$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer File: qP3wu66meVNpOJbHY_Ep2jtBg-s.cer (raw, json) Hash identifier: 8WccQjZ4CGdBn2ehZrQwb6KUiXI/Si/6sHNFY8nYbyY= Subject key identifier: A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: DBCF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 27 Aug 2025 05:38:01 +0000 Certificate not after: Thu 27 Aug 2026 05:36:57 +0000 Subordinate resources: IP: 103.24.228.0/22 IP: 103.241.220.0/22 IP: 2403:5b80::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 20:04:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56271 (0xdbcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 27 05:38:01 2025 GMT Not After : Aug 27 05:36:57 2026 GMT Subject: CN=A8FDF0BBAEA67953693896C763F129DA3B4183EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ac:63:4c:8f:df:cf:73:b5:01:b9:15:41:ef: fb:a7:82:ef:64:65:3b:8c:f1:7d:c0:04:b6:e9:cb: 16:a8:bf:ac:10:fd:cb:24:be:52:f5:43:6f:70:71: f1:fc:44:a8:0c:24:ce:e5:ad:18:47:50:0e:db:f9: 15:93:5f:98:39:d6:4d:e1:b2:36:69:f0:99:8d:06: ec:06:56:61:05:c7:44:4e:23:c2:6f:6d:0e:bd:59: 94:03:02:fd:88:5e:81:40:bd:41:31:c0:0d:5d:d1: 69:67:0e:7b:b0:b8:b9:51:6f:e5:63:f0:a9:1b:24: 8d:00:fe:ee:98:91:f4:99:d8:00:7e:20:9c:16:b3: ff:0b:91:2d:a3:28:27:97:b9:70:5c:bf:f5:d5:d7: 5d:15:7c:04:93:cb:7d:1e:5c:cf:c3:e5:43:a6:69: 3d:7f:44:9a:70:c4:6d:38:a0:c4:e7:d0:88:c2:13: c8:2f:c4:c9:3f:63:1c:bc:02:9b:83:35:72:2c:d2: 7d:3e:03:0d:75:1e:8a:bb:22:3d:ee:08:b1:4a:fc: 99:ae:ed:7a:4a:50:30:ed:1e:13:64:81:54:67:0a: 64:0c:8d:52:5d:fb:93:ef:37:21:41:fb:bd:6b:7d: fc:5e:7d:b1:34:2a:4c:fa:95:1b:e7:8b:29:d7:98: 3d:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.24.228.0/22 103.241.220.0/22 IPv6: 2403:5b80::/32 Signature Algorithm: sha256WithRSAEncryption 39:64:98:23:60:21:8c:60:32:81:d7:49:66:16:f0:3c:91:56: e2:f4:79:e1:ca:db:c4:71:13:0e:56:86:e5:1a:15:5d:34:38: bb:84:fa:08:78:ab:7f:72:b6:39:37:95:de:99:63:a4:9a:8e: fd:67:76:64:70:7c:a3:67:b9:87:5c:d9:de:05:85:75:bd:bd: 84:9c:8b:e7:78:6d:d0:f9:83:57:33:79:00:2b:7d:de:2b:e2: 1a:ac:e6:58:0a:43:82:0a:9b:59:20:44:11:80:57:02:17:30: c4:5b:df:ed:0f:96:a9:e6:ee:01:64:c2:18:25:af:44:09:97: 23:67:90:96:c5:c5:8d:db:d5:ce:45:b8:45:4d:61:15:7c:6d: 25:e7:bc:87:18:fd:a9:c6:5a:18:41:b9:2c:43:aa:bc:7e:75: da:1e:2d:f1:80:ec:07:fc:f2:58:ed:de:07:87:26:e7:b2:8a: 9a:ee:df:56:c5:1c:85:80:4d:f1:22:51:1b:5b:ef:ab:3d:39: f8:fb:a5:75:f3:27:7b:f2:7b:10:dd:9b:e0:84:60:7a:37:dc: f3:aa:e6:d6:d4:be:24:7f:50:43:c0:73:51:7f:94:59:30:25: ad:f7:34:89:8a:64:4f:57:5d:5d:13:ee:ea:37:77:c1:f9:b4: 3d:f8:ba:18 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgIDANvPMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA4MjcwNTM4MDFaFw0yNjA4MjcwNTM2NTdaMDMx MTAvBgNVBAMTKEE4RkRGMEJCQUVBNjc5NTM2OTM4OTZDNzYzRjEyOURBM0I0MTgz RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/rGNMj9/Pc7UBuRVB 7/ungu9kZTuM8X3ABLbpyxaov6wQ/cskvlL1Q29wcfH8RKgMJM7lrRhHUA7b+RWT X5g51k3hsjZp8JmNBuwGVmEFx0ROI8JvbQ69WZQDAv2IXoFAvUExwA1d0WlnDnuw uLlRb+Vj8KkbJI0A/u6YkfSZ2AB+IJwWs/8LkS2jKCeXuXBcv/XV110VfASTy30e XM/D5UOmaT1/RJpwxG04oMTn0IjCE8gvxMk/Yxy8ApuDNXIs0n0+Aw11Hoq7Ij3u CLFK/Jmu7XpKUDDtHhNkgVRnCmQMjVJd+5PvNyFB+71rffxefbE0Kkz6lRvniynX mD1tAgMBAAGjggJoMIICZDAdBgNVHQ4EFgQUqP3wu66meVNpOJbHY/Ep2jtBg+sw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU4 NS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC81ODUvcVAzd3U2Nm1lVk5wT0piSFlfRXAyanRCZy1zLm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA0 BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmcY5AMEAmfx3DANBAIAAjAHAwUA JANbgDANBgkqhkiG9w0BAQsFAAOCAQEAOWSYI2AhjGAygddJZhbwPJFW4vR54crb xHETDlaG5RoVXTQ4u4T6CHirf3K2OTeV3pljpJqO/Wd2ZHB8o2e5h1zZ3gWFdb29 hJyL53ht0PmDVzN5ACt93iviGqzmWApDggqbWSBEEYBXAhcwxFvf7Q+WqebuAWTC GCWvRAmXI2eQlsXFjdvVzkW4RU1hFXxtJee8hxj9qcZaGEG5LEOqvH512h4t8YDs B/zyWO3eB4cm57KKmu7fVsUchYBN8SJRG1vvqz05+PuldfMne/J7EN2b4IRgejfc 86rm1tS+JH9QQ8BzUX+UWTAlrfc0iYpkT1ddXRPu6jd3wfm0Pfi6GA== -----END CERTIFICATE-----Generated at Sat Sep 6 15:36:17 2025 by rpki-client