$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer (raw, json) Hash identifier: lw+u/AoDw1efDrFTc7S7ZCLfnlkX+0lHRVWXVM0GeIA= Subject key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 427B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:13:19 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 157.10.220.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17019 (0x427b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:13:19 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:88:3c:a6:c9:f5:15:a4:7c:43:97:6f:54:b9: 88:2a:59:d0:98:20:99:f1:99:74:52:5f:3a:1d:77: d6:96:95:1b:12:23:3e:60:1f:68:1e:95:c4:c9:ef: 4d:d6:2c:d3:21:50:e1:67:ea:f2:55:b8:ad:d3:6d: 55:e2:73:69:f9:0a:43:e4:c7:77:47:e6:0d:07:99: 81:4a:2b:8a:fe:3a:12:f9:bb:2c:07:ba:df:f1:bd: 41:07:d6:77:5f:b6:f2:8b:ab:34:7b:00:cf:18:b1: 52:ad:fa:04:c1:84:cd:49:11:cc:90:39:c6:ca:3b: e6:93:f5:53:4c:9d:d1:aa:be:23:44:6a:20:74:1c: e3:00:a6:03:28:18:d9:23:fc:8c:ce:7f:8b:9c:c6: 4b:78:3f:81:10:fd:6a:38:6e:22:09:c3:7a:80:52: af:0a:f3:b2:f9:32:cb:66:aa:22:69:bf:0a:ea:52: ab:e3:5e:bb:76:34:85:d9:66:38:dc:e0:ae:e4:b6: c4:c0:2d:23:54:b1:2b:e7:ab:03:46:c1:b9:74:f7: b0:32:ee:b2:6c:3b:e9:77:74:0b:96:1d:f4:dd:e7: 69:5d:89:b8:56:c0:5f:d8:da:04:cd:f7:0d:4f:42: 74:ef:b1:54:d1:77:b5:e3:a4:7e:53:e2:36:84:71: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption 03:f6:a4:10:70:fe:c4:77:5f:3c:ec:3a:95:c8:6e:e9:67:43: ea:4d:ad:c1:27:60:55:74:7c:04:75:7a:05:46:fa:6e:59:af: 69:f2:de:30:e1:b8:16:e2:a4:f1:ba:b7:d0:4a:e5:5a:74:66: d7:87:33:3c:b7:9b:b6:3e:f0:13:fb:44:92:24:18:05:3f:56: 5e:3b:6e:bc:9b:06:c2:db:11:59:e7:b4:b7:91:c6:a5:96:4d: a0:ff:e4:0a:99:17:ea:f0:bf:1d:ed:c6:56:9f:fe:23:f9:51: 12:c4:49:1c:8a:c5:2d:d9:a9:4b:53:fa:82:93:44:76:13:5a: bb:f1:fd:b8:13:6c:c0:77:56:1d:b0:75:b6:25:52:2c:27:00: a9:6e:08:bb:cd:46:92:c1:d7:5b:2d:79:95:21:47:51:7e:d0: 0d:b4:62:cf:5e:30:0d:db:bd:04:9e:e7:96:39:7c:02:46:98: bd:7d:34:af:06:f9:bd:7f:80:0c:6d:81:50:a2:39:9c:e7:fd: fa:14:35:ad:ec:ac:98:0c:8e:d7:e0:74:e4:7d:e8:70:ac:92: 5e:91:d2:6b:80:f5:8c:82:f0:4f:e3:e3:5f:f8:d5:65:bb:0b: 7b:2e:23:7d:37:93:f8:ec:ac:fd:f6:f4:4b:6a:f8:c9:ef:cf: 82:bd:51:76 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQnswDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMTMxOVoXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoOTBGMzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhF MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWIPKbJ9RWkfEOXb1S5 iCpZ0JggmfGZdFJfOh131paVGxIjPmAfaB6VxMnvTdYs0yFQ4Wfq8lW4rdNtVeJz afkKQ+THd0fmDQeZgUoriv46Evm7LAe63/G9QQfWd1+28ourNHsAzxixUq36BMGE zUkRzJA5xso75pP1U0yd0aq+I0RqIHQc4wCmAygY2SP8jM5/i5zGS3g/gRD9ajhu IgnDeoBSrwrzsvkyy2aqImm/CupSq+Neu3Y0hdlmONzgruS2xMAtI1SxK+erA0bB uXT3sDLusmw76Xd0C5Yd9N3naV2JuFbAX9jaBM33DU9CdO+xVNF3teOkflPiNoRx uTECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQ8w4d8yfRA5B/G+CO0+pkv7d44zAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU4L2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCtwwDQYJKoZIhvcNAQELBQAD ggEBAAP2pBBw/sR3XzzsOpXIbulnQ+pNrcEnYFV0fAR1egVG+m5Zr2ny3jDhuBbi pPG6t9BK5Vp0ZteHMzy3m7Y+8BP7RJIkGAU/Vl47brybBsLbEVnntLeRxqWWTaD/ 5AqZF+rwvx3txlaf/iP5URLESRyKxS3ZqUtT+oKTRHYTWrvx/bgTbMB3Vh2wdbYl UiwnAKluCLvNRpLB11steZUhR1F+0A20Ys9eMA3bvQSe55Y5fAJGmL19NK8G+b1/ gAxtgVCiOZzn/foUNa3srJgMjtfgdOR96HCskl6R0muA9YyC8E/j41/41WW7C3su I303k/jsrP329Etq+Mnvz4K9UXY= -----END CERTIFICATE-----Generated at Fri Oct 24 08:47:53 2025 by rpki-client