$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kAlV0DbmnDCpyhxy-vMqiRQlO08.cer File: kAlV0DbmnDCpyhxy-vMqiRQlO08.cer (raw, json) Hash identifier: fM9q+fAtasL22rQS57hScSn4KfVHXpBEC7dJo/UvAX4= Subject key identifier: 90:09:55:D0:36:E6:9C:30:A9:CA:1C:72:FA:F3:2A:89:14:25:3B:4F Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CDE1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3268/kAlV0DbmnDCpyhxy-vMqiRQlO08.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3268/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:11:14 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 2401:8820::/31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52705 (0xcde1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:11:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=900955D036E69C30A9CA1C72FAF32A8914253B4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:bb:db:7b:1d:e1:01:c9:40:7a:f2:01:1f:5d: 27:39:e6:5c:79:f0:72:c2:0d:41:0d:17:f7:31:0a: fe:7f:48:6d:97:06:26:ae:0e:7e:c7:f7:79:4e:7a: 43:e4:0d:41:3a:48:10:39:65:02:c1:97:1e:15:e6: d6:2d:3e:87:47:26:83:22:ee:de:08:a4:fc:05:b8: d8:ab:28:28:e3:d4:e1:6f:f7:52:25:6c:6c:6a:5b: 54:aa:c8:cc:2b:21:9f:a2:ed:fe:e5:3e:79:c3:85: 80:09:2b:07:db:1a:ac:aa:63:6a:7f:1f:55:4f:bd: 15:52:77:2b:4b:f0:26:e3:88:51:0b:f3:9a:4f:ce: be:d6:7f:00:14:eb:fb:9c:72:54:5e:16:29:fa:a8: ff:4f:f0:89:0a:4c:f7:a2:b5:55:95:06:44:c6:97: f2:d6:e8:33:8e:e4:7f:27:97:37:5a:61:09:2e:05: 6f:34:28:2f:fa:57:11:21:6e:1b:e2:a9:b2:4e:68: 68:fc:84:a5:80:bf:66:5f:57:3a:2d:a5:d5:aa:08: ff:19:20:97:be:cb:28:0e:af:e2:dd:97:a3:b4:52: d1:eb:71:0d:18:a2:dc:74:41:f1:1d:73:14:83:48: 89:70:59:ea:97:0a:00:47:7f:b0:9f:df:22:d5:a1: 87:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:09:55:D0:36:E6:9C:30:A9:CA:1C:72:FA:F3:2A:89:14:25:3B:4F X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3268/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3268/kAlV0DbmnDCpyhxy-vMqiRQlO08.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:8820::/31 Signature Algorithm: sha256WithRSAEncryption 69:5a:44:7e:59:2d:90:16:35:71:48:a5:49:07:c2:de:69:1d: 6d:11:55:47:6c:0b:98:51:bd:0a:a0:dc:7e:6c:7b:3b:ae:ea: 35:f4:01:48:08:a2:d2:8c:78:bd:90:b2:25:01:76:86:31:33: 75:fe:d0:6b:be:f5:e8:ca:a6:36:67:7c:2c:fc:1d:5b:89:71: 65:23:c3:9a:b6:83:1c:6f:48:ec:65:f9:d8:05:af:e8:88:1f: 84:b2:63:bf:6b:b3:ca:cb:dc:af:1d:7c:78:f6:93:76:c2:17: 7b:6e:02:01:3a:3d:e7:d3:9c:20:86:e0:24:33:1c:c0:de:88: 2b:ea:f8:b3:6b:e3:bf:c3:32:ef:50:01:50:08:52:08:93:6e: b4:d7:17:57:d4:d0:8b:44:41:78:9f:8e:86:1d:52:63:5e:f0: 15:e0:cf:f5:d0:7f:ff:59:d3:4d:12:b3:47:b8:6b:f3:5a:6d: 2e:81:16:92:8b:ac:2a:5c:22:76:7f:e7:ad:a9:7d:a8:3c:5e: 06:d5:1e:81:1e:ce:dc:63:ec:53:c4:b7:4a:fc:6e:b0:7a:08: f8:76:27:4f:93:1d:6f:70:d1:55:f5:b1:59:b4:25:30:7a:32: d5:fb:92:c8:ff:eb:4c:49:36:e1:57:a5:59:10:2e:f9:73:b4: 24:a2:30:d0 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDAM3hMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODExMTRaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDkwMDk1NUQwMzZFNjlDMzBBOUNBMUM3MkZBRjMyQTg5MTQyNTNC NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGu9t7HeEByUB68gEf XSc55lx58HLCDUENF/cxCv5/SG2XBiauDn7H93lOekPkDUE6SBA5ZQLBlx4V5tYt PodHJoMi7t4IpPwFuNirKCjj1OFv91IlbGxqW1SqyMwrIZ+i7f7lPnnDhYAJKwfb GqyqY2p/H1VPvRVSdytL8CbjiFEL85pPzr7WfwAU6/ucclReFin6qP9P8IkKTPei tVWVBkTGl/LW6DOO5H8nlzdaYQkuBW80KC/6VxEhbhviqbJOaGj8hKWAv2ZfVzot pdWqCP8ZIJe+yygOr+Ldl6O0UtHrcQ0Yotx0QfEdcxSDSIlwWeqXCgBHf7Cf3yLV oYdZAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUkAlV0DbmnDCpyhxy+vMqiRQlO08w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy NjgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI2OC9rQWxWMERibW5EQ3B5aHh5LXZNcWlSUWxPMDgubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBJAGIIDANBgkqhkiG9w0BAQsF AAOCAQEAaVpEflktkBY1cUilSQfC3mkdbRFVR2wLmFG9CqDcfmx7O67qNfQBSAii 0ox4vZCyJQF2hjEzdf7Qa7716MqmNmd8LPwdW4lxZSPDmraDHG9I7GX52AWv6Igf hLJjv2uzysvcrx18ePaTdsIXe24CATo959OcIIbgJDMcwN6IK+r4s2vjv8My71AB UAhSCJNutNcXV9TQi0RBeJ+Ohh1SY17wFeDP9dB//1nTTRKzR7hr81ptLoEWkous Klwidn/nral9qDxeBtUegR7O3GPsU8S3SvxusHoI+HYnT5Mdb3DRVfWxWbQlMHoy 1fuSyP/rTEk24VelWRAu+XO0JKIw0A== -----END CERTIFICATE-----Generated at Fri Apr 4 02:18:43 2025 by rpki-client