$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer File: wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer (raw, json) Hash identifier: RbKA4HtmI06Iplmifapj8Wn5vsjWnZeXf4LZxA9CEYA= Subject key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 4237 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:09:31 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 139.9.0.0/16 IP: 139.159.128.0/17 IP: 140.210.128.0/17 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 10:36:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16951 (0x4237) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Oct 23 03:09:31 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:a1:39:32:80:d1:6f:97:3a:58:b8:29:8d:a3: e5:4a:9a:87:d5:55:d7:cd:ee:2b:46:f8:91:6d:67: ad:9f:39:3f:89:06:c8:87:d3:85:b3:37:07:68:05: 6f:5b:10:c6:f5:10:bc:50:b5:85:de:91:ad:40:c5: a4:f4:c6:50:e5:d4:25:2b:d7:b3:cc:e4:76:1e:7b: d9:e1:7f:ba:c1:ac:01:ef:c8:b3:f4:81:74:63:1a: 4a:de:f7:02:aa:11:63:c9:2a:10:48:f7:e4:23:a1: ff:f7:3d:65:68:ca:68:ea:b9:3d:d3:c5:af:bf:27: 5f:1d:aa:b1:b9:fa:38:39:c5:12:fa:a3:09:9e:b3: 0e:f3:c5:60:18:eb:ca:93:10:09:4f:6f:93:b7:54: 7d:51:96:12:fc:ea:0f:5c:49:a1:8b:f4:96:0c:9a: ef:5a:7b:ad:2c:95:2d:00:a5:c2:d7:d3:53:81:47: 8f:7e:13:f8:7f:0d:70:60:46:33:28:5e:a7:6f:09: 14:a1:87:85:40:e6:15:65:54:80:c6:69:b1:94:e9: f9:58:37:50:02:31:23:a8:c4:79:de:60:6b:ca:d5: 75:c7:70:5c:46:a6:94:3e:cb:c5:17:3e:aa:09:35: 9c:27:97:57:be:1e:61:cc:9f:70:43:a9:1f:d3:35: 95:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.0.0/16 139.159.128.0/17 140.210.128.0/17 Signature Algorithm: sha256WithRSAEncryption 95:e9:19:a0:4b:f7:0c:2b:19:5f:1e:97:35:34:c7:39:fa:2a: f3:55:bf:e6:29:01:e4:ae:fc:f9:a9:2b:2e:82:35:f7:7e:d3: 3f:53:b2:60:e4:a8:1d:2c:dd:70:7d:4c:c5:2c:f7:f3:96:69: 2d:28:d7:29:e1:9f:1b:9f:ef:59:7b:19:10:84:3c:45:bb:b3: 7c:1f:98:e3:45:8d:a4:0d:a8:61:96:6b:f3:08:5b:3e:79:9c: b6:92:87:02:bf:df:95:4f:79:b7:9c:db:fb:44:c3:2f:1f:0e: 19:d3:fe:85:02:44:bf:50:59:72:ec:e6:b4:00:10:a5:91:37: d6:b5:aa:39:75:8f:e2:fb:ee:34:9b:a7:e6:1a:e5:07:61:da: 41:a6:61:90:14:c6:c8:8a:32:98:6c:ea:07:24:53:55:9e:84: 8c:b8:6e:67:81:cf:d8:0d:a1:61:a0:7a:12:75:b9:f2:9d:34: 64:e6:bb:50:ac:2c:02:d2:1f:9e:e0:5d:3e:0c:ee:bd:82:00: 21:21:f3:d2:13:83:09:88:ba:47:90:a2:7c:f3:5a:42:13:36: 64:46:cd:d4:b0:e4:ab:1b:37:5c:18:79:b5:72:5b:43:0f:8c: e5:b9:bf:01:71:bd:b8:78:d6:9c:2b:3f:a6:24:ce:57:85:18: ca:c0:0d:f2 -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgICQjcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMDkzMVoXDTI2MTAyMzAzMDEwM1owMzEx MC8GA1UEAxMoQzFEMzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVG MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyhOTKA0W+XOli4KY2j 5Uqah9VV183uK0b4kW1nrZ85P4kGyIfThbM3B2gFb1sQxvUQvFC1hd6RrUDFpPTG UOXUJSvXs8zkdh572eF/usGsAe/Is/SBdGMaSt73AqoRY8kqEEj35COh//c9ZWjK aOq5PdPFr78nXx2qsbn6ODnFEvqjCZ6zDvPFYBjrypMQCU9vk7dUfVGWEvzqD1xJ oYv0lgya71p7rSyVLQClwtfTU4FHj34T+H8NcGBGMyhep28JFKGHhUDmFWVUgMZp sZTp+Vg3UAIxI6jEed5ga8rVdcdwXEamlD7LxRc+qgk1nCeXV74eYcyfcEOpH9M1 lSECAwEAAaOCAmAwggJcMB0GA1UdDgQWBBTB0xKRY49KQEDNPVLew/8rlwnF8jAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMDE0L3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww KgYIKwYBBQUHAQcBAf8EGzAZMBcEAgABMBEDAwCLCQMEB4ufgAMEB4zSgDANBgkq hkiG9w0BAQsFAAOCAQEAlekZoEv3DCsZXx6XNTTHOfoq81W/5ikB5K78+akrLoI1 937TP1OyYOSoHSzdcH1MxSz385ZpLSjXKeGfG5/vWXsZEIQ8RbuzfB+Y40WNpA2o YZZr8whbPnmctpKHAr/flU95t5zb+0TDLx8OGdP+hQJEv1BZcuzmtAAQpZE31rWq OXWP4vvuNJun5hrlB2HaQaZhkBTGyIoymGzqByRTVZ6EjLhuZ4HP2A2hYaB6EnW5 8p00ZOa7UKwsAtIfnuBdPgzuvYIAISHz0hODCYi6R5CifPNaQhM2ZEbN1LDkqxs3 XBh5tXJbQw+M5bm/AXG9uHjWnCs/piTOV4UYysAN8g== -----END CERTIFICATE-----Generated at Fri Oct 24 08:50:38 2025 by rpki-client