$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer (raw, json) Hash identifier: rZ8ySR8fRNKbTj0gbCAdY8uCfGjySWiEnYUPwIwcLYo= Subject key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3CDF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:14:46 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 157.10.220.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15583 (0x3cdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:14:46 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:88:3c:a6:c9:f5:15:a4:7c:43:97:6f:54:b9: 88:2a:59:d0:98:20:99:f1:99:74:52:5f:3a:1d:77: d6:96:95:1b:12:23:3e:60:1f:68:1e:95:c4:c9:ef: 4d:d6:2c:d3:21:50:e1:67:ea:f2:55:b8:ad:d3:6d: 55:e2:73:69:f9:0a:43:e4:c7:77:47:e6:0d:07:99: 81:4a:2b:8a:fe:3a:12:f9:bb:2c:07:ba:df:f1:bd: 41:07:d6:77:5f:b6:f2:8b:ab:34:7b:00:cf:18:b1: 52:ad:fa:04:c1:84:cd:49:11:cc:90:39:c6:ca:3b: e6:93:f5:53:4c:9d:d1:aa:be:23:44:6a:20:74:1c: e3:00:a6:03:28:18:d9:23:fc:8c:ce:7f:8b:9c:c6: 4b:78:3f:81:10:fd:6a:38:6e:22:09:c3:7a:80:52: af:0a:f3:b2:f9:32:cb:66:aa:22:69:bf:0a:ea:52: ab:e3:5e:bb:76:34:85:d9:66:38:dc:e0:ae:e4:b6: c4:c0:2d:23:54:b1:2b:e7:ab:03:46:c1:b9:74:f7: b0:32:ee:b2:6c:3b:e9:77:74:0b:96:1d:f4:dd:e7: 69:5d:89:b8:56:c0:5f:d8:da:04:cd:f7:0d:4f:42: 74:ef:b1:54:d1:77:b5:e3:a4:7e:53:e2:36:84:71: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption 83:53:dc:58:d6:fd:cc:cc:92:34:8e:3d:09:9c:51:c3:41:99: 6f:03:40:d1:ba:48:de:81:6c:5a:c4:76:da:44:1a:5b:5c:35: eb:a5:9c:f2:ef:0c:f7:5e:3f:fe:9f:2c:47:8a:6c:f5:ec:12: b1:27:b7:99:75:6e:de:fb:fd:e9:4d:2a:55:28:20:21:3e:e5: 2f:95:43:79:c3:16:df:0e:09:b1:6a:e8:54:4d:95:9c:e8:43: d2:21:f3:b7:c1:bd:c8:9d:f0:ab:37:6a:67:1e:b8:ca:b6:87: b7:3f:6d:a0:ec:55:e9:05:a6:41:00:bc:32:d1:39:da:87:4a: 1b:59:54:a7:26:d2:4f:51:3e:da:20:11:88:87:4c:94:2d:c4: 5b:c6:74:5c:0b:bc:8a:95:d9:d8:9d:49:03:4a:4a:e6:48:4d: dc:0b:7e:4d:bc:95:7b:a0:04:d5:93:1a:f3:8a:ff:2f:76:b0: b3:25:d6:00:c9:6f:c9:cc:d5:ee:d9:0d:8f:09:ac:32:49:af: cc:bd:be:62:ae:e2:f4:ff:23:56:16:06:81:93:15:64:eb:61: 03:fb:f2:6a:c8:ad:d0:b2:be:b5:e9:81:de:d6:1b:72:6c:61: c4:4f:a1:d2:41:88:e5:5a:ca:50:92:35:78:83:4f:3a:a3:98: d3:76:c0:44 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICPN8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MTQ0NloXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoOTBGMzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhF MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWIPKbJ9RWkfEOXb1S5 iCpZ0JggmfGZdFJfOh131paVGxIjPmAfaB6VxMnvTdYs0yFQ4Wfq8lW4rdNtVeJz afkKQ+THd0fmDQeZgUoriv46Evm7LAe63/G9QQfWd1+28ourNHsAzxixUq36BMGE zUkRzJA5xso75pP1U0yd0aq+I0RqIHQc4wCmAygY2SP8jM5/i5zGS3g/gRD9ajhu IgnDeoBSrwrzsvkyy2aqImm/CupSq+Neu3Y0hdlmONzgruS2xMAtI1SxK+erA0bB uXT3sDLusmw76Xd0C5Yd9N3naV2JuFbAX9jaBM33DU9CdO+xVNF3teOkflPiNoRx uTECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQ8w4d8yfRA5B/G+CO0+pkv7d44zAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU4L2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCtwwDQYJKoZIhvcNAQELBQAD ggEBAINT3FjW/czMkjSOPQmcUcNBmW8DQNG6SN6BbFrEdtpEGltcNeulnPLvDPde P/6fLEeKbPXsErEnt5l1bt77/elNKlUoICE+5S+VQ3nDFt8OCbFq6FRNlZzoQ9Ih 87fBvcid8Ks3amceuMq2h7c/baDsVekFpkEAvDLROdqHShtZVKcm0k9RPtogEYiH TJQtxFvGdFwLvIqV2didSQNKSuZITdwLfk28lXugBNWTGvOK/y92sLMl1gDJb8nM 1e7ZDY8JrDJJr8y9vmKu4vT/I1YWBoGTFWTrYQP78mrIrdCyvrXpgd7WG3JsYcRP odJBiOVaylCSNXiDTzqjmNN2wEQ= -----END CERTIFICATE-----Generated at Fri Apr 4 02:18:50 2025 by rpki-client