$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/lazTI5qu6vMSOhjdo_diO4EFNtI.cer File: lazTI5qu6vMSOhjdo_diO4EFNtI.cer (raw, json) Hash identifier: T2iRqjCPS70o6NDth0dggDElQC1ZQATldjtj80m9Io8= Subject key identifier: 95:AC:D3:23:9A:AE:EA:F3:12:3A:18:DD:A3:F7:62:3B:81:05:36:D2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3C9F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/lazTI5qu6vMSOhjdo_diO4EFNtI.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:10:21 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 160.20.130.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15519 (0x3c9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:10:21 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=95ACD3239AAEEAF3123A18DDA3F7623B810536D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d3:87:51:77:79:3d:84:8a:04:58:f0:77:0a: 61:d9:4a:e5:ff:25:c5:15:d5:e3:77:00:de:b6:c5: e4:f9:57:f8:86:bf:7b:21:05:51:11:5c:db:33:d4: 3b:f4:fc:10:ad:c3:a7:36:7b:b1:93:dd:f8:42:59: 78:46:bf:80:cd:94:3a:50:33:b0:82:7a:bb:3c:16: dc:02:48:aa:77:14:95:ba:b2:8a:c6:e2:14:1a:30: 88:9c:89:13:1b:d6:40:d7:1a:87:c0:7f:33:14:c5: 62:54:9d:f9:c2:97:a4:0a:35:c1:a1:e9:4f:94:8a: 7a:12:a2:1c:fe:07:ed:e3:68:53:bb:9b:eb:af:97: f1:c0:dc:00:86:8b:26:fd:12:3b:02:1d:8e:4e:ae: ca:72:2f:97:53:f7:cc:b9:8e:77:65:c2:86:7b:67: 5a:57:80:22:0a:94:7e:24:41:22:e6:87:a0:6a:2e: f1:04:b0:aa:67:64:9f:fc:a8:a3:a4:c4:ad:88:36: af:c8:c3:00:a9:7f:6d:9f:e2:b9:97:b4:43:1f:b3: 7a:6d:d3:98:51:b0:d8:79:c3:75:d6:f8:8e:28:68: b3:cd:dc:ea:d7:6b:8d:2b:a7:f8:6f:95:f3:a8:ec: 1a:94:d9:16:f0:46:ff:54:5f:31:90:49:18:0a:e8: 34:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:AC:D3:23:9A:AE:EA:F3:12:3A:18:DD:A3:F7:62:3B:81:05:36:D2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/lazTI5qu6vMSOhjdo_diO4EFNtI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.20.130.0/23 Signature Algorithm: sha256WithRSAEncryption 30:dc:8d:63:18:81:c5:77:9b:75:09:30:c1:0f:df:6c:36:b3: cc:7c:cf:ac:16:14:44:69:4b:44:15:be:ba:35:fe:d0:24:6b: 6d:d0:20:73:89:a1:14:7a:a8:fc:dd:1e:29:55:a0:e1:f2:cf: 66:0a:27:bd:2f:97:78:9f:1d:d4:a1:12:1a:98:06:a6:84:06: be:11:e1:1b:49:d3:d8:af:76:3f:0b:13:05:a0:77:25:74:5d: 5d:f0:b9:c3:84:be:14:97:0a:0d:d4:3b:26:ad:c3:21:12:9a: b0:f1:0f:d1:6a:9c:b2:f8:78:bd:61:53:a8:9f:e6:12:64:10: c4:84:fa:ec:1c:32:c8:55:a9:70:05:f0:cb:7f:97:b1:da:dc: dc:12:88:a9:ac:d4:71:0c:78:ff:8d:78:ae:33:aa:f2:88:b4: 8f:7c:75:1f:8c:f8:13:66:33:cb:5f:9f:15:6b:33:79:53:9a: 5d:fa:4f:6b:4a:b0:09:b5:ed:09:e7:4e:e5:c7:2a:15:e8:47: 30:6d:27:f5:42:bf:97:ca:b3:89:cf:8a:3e:6b:de:e2:fa:bd: ba:0e:ec:d3:9f:b3:bb:1b:ed:d4:fd:bd:79:29:56:9d:57:81: 7d:23:de:e4:b3:d4:a4:71:e2:6d:1d:16:5d:2a:db:ee:a9:9c: 7d:a7:a8:90 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICPJ8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MTAyMVoXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoOTVBQ0QzMjM5QUFFRUFGMzEyM0ExOEREQTNGNzYyM0I4MTA1MzZE MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjTh1F3eT2EigRY8HcK YdlK5f8lxRXV43cA3rbF5PlX+Ia/eyEFURFc2zPUO/T8EK3DpzZ7sZPd+EJZeEa/ gM2UOlAzsIJ6uzwW3AJIqncUlbqyisbiFBowiJyJExvWQNcah8B/MxTFYlSd+cKX pAo1waHpT5SKehKiHP4H7eNoU7ub66+X8cDcAIaLJv0SOwIdjk6uynIvl1P3zLmO d2XChntnWleAIgqUfiRBIuaHoGou8QSwqmdkn/yoo6TErYg2r8jDAKl/bZ/iuZe0 Qx+zem3TmFGw2HnDddb4jihos83c6tdrjSun+G+V86jsGpTZFvBG/1RfMZBJGAro NO0CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSVrNMjmq7q8xI6GN2j92I7gQU20jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 NS8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjg1L2xhelRJNXF1NnZNU09oamRvX2RpTzRFRk50SS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGgFIIwDQYJKoZIhvcNAQELBQAD ggEBADDcjWMYgcV3m3UJMMEP32w2s8x8z6wWFERpS0QVvro1/tAka23QIHOJoRR6 qPzdHilVoOHyz2YKJ70vl3ifHdShEhqYBqaEBr4R4RtJ09ivdj8LEwWgdyV0XV3w ucOEvhSXCg3UOyatwyESmrDxD9FqnLL4eL1hU6if5hJkEMSE+uwcMshVqXAF8Mt/ l7Ha3NwSiKms1HEMeP+NeK4zqvKItI98dR+M+BNmM8tfnxVrM3lTml36T2tKsAm1 7QnnTuXHKhXoRzBtJ/VCv5fKs4nPij5r3uL6vboO7NOfs7sb7dT9vXkpVp1XgX0j 3uSz1KRx4m0dFl0q2+6pnH2nqJA= -----END CERTIFICATE-----Generated at Fri Apr 4 02:17:41 2025 by rpki-client