$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/lazTI5qu6vMSOhjdo_diO4EFNtI.cer File: lazTI5qu6vMSOhjdo_diO4EFNtI.cer (raw, json) Hash identifier: F3i9OMeWJfK82QnAHnDuGzCzvdqZSuNOdd6iCk+yi84= Subject key identifier: 95:AC:D3:23:9A:AE:EA:F3:12:3A:18:DD:A3:F7:62:3B:81:05:36:D2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 4233 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/lazTI5qu6vMSOhjdo_diO4EFNtI.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:09:17 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 160.20.130.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16947 (0x4233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:09:17 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=95ACD3239AAEEAF3123A18DDA3F7623B810536D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d3:87:51:77:79:3d:84:8a:04:58:f0:77:0a: 61:d9:4a:e5:ff:25:c5:15:d5:e3:77:00:de:b6:c5: e4:f9:57:f8:86:bf:7b:21:05:51:11:5c:db:33:d4: 3b:f4:fc:10:ad:c3:a7:36:7b:b1:93:dd:f8:42:59: 78:46:bf:80:cd:94:3a:50:33:b0:82:7a:bb:3c:16: dc:02:48:aa:77:14:95:ba:b2:8a:c6:e2:14:1a:30: 88:9c:89:13:1b:d6:40:d7:1a:87:c0:7f:33:14:c5: 62:54:9d:f9:c2:97:a4:0a:35:c1:a1:e9:4f:94:8a: 7a:12:a2:1c:fe:07:ed:e3:68:53:bb:9b:eb:af:97: f1:c0:dc:00:86:8b:26:fd:12:3b:02:1d:8e:4e:ae: ca:72:2f:97:53:f7:cc:b9:8e:77:65:c2:86:7b:67: 5a:57:80:22:0a:94:7e:24:41:22:e6:87:a0:6a:2e: f1:04:b0:aa:67:64:9f:fc:a8:a3:a4:c4:ad:88:36: af:c8:c3:00:a9:7f:6d:9f:e2:b9:97:b4:43:1f:b3: 7a:6d:d3:98:51:b0:d8:79:c3:75:d6:f8:8e:28:68: b3:cd:dc:ea:d7:6b:8d:2b:a7:f8:6f:95:f3:a8:ec: 1a:94:d9:16:f0:46:ff:54:5f:31:90:49:18:0a:e8: 34:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:AC:D3:23:9A:AE:EA:F3:12:3A:18:DD:A3:F7:62:3B:81:05:36:D2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3285/lazTI5qu6vMSOhjdo_diO4EFNtI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.20.130.0/23 Signature Algorithm: sha256WithRSAEncryption 14:97:95:0d:30:ed:bf:7d:ef:14:90:a6:63:cd:ed:57:b3:ac: 32:6d:05:6f:2b:bf:36:aa:94:83:8c:e0:ff:c6:9b:21:1f:99: 03:25:8a:11:86:4f:a3:d2:2b:d5:9c:14:2e:fc:d1:38:27:67: 56:11:fc:34:06:c0:d7:37:45:e1:0e:bf:46:54:1b:36:bf:e9: ca:41:87:7e:3c:a5:2b:ff:c5:a7:5d:ec:96:b2:18:1a:de:e4: eb:6f:f0:f3:00:c3:14:26:74:cb:76:51:31:a1:73:df:c0:ea: 40:00:1f:43:dc:27:9a:05:de:f9:10:35:12:b8:3a:57:0f:5a: 1e:b7:c2:e2:4c:3c:7b:f6:ab:ac:6b:6a:1d:2f:a7:76:11:1a: b9:d4:2b:64:a4:19:7d:a1:94:a8:5d:d9:b4:26:cd:f4:38:1e: 7d:fc:73:4d:42:06:aa:31:7b:c2:57:1b:1d:13:0f:dc:1b:3e: 69:1a:09:79:b0:d5:af:ca:4c:f9:2b:92:7a:41:13:e8:63:2a: b8:76:ab:ce:f0:bb:31:20:03:e2:17:b5:b5:64:1d:ee:9a:54: 50:18:c3:40:1a:15:26:17:99:f1:f7:7f:ab:cb:7d:b3:92:85: 80:e1:5a:41:2b:58:a3:70:5a:60:0b:42:27:0b:d7:9e:91:f1: 99:18:eb:32 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQjMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMDkxN1oXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoOTVBQ0QzMjM5QUFFRUFGMzEyM0ExOEREQTNGNzYyM0I4MTA1MzZE MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALjTh1F3eT2EigRY8HcK YdlK5f8lxRXV43cA3rbF5PlX+Ia/eyEFURFc2zPUO/T8EK3DpzZ7sZPd+EJZeEa/ gM2UOlAzsIJ6uzwW3AJIqncUlbqyisbiFBowiJyJExvWQNcah8B/MxTFYlSd+cKX pAo1waHpT5SKehKiHP4H7eNoU7ub66+X8cDcAIaLJv0SOwIdjk6uynIvl1P3zLmO d2XChntnWleAIgqUfiRBIuaHoGou8QSwqmdkn/yoo6TErYg2r8jDAKl/bZ/iuZe0 Qx+zem3TmFGw2HnDddb4jihos83c6tdrjSun+G+V86jsGpTZFvBG/1RfMZBJGAro NO0CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSVrNMjmq7q8xI6GN2j92I7gQU20jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 NS8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjg1L2xhelRJNXF1NnZNU09oamRvX2RpTzRFRk50SS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGgFIIwDQYJKoZIhvcNAQELBQAD ggEBABSXlQ0w7b997xSQpmPN7VezrDJtBW8rvzaqlIOM4P/GmyEfmQMlihGGT6PS K9WcFC780TgnZ1YR/DQGwNc3ReEOv0ZUGza/6cpBh348pSv/xadd7JayGBre5Otv 8PMAwxQmdMt2UTGhc9/A6kAAH0PcJ5oF3vkQNRK4OlcPWh63wuJMPHv2q6xrah0v p3YRGrnUK2SkGX2hlKhd2bQmzfQ4Hn38c01CBqoxe8JXGx0TD9wbPmkaCXmw1a/K TPkrknpBE+hjKrh2q87wuzEgA+IXtbVkHe6aVFAYw0AaFSYXmfH3f6vLfbOShYDh WkErWKNwWmALQicL156R8ZkY6zI= -----END CERTIFICATE-----Generated at Fri Oct 24 08:47:53 2025 by rpki-client