$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/iUp18p1qbq-EUdP-mXPCDuMBfko.cer File: iUp18p1qbq-EUdP-mXPCDuMBfko.cer (raw, json) Hash identifier: H7YVzxPphvGaDQ6vtezrfM8Q2tRsEZq+QbtZuXjmoHE= Subject key identifier: 89:4A:75:F2:9D:6A:6E:AF:84:51:D3:FE:99:73:C2:0E:E3:01:7E:4A Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CCD1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/iUp18p1qbq-EUdP-mXPCDuMBfko.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:06:17 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 2400:6da0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52433 (0xccd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:06:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=894A75F29D6A6EAF8451D3FE9973C20EE3017E4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:55:47:41:2e:38:58:15:ff:7f:8c:9c:8c:13: 07:e3:e6:8a:dd:04:5f:64:6e:b9:79:ec:10:9a:00: 3d:50:3c:a8:db:f7:ef:c2:e0:8b:5a:b9:ab:77:c3: 64:b1:31:4b:27:0e:00:d2:3a:08:ad:1d:47:47:c7: 92:a1:18:fb:09:4c:29:89:a3:28:c2:1a:42:04:15: 02:58:21:ec:54:35:2c:26:f4:96:26:9f:78:1e:cc: 1d:09:2e:98:2e:d4:bb:2c:30:f4:73:3a:b8:03:57: dd:50:42:43:a8:86:38:52:86:d9:92:3b:88:26:1c: a9:f4:ca:92:77:7b:b1:27:8e:06:f4:e4:e1:41:c5: 68:33:f9:ee:b1:51:f9:c2:c9:a6:59:26:18:7a:94: ac:56:84:50:b7:1e:d0:57:c6:c8:b0:6b:96:a9:2d: 54:17:fa:e9:65:2e:fa:e9:7b:41:54:37:a6:43:ae: 86:4a:a9:db:f5:dd:32:1c:eb:49:82:77:dc:1d:14: c8:bf:ea:41:51:55:42:bb:79:0c:9b:87:cd:d3:95: e7:dd:ff:96:6d:a1:6f:9b:60:4a:d5:99:03:5f:81: 27:4a:35:a1:27:7f:24:d9:d2:51:8d:8f:bf:89:a4: 10:48:f1:10:90:ff:02:f5:09:52:78:12:29:2a:6e: 53:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:4A:75:F2:9D:6A:6E:AF:84:51:D3:FE:99:73:C2:0E:E3:01:7E:4A X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3143/iUp18p1qbq-EUdP-mXPCDuMBfko.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:6da0::/32 Signature Algorithm: sha256WithRSAEncryption 04:2b:ec:ec:ab:dd:2b:52:36:56:30:29:90:f6:df:0c:ba:1c: bc:b2:69:98:83:89:ec:74:9a:e7:11:27:40:55:f4:f7:c7:9e: fe:2a:a5:46:23:c4:a2:4a:3b:31:03:a1:81:29:90:83:be:6b: c4:bc:d6:6f:ce:a0:0d:a1:a5:16:6d:77:1d:47:7b:77:95:a7: b0:08:18:0c:2c:34:e5:5e:ff:0f:70:7d:d2:25:03:47:ca:1f: 4b:f0:b6:15:f5:83:7c:5c:45:a8:74:f5:fe:bf:5c:3e:82:ee: 1c:4f:ca:83:78:dd:2a:92:c2:18:3c:ac:64:61:83:8a:81:a8: 06:94:be:26:99:c9:0a:33:a5:75:37:a9:e7:c6:e6:1d:92:f6: 41:88:d6:03:02:44:c1:1b:b2:43:78:48:b2:43:6b:0c:97:81: 95:be:ea:d4:3d:53:e4:6d:be:d7:b2:05:b9:5e:07:fe:74:c6: e3:8b:1b:60:73:fd:60:ab:88:5f:d3:4a:76:2f:b0:0a:11:9b: 5a:da:23:7f:88:5a:c2:2a:9a:cc:48:11:c7:2d:14:15:8d:0e: 41:a9:26:8c:f8:ce:43:d0:c5:c3:a8:ff:f9:ce:6f:94:c5:a4: 6d:6a:ba:02:c4:a1:65:39:d6:f8:9f:c7:b0:9e:b3:97:ea:2b: fc:04:c6:6a -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDAMzRMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA2MTdaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDg5NEE3NUYyOUQ2QTZFQUY4NDUxRDNGRTk5NzNDMjBFRTMwMTdF NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYVUdBLjhYFf9/jJyM Ewfj5ordBF9kbrl57BCaAD1QPKjb9+/C4Itauat3w2SxMUsnDgDSOgitHUdHx5Kh GPsJTCmJoyjCGkIEFQJYIexUNSwm9JYmn3gezB0JLpgu1LssMPRzOrgDV91QQkOo hjhShtmSO4gmHKn0ypJ3e7Enjgb05OFBxWgz+e6xUfnCyaZZJhh6lKxWhFC3HtBX xsiwa5apLVQX+ullLvrpe0FUN6ZDroZKqdv13TIc60mCd9wdFMi/6kFRVUK7eQyb h83Tlefd/5ZtoW+bYErVmQNfgSdKNaEnfyTZ0lGNj7+JpBBI8RCQ/wL1CVJ4Eikq blOFAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUiUp18p1qbq+EUdP+mXPCDuMBfkow HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMx NDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzE0My9pVXAxOHAxcWJxLUVVZFAtbVhQQ0R1TUJma28ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJABtoDANBgkqhkiG9w0BAQsF AAOCAQEABCvs7KvdK1I2VjApkPbfDLocvLJpmIOJ7HSa5xEnQFX098ee/iqlRiPE oko7MQOhgSmQg75rxLzWb86gDaGlFm13HUd7d5WnsAgYDCw05V7/D3B90iUDR8of S/C2FfWDfFxFqHT1/r9cPoLuHE/Kg3jdKpLCGDysZGGDioGoBpS+JpnJCjOldTep 58bmHZL2QYjWAwJEwRuyQ3hIskNrDJeBlb7q1D1T5G2+17IFuV4H/nTG44sbYHP9 YKuIX9NKdi+wChGbWtojf4hawiqazEgRxy0UFY0OQakmjPjOQ9DFw6j/+c5vlMWk bWq6AsShZTnW+J/HsJ6zl+or/ATGag== -----END CERTIFICATE-----Generated at Fri Apr 4 02:18:53 2025 by rpki-client