$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/h_17fpSNGju7kJe0WdcTt0M8C2U.cer File: h_17fpSNGju7kJe0WdcTt0M8C2U.cer (raw, json) Hash identifier: FtagngA6dJUSUvUsaloNUM644ha+NDFe0rcdQixpvIw= Subject key identifier: 87:FD:7B:7E:94:8D:1A:3B:BB:90:97:B4:59:D7:13:B7:43:3C:0B:65 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CC9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/h_17fpSNGju7kJe0WdcTt0M8C2U.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:05:16 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 2403:5280::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52381 (0xcc9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:05:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=87FD7B7E948D1A3BBB9097B459D713B7433C0B65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:4c:1a:8a:fb:e9:a6:1d:56:7f:da:29:1a:f2: 95:31:7b:2a:4d:87:a5:e2:9d:55:b4:59:b4:09:0c: d7:2f:64:fc:2e:88:d3:69:76:df:d7:fd:64:3e:71: 99:62:a3:fa:b4:6f:7c:8c:4f:38:24:d9:29:47:26: ef:47:54:27:d0:ea:56:ab:5c:3a:1b:0c:47:6a:64: 18:7b:30:f7:60:15:e7:f8:6a:a8:a7:03:ef:3c:ea: 3d:ff:14:71:35:05:b6:25:7f:be:d5:af:fe:ca:4b: e1:9c:09:d5:e7:5b:f2:b3:f0:29:4e:d1:ae:dc:a3: 58:be:19:b5:5e:a4:a7:a2:65:cd:f5:2f:02:6a:ae: d3:d4:a1:17:70:39:46:0f:d8:6b:6e:38:6a:c7:ac: 40:62:94:49:7b:4e:30:dd:32:0b:a0:74:75:69:f0: e3:03:21:9c:64:31:6f:74:7d:c2:46:10:c3:73:a4: 54:5e:58:9b:b0:3d:38:6f:74:c3:cb:9b:f9:f5:49: c5:6e:14:d6:81:1e:d0:95:7c:e6:dd:f1:26:1b:7f: a0:79:da:e3:81:36:32:10:ba:52:2a:e1:f7:9e:69: ae:73:02:e7:f1:bd:9d:09:e4:ba:62:2c:2a:d1:f5: ba:f2:9e:72:43:1e:61:09:1b:71:ae:9f:fd:c9:50: d2:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:FD:7B:7E:94:8D:1A:3B:BB:90:97:B4:59:D7:13:B7:43:3C:0B:65 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/643/h_17fpSNGju7kJe0WdcTt0M8C2U.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:5280::/32 Signature Algorithm: sha256WithRSAEncryption 34:2f:2e:11:36:07:02:f3:94:14:90:1d:66:4a:c2:f4:f3:6c: 0c:05:11:81:bb:fb:cc:59:75:2b:72:92:8e:4f:2c:86:b2:62: d4:b8:7c:19:67:26:4e:a5:94:e4:8f:00:66:bc:33:b7:09:4c: 98:69:0e:46:8d:fd:cc:22:3e:db:44:e9:f4:ab:3f:3e:85:89: 75:56:00:c3:a1:b7:81:d7:f7:81:80:42:79:76:de:14:39:61: 0a:b9:23:8a:18:2c:da:88:8e:fe:a5:6d:e5:20:72:60:15:b6: e6:1f:24:ed:8c:43:8a:b3:50:6c:9c:08:46:cf:31:29:1f:70: e6:ac:10:fb:93:63:f9:26:26:d6:cd:ff:cf:0c:6c:b3:b9:56: ec:15:39:76:80:3e:3d:5f:9a:41:a3:8f:71:ac:67:3e:ae:23: 9a:16:7b:b4:6b:be:3e:63:94:f8:79:07:c1:e0:44:6f:42:f5: a7:21:5a:01:67:1f:ce:ab:e1:c0:ae:e6:0e:4e:8f:9d:9e:9c: 30:f5:15:09:7a:82:58:a3:06:57:35:45:8b:c2:d9:9e:36:bc: 10:d4:36:4e:12:11:28:ee:a3:63:67:54:13:55:09:bd:ef:a3: 49:62:b5:9d:b2:9e:64:a8:ee:c9:55:2a:e2:ff:9f:ad:7a:a8: 80:8c:db:af -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgIDAMydMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA1MTZaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDg3RkQ3QjdFOTQ4RDFBM0JCQjkwOTdCNDU5RDcxM0I3NDMzQzBC NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0TBqK++mmHVZ/2ika 8pUxeypNh6XinVW0WbQJDNcvZPwuiNNpdt/X/WQ+cZlio/q0b3yMTzgk2SlHJu9H VCfQ6larXDobDEdqZBh7MPdgFef4aqinA+886j3/FHE1BbYlf77Vr/7KS+GcCdXn W/Kz8ClO0a7co1i+GbVepKeiZc31LwJqrtPUoRdwOUYP2GtuOGrHrEBilEl7TjDd MgugdHVp8OMDIZxkMW90fcJGEMNzpFReWJuwPThvdMPLm/n1ScVuFNaBHtCVfObd 8SYbf6B52uOBNjIQulIq4feeaa5zAufxvZ0J5LpiLCrR9brynnJDHmEJG3Gun/3J UNKLAgMBAAGjggJUMIICUDAdBgNVHQ4EFgQUh/17fpSNGju7kJe0WdcTt0M8C2Uw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0 My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC82NDMvaF8xN2ZwU05HanU3a0plMFdkY1R0ME04QzJVLm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAg BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDUoAwDQYJKoZIhvcNAQELBQAD ggEBADQvLhE2BwLzlBSQHWZKwvTzbAwFEYG7+8xZdStyko5PLIayYtS4fBlnJk6l lOSPAGa8M7cJTJhpDkaN/cwiPttE6fSrPz6FiXVWAMOht4HX94GAQnl23hQ5YQq5 I4oYLNqIjv6lbeUgcmAVtuYfJO2MQ4qzUGycCEbPMSkfcOasEPuTY/kmJtbN/88M bLO5VuwVOXaAPj1fmkGjj3GsZz6uI5oWe7Rrvj5jlPh5B8HgRG9C9achWgFnH86r 4cCu5g5Oj52enDD1FQl6glijBlc1RYvC2Z42vBDUNk4SESjuo2NnVBNVCb3vo0li tZ2ynmSo7slVKuL/n616qICM268= -----END CERTIFICATE-----Generated at Fri Apr 4 02:18:40 2025 by rpki-client