$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yiG6irdU_NZK2pljjW_l5HJTtME.cer File: yiG6irdU_NZK2pljjW_l5HJTtME.cer (raw, json) Hash identifier: qWCVq0xmYUWBJ+8HalDokvkBdAvPZgGiZYOgfwN7b1A= Subject key identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: DCA6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 03 Sep 2025 19:32:53 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 210.76.160.0/19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 15:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56486 (0xdca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Sep 3 19:32:53 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CA21BA8AB754FCD64ADA99638D6FE5E47253B4C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8e:dd:a8:7e:40:56:ab:e1:49:1f:01:ab:ad: eb:cd:6f:98:0f:30:c5:66:bf:78:47:16:49:d4:90: cc:69:a7:2a:db:11:0f:1c:6e:2a:32:a1:a6:a6:29: 63:c0:e1:af:8f:bc:70:fd:e1:b3:88:d5:92:28:81: 51:1d:27:cf:56:9d:a6:a2:37:66:11:be:ab:2c:77: 94:5d:93:9f:f1:78:d1:a8:8e:ca:a8:b4:ec:0c:18: 4e:23:02:d7:ce:ac:43:2a:4e:64:8e:4d:1b:92:e9: 69:d6:65:f3:16:1f:6e:6e:d8:ac:bd:92:bc:87:55: 77:a9:29:3a:99:33:a8:79:e2:d2:87:c4:36:85:1a: 2b:53:50:c5:95:47:10:5c:ad:3c:9c:ba:8b:43:d0: 41:16:75:6b:8c:10:58:54:9f:53:f9:c6:81:a7:76: 59:1b:97:e3:a2:7b:58:e9:a3:7e:96:74:7d:d4:30: f2:7b:9c:59:9e:22:74:6f:cb:0b:9c:bf:76:c7:25: fd:3d:1b:41:b1:a5:20:e3:4d:86:47:40:38:4e:41: ce:eb:1d:76:3f:91:a8:95:73:1e:37:18:ab:3d:34: 00:51:a4:41:38:2a:c9:74:7f:e7:9b:42:38:16:88: 0a:5e:32:fb:4e:78:a9:e9:21:f0:fd:a8:c8:9e:6c: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.76.160.0/19 Signature Algorithm: sha256WithRSAEncryption 5b:e6:91:0b:15:3d:16:95:9a:17:34:e7:30:71:f9:04:c1:54: 7a:6b:2d:dc:95:ce:52:d0:fd:91:75:d5:98:72:ee:f0:de:59: cb:f3:ac:60:dc:63:31:e9:30:45:d4:5e:87:40:fc:27:1a:c7: bc:62:24:a6:2e:d1:60:37:79:c3:6b:f1:d3:73:4b:c3:59:5e: ce:5a:ae:8a:6e:98:cc:e1:0a:96:42:48:55:ab:f7:70:56:2d: ed:5c:0e:82:30:49:b6:58:c3:49:09:d5:ce:f0:8b:94:aa:e8: 7e:07:e8:2a:90:85:3a:97:95:16:37:40:7f:e5:53:80:e3:18: 50:94:ec:eb:b7:63:2c:a0:89:1b:0a:ce:49:f7:2f:09:7e:fd: 5e:58:2c:34:4b:4d:8f:1a:10:4c:0e:43:8e:18:94:96:8b:17: a8:76:2b:bc:8b:be:d3:f4:23:26:55:ff:52:6f:15:3c:56:9c: 1d:bd:1a:df:0c:be:b4:65:12:25:3a:60:16:2f:99:60:40:1c: d1:d6:fd:4d:05:cc:a8:b2:dd:94:3a:c2:a5:38:cf:5a:52:20: 67:d0:74:69:53:41:f4:b6:bd:4c:7b:5d:d3:ac:38:f0:71:b9: 68:24:e4:df:4f:ea:71:22:5a:ee:15:31:08:77:01:4c:dc:32: 74:d2:22:6e -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIDANymMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA5MDMxOTMyNTNaFw0yNjA4MDMwODQ0NDBaMDMx MTAvBgNVBAMTKENBMjFCQThBQjc1NEZDRDY0QURBOTk2MzhENkZFNUU0NzI1M0I0 QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjt2ofkBWq+FJHwGr revNb5gPMMVmv3hHFknUkMxppyrbEQ8cbioyoaamKWPA4a+PvHD94bOI1ZIogVEd J89WnaaiN2YRvqssd5Rdk5/xeNGojsqotOwMGE4jAtfOrEMqTmSOTRuS6WnWZfMW H25u2Ky9kryHVXepKTqZM6h54tKHxDaFGitTUMWVRxBcrTycuotD0EEWdWuMEFhU n1P5xoGndlkbl+Oie1jpo36WdH3UMPJ7nFmeInRvywucv3bHJf09G0GxpSDjTYZH QDhOQc7rHXY/kaiVcx43GKs9NABRpEE4Ksl0f+ebQjgWiApeMvtOeKnpIfD9qMie bG63AgMBAAGjggJRMIICTTAdBgNVHQ4EFgQUyiG6irdU/NZK2pljjW/l5HJTtMEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzk4 LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzk4L3lpRzZpcmRVX05aSzJwbGpqV19sNUhKVHRNRS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSTKAwDQYJKoZIhvcNAQELBQADggEB AFvmkQsVPRaVmhc05zBx+QTBVHprLdyVzlLQ/ZF11Zhy7vDeWcvzrGDcYzHpMEXU XodA/Ccax7xiJKYu0WA3ecNr8dNzS8NZXs5aropumMzhCpZCSFWr93BWLe1cDoIw SbZYw0kJ1c7wi5Sq6H4H6CqQhTqXlRY3QH/lU4DjGFCU7Ou3YyygiRsKzkn3Lwl+ /V5YLDRLTY8aEEwOQ44YlJaLF6h2K7yLvtP0IyZV/1JvFTxWnB29Gt8MvrRlEiU6 YBYvmWBAHNHW/U0FzKiy3ZQ6wqU4z1pSIGfQdGlTQfS2vUx7XdOsOPBxuWgk5N9P 6nEiWu4VMQh3AUzcMnTSIm4= -----END CERTIFICATE-----Generated at Sun Sep 7 11:00:17 2025 by rpki-client