$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer File: wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer (raw, json) Hash identifier: LVuHnbXFxk8+PNd1TssAoyVQpeC2xLkF/ffRt7tn+hs= Subject key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3C63 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:05:40 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 139.9.0.0/16 IP: 139.159.128.0/17 IP: 140.210.128.0/17 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15459 (0x3c63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Apr 3 08:05:40 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:a1:39:32:80:d1:6f:97:3a:58:b8:29:8d:a3: e5:4a:9a:87:d5:55:d7:cd:ee:2b:46:f8:91:6d:67: ad:9f:39:3f:89:06:c8:87:d3:85:b3:37:07:68:05: 6f:5b:10:c6:f5:10:bc:50:b5:85:de:91:ad:40:c5: a4:f4:c6:50:e5:d4:25:2b:d7:b3:cc:e4:76:1e:7b: d9:e1:7f:ba:c1:ac:01:ef:c8:b3:f4:81:74:63:1a: 4a:de:f7:02:aa:11:63:c9:2a:10:48:f7:e4:23:a1: ff:f7:3d:65:68:ca:68:ea:b9:3d:d3:c5:af:bf:27: 5f:1d:aa:b1:b9:fa:38:39:c5:12:fa:a3:09:9e:b3: 0e:f3:c5:60:18:eb:ca:93:10:09:4f:6f:93:b7:54: 7d:51:96:12:fc:ea:0f:5c:49:a1:8b:f4:96:0c:9a: ef:5a:7b:ad:2c:95:2d:00:a5:c2:d7:d3:53:81:47: 8f:7e:13:f8:7f:0d:70:60:46:33:28:5e:a7:6f:09: 14:a1:87:85:40:e6:15:65:54:80:c6:69:b1:94:e9: f9:58:37:50:02:31:23:a8:c4:79:de:60:6b:ca:d5: 75:c7:70:5c:46:a6:94:3e:cb:c5:17:3e:aa:09:35: 9c:27:97:57:be:1e:61:cc:9f:70:43:a9:1f:d3:35: 95:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.0.0/16 139.159.128.0/17 140.210.128.0/17 Signature Algorithm: sha256WithRSAEncryption 55:c8:31:68:67:f0:55:a1:24:56:3f:30:b8:7c:34:7e:52:30: 73:57:ee:48:9f:bb:b6:76:34:ef:b8:fd:b7:47:3c:be:15:3c: 10:87:72:f8:4f:c4:68:b3:99:e0:d4:8e:3e:af:14:ed:80:9a: 66:ae:0f:76:03:0c:a5:84:bf:18:9d:fd:82:38:67:f5:69:e3: 7e:41:1a:6f:b5:49:ea:cc:fc:2e:45:e9:24:51:a8:ae:6a:35: 6f:b9:6f:f4:9a:71:ec:aa:7b:49:f9:8a:d0:58:8e:59:a9:ae: b6:e5:e9:ab:03:9a:8f:a7:02:13:81:86:7b:85:e7:e1:3d:79: 4a:ef:f1:05:33:24:79:60:e0:64:6e:e2:ac:6e:47:7b:d0:c8: 9c:18:ef:4f:e7:98:3e:a2:a5:c9:3d:97:89:44:b9:8c:dc:e0: 4e:3b:3b:e7:ed:06:0e:c2:6f:aa:83:c3:6d:9d:d3:75:42:9d: d3:f8:dd:84:81:ab:05:18:0f:71:e8:d7:a6:ad:d0:c0:67:67: a5:05:6b:38:ff:cb:fc:ea:28:1a:4a:4e:70:f1:78:f4:ba:eb: 43:d0:01:9d:9a:a1:c3:d4:54:77:dd:6c:e1:10:ba:e9:7b:ed: 44:39:bc:14:66:fe:79:ff:aa:18:57:41:dd:dd:ae:7a:65:22: 01:8a:72:e6 -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgICPGMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MDU0MFoXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoQzFEMzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVG MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyhOTKA0W+XOli4KY2j 5Uqah9VV183uK0b4kW1nrZ85P4kGyIfThbM3B2gFb1sQxvUQvFC1hd6RrUDFpPTG UOXUJSvXs8zkdh572eF/usGsAe/Is/SBdGMaSt73AqoRY8kqEEj35COh//c9ZWjK aOq5PdPFr78nXx2qsbn6ODnFEvqjCZ6zDvPFYBjrypMQCU9vk7dUfVGWEvzqD1xJ oYv0lgya71p7rSyVLQClwtfTU4FHj34T+H8NcGBGMyhep28JFKGHhUDmFWVUgMZp sZTp+Vg3UAIxI6jEed5ga8rVdcdwXEamlD7LxRc+qgk1nCeXV74eYcyfcEOpH9M1 lSECAwEAAaOCAmAwggJcMB0GA1UdDgQWBBTB0xKRY49KQEDNPVLew/8rlwnF8jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMDE0L3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww KgYIKwYBBQUHAQcBAf8EGzAZMBcEAgABMBEDAwCLCQMEB4ufgAMEB4zSgDANBgkq hkiG9w0BAQsFAAOCAQEAVcgxaGfwVaEkVj8wuHw0flIwc1fuSJ+7tnY077j9t0c8 vhU8EIdy+E/EaLOZ4NSOPq8U7YCaZq4PdgMMpYS/GJ39gjhn9WnjfkEab7VJ6sz8 LkXpJFGormo1b7lv9Jpx7Kp7SfmK0FiOWamutuXpqwOaj6cCE4GGe4Xn4T15Su/x BTMkeWDgZG7irG5He9DInBjvT+eYPqKlyT2XiUS5jNzgTjs75+0GDsJvqoPDbZ3T dUKd0/jdhIGrBRgPcejXpq3QwGdnpQVrOP/L/OooGkpOcPF49LrrQ9ABnZqhw9RU d91s4RC66XvtRDm8FGb+ef+qGFdB3d2uemUiAYpy5g== -----END CERTIFICATE-----Generated at Fri Apr 4 02:19:58 2025 by rpki-client