi38.cer File: hPLNDLUaQjf34fOuhRnjzCZEi38.cer (raw, json) Hash identifier: 21kUgTEmmy+x9/MBC17t9yDsz76x/Llz9zwoS1mnkuI= Subject key identifier: 84:F2:CD:0C:B5:1A:42:37:F7:E1:F3:AE:85:19:E3:CC:26:44:8B:7F Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CEA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/415/hPLNDLUaQjf34fOuhRnjzCZEi38.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/415/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:15:42 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: AS: 45080 IP: 49.239.0.0 -- 49.239.61.255 IP: 2406:dd00::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52903 (0xcea7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:15:42 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=84F2CD0CB51A4237F7E1F3AE8519E3CC26448B7F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:72:15:9b:0d:2a:43:86:03:5c:d2:80:8b:10: 31:3d:ae:58:5e:1c:33:fa:65:b8:f9:23:08:90:28: 3c:ec:41:43:c7:66:5d:d0:13:2a:2f:ed:31:48:67: 7b:38:3c:19:a0:d9:e3:08:19:d4:08:1c:a3:fa:72: 1b:42:96:19:d6:70:c3:54:ad:a1:55:ae:b5:ed:74: f0:ab:d8:aa:51:79:f7:e9:17:aa:33:a1:f3:15:5e: 41:91:81:3b:3d:b3:b5:77:eb:4c:d0:24:ba:bc:24: bc:a5:3a:f5:36:a8:b4:51:90:a3:e7:8e:e0:c3:dc: 20:71:58:c0:e2:fc:13:38:3a:88:82:82:32:75:85: 37:c7:ad:88:c7:64:8d:7b:4b:35:01:fc:70:0f:97: 9d:77:d4:7e:f5:74:d6:d3:55:43:7b:53:08:47:6c: ed:d9:9e:04:29:c6:20:da:3b:0c:98:e4:3b:77:32: 6d:a6:2e:24:c2:e7:08:a6:5a:77:c9:3b:9f:cf:ea: de:2c:88:78:8a:5c:77:43:9d:e6:0d:68:d5:d1:10: db:bf:22:3c:4f:0e:13:c4:95:49:d0:4a:4a:5e:e5: d6:9e:51:50:c0:b8:79:11:d2:5c:d6:47:73:a0:65: ab:6a:0e:3d:63:53:e3:73:3b:10:a9:05:4c:14:99: ac:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:F2:CD:0C:B5:1A:42:37:F7:E1:F3:AE:85:19:E3:CC:26:44:8B:7F X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/415/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/415/hPLNDLUaQjf34fOuhRnjzCZEi38.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 45080 sbgp-ipAddrBlock: critical IPv4: 49.239.0.0-49.239.61.255 IPv6: 2406:dd00::/32 Signature Algorithm: sha256WithRSAEncryption 2d:64:ea:7f:b8:90:65:b0:db:33:bb:b0:4f:89:0c:5b:96:5d: 39:78:97:63:05:24:85:1a:a5:8c:59:41:e2:ca:77:3f:8a:51: 80:e2:84:2c:d6:42:71:e6:e3:a1:f3:72:d1:11:97:5c:83:33: bb:24:d9:73:65:85:64:d3:9d:6b:72:6c:33:30:c3:bb:5a:70: c6:b7:f8:02:e9:d4:c3:4e:b1:e1:b8:10:2f:5b:e9:f2:56:2c: 37:a5:9b:32:b2:be:5e:4e:c7:8f:47:3c:24:47:41:bd:db:48: 98:c8:89:26:85:15:50:d9:ab:7b:4c:d7:41:50:72:44:49:00: f0:92:8f:50:2a:cd:8e:40:ac:72:a3:03:8e:92:20:87:73:5d: ab:de:32:2f:02:25:b0:a4:6a:4f:4a:ae:5f:12:89:85:a6:ca: 8c:61:e5:94:fd:ed:9a:ba:3e:b1:d4:65:1f:12:5a:9d:52:8d: 52:7c:07:c5:1f:16:6d:dd:93:5b:8a:ae:ba:bb:86:97:29:fb: f5:20:6b:2f:bb:d6:dd:9d:8a:a4:37:0c:a5:af:fa:1d:d1:3f: 65:c9:8a:af:f0:0d:5b:04:c3:a6:d7:01:dc:15:ac:1a:ac:af: 1b:66:60:d3:03:92:55:9e:c5:99:9f:89:b5:62:ea:50:9c:0b: ea:98:0f:eb -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIDAM6nMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE1NDJaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDg0RjJDRDBDQjUxQTQyMzdGN0UxRjNBRTg1MTlFM0NDMjY0NDhC N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2chWbDSpDhgNc0oCL EDE9rlheHDP6Zbj5IwiQKDzsQUPHZl3QEyov7TFIZ3s4PBmg2eMIGdQIHKP6chtC lhnWcMNUraFVrrXtdPCr2KpReffpF6ozofMVXkGRgTs9s7V360zQJLq8JLylOvU2 qLRRkKPnjuDD3CBxWMDi/BM4OoiCgjJ1hTfHrYjHZI17SzUB/HAPl5131H71dNbT VUN7UwhHbO3ZngQpxiDaOwyY5Dt3Mm2mLiTC5wimWnfJO5/P6t4siHiKXHdDneYN aNXRENu/IjxPDhPElUnQSkpe5daeUVDAuHkR0lzWR3OgZatqDj1jU+NzOxCpBUwU mazVAgMBAAGjggKFMIICgTAdBgNVHQ4EFgQUhPLNDLUaQjf34fOuhRnjzCZEi38w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQx NS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC80MTUvaFBMTkRMVWFRamYzNGZPdWhSbmp6Q1pFaTM4Lm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAsBgwNQYIKwYBBQUHAQcBAf8EJjAkMBME AgABMA0wCwMDADHvAwQBMe88MA0EAgACMAcDBQAkBt0AMA0GCSqGSIb3DQEBCwUA A4IBAQAtZOp/uJBlsNszu7BPiQxbll05eJdjBSSFGqWMWUHiync/ilGA4oQs1kJx 5uOh83LREZdcgzO7JNlzZYVk051rcmwzMMO7WnDGt/gC6dTDTrHhuBAvW+nyViw3 pZsysr5eTsePRzwkR0G920iYyIkmhRVQ2at7TNdBUHJESQDwko9QKs2OQKxyowOO kiCHc12r3jIvAiWwpGpPSq5fEomFpsqMYeWU/e2auj6x1GUfElqdUo1SfAfFHxZt 3ZNbiq66u4aXKfv1IGsvu9bdnYqkNwylr/od0T9lyYqv8A1bBMOm1wHcFawarK8b ZmDTA5JVnsWZn4m1YupQnAvqmA/r -----END CERTIFICATE-----Generated at Fri Apr 4 02:18:39 2025 by rpki-client