$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yiG6irdU_NZK2pljjW_l5HJTtME.cer File: yiG6irdU_NZK2pljjW_l5HJTtME.cer (raw, json) Hash identifier: H/jKSAPXnS4jBi6Jz/V07UAJKSONrmsPvTiv2sSxuF0= Subject key identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: C462 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 17 Jan 2025 01:29:40 +0000 Certificate not after: Sat 27 Sep 2025 02:40:14 +0000 Subordinate resources: IP: 210.76.160.0/19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 04:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50274 (0xc462) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000 Validity Not Before: Jan 17 01:29:40 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CA21BA8AB754FCD64ADA99638D6FE5E47253B4C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8e:dd:a8:7e:40:56:ab:e1:49:1f:01:ab:ad: eb:cd:6f:98:0f:30:c5:66:bf:78:47:16:49:d4:90: cc:69:a7:2a:db:11:0f:1c:6e:2a:32:a1:a6:a6:29: 63:c0:e1:af:8f:bc:70:fd:e1:b3:88:d5:92:28:81: 51:1d:27:cf:56:9d:a6:a2:37:66:11:be:ab:2c:77: 94:5d:93:9f:f1:78:d1:a8:8e:ca:a8:b4:ec:0c:18: 4e:23:02:d7:ce:ac:43:2a:4e:64:8e:4d:1b:92:e9: 69:d6:65:f3:16:1f:6e:6e:d8:ac:bd:92:bc:87:55: 77:a9:29:3a:99:33:a8:79:e2:d2:87:c4:36:85:1a: 2b:53:50:c5:95:47:10:5c:ad:3c:9c:ba:8b:43:d0: 41:16:75:6b:8c:10:58:54:9f:53:f9:c6:81:a7:76: 59:1b:97:e3:a2:7b:58:e9:a3:7e:96:74:7d:d4:30: f2:7b:9c:59:9e:22:74:6f:cb:0b:9c:bf:76:c7:25: fd:3d:1b:41:b1:a5:20:e3:4d:86:47:40:38:4e:41: ce:eb:1d:76:3f:91:a8:95:73:1e:37:18:ab:3d:34: 00:51:a4:41:38:2a:c9:74:7f:e7:9b:42:38:16:88: 0a:5e:32:fb:4e:78:a9:e9:21:f0:fd:a8:c8:9e:6c: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.76.160.0/19 Signature Algorithm: sha256WithRSAEncryption af:84:59:d6:33:13:7a:19:6e:ba:a7:4a:4c:49:e1:81:35:a0: 30:88:e0:1b:b7:ea:e1:a4:3c:97:79:c2:b5:e1:d5:72:e6:bc: 00:6f:52:78:fb:44:cd:67:15:24:1f:4d:9d:42:99:59:33:a1: fd:96:95:21:fd:e9:1d:a4:84:1a:39:e8:76:43:9e:c7:87:42: 7d:b6:e2:9c:49:16:47:93:55:55:df:6b:21:96:3e:b1:ae:4c: 7d:1c:b9:00:79:ed:39:12:2c:fc:44:46:0f:9d:38:22:fe:97: 37:d1:58:86:fe:76:a4:16:0c:34:73:11:a5:2c:0b:39:34:e9: 27:56:c2:a6:be:3e:a3:c8:b7:82:f4:6a:71:79:ee:fe:bf:9c: 7b:3e:40:e0:62:32:06:fc:18:14:84:66:12:3c:d2:59:b1:0f: 21:3a:16:0b:2f:81:c3:2b:66:15:cc:74:dd:da:cd:b7:de:3d: 2c:80:cb:4f:06:55:6c:84:4f:67:f3:6b:c4:90:04:8f:1c:3d: eb:f0:b6:b1:7c:c2:d0:48:2c:f0:18:31:12:f2:1f:ec:70:3b: f6:2c:10:98:dc:5d:45:49:a8:cb:c6:bb:80:c5:68:51:26:4f: 8f:f2:ce:f7:11:a2:7d:79:30:0d:ef:73:b4:8a:52:77:2b:b5: fa:06:16:8b -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIDAMRiMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTAxMTcwMTI5NDBaFw0yNTA5MjcwMjQwMTRaMDMx MTAvBgNVBAMTKENBMjFCQThBQjc1NEZDRDY0QURBOTk2MzhENkZFNUU0NzI1M0I0 QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjt2ofkBWq+FJHwGr revNb5gPMMVmv3hHFknUkMxppyrbEQ8cbioyoaamKWPA4a+PvHD94bOI1ZIogVEd J89WnaaiN2YRvqssd5Rdk5/xeNGojsqotOwMGE4jAtfOrEMqTmSOTRuS6WnWZfMW H25u2Ky9kryHVXepKTqZM6h54tKHxDaFGitTUMWVRxBcrTycuotD0EEWdWuMEFhU n1P5xoGndlkbl+Oie1jpo36WdH3UMPJ7nFmeInRvywucv3bHJf09G0GxpSDjTYZH QDhOQc7rHXY/kaiVcx43GKs9NABRpEE4Ksl0f+ebQjgWiApeMvtOeKnpIfD9qMie bG63AgMBAAGjggJRMIICTTAdBgNVHQ4EFgQUyiG6irdU/NZK2pljjW/l5HJTtMEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzk4 LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzk4L3lpRzZpcmRVX05aSzJwbGpqV19sNUhKVHRNRS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSTKAwDQYJKoZIhvcNAQELBQADggEB AK+EWdYzE3oZbrqnSkxJ4YE1oDCI4Bu36uGkPJd5wrXh1XLmvABvUnj7RM1nFSQf TZ1CmVkzof2WlSH96R2khBo56HZDnseHQn224pxJFkeTVVXfayGWPrGuTH0cuQB5 7TkSLPxERg+dOCL+lzfRWIb+dqQWDDRzEaUsCzk06SdWwqa+PqPIt4L0anF57v6/ nHs+QOBiMgb8GBSEZhI80lmxDyE6FgsvgcMrZhXMdN3azbfePSyAy08GVWyET2fz a8SQBI8cPevwtrF8wtBILPAYMRLyH+xwO/YsEJjcXUVJqMvGu4DFaFEmT4/yzvcR on15MA3vc7SKUncrtfoGFos= -----END CERTIFICATE-----Generated at Fri Apr 4 02:16:32 2025 by rpki-client