$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D8652A391E44DB4EE76BEE76A4C433F666BB507A.cer File: D8652A391E44DB4EE76BEE76A4C433F666BB507A.cer (raw, json) Hash identifier: D/b7Ov0uHFRmkfye9IliZl6L1+gM6OklImpo8cTH79c= Subject key identifier: D8:65:2A:39:1E:44:DB:4E:E7:6B:EE:76:A4:C4:33:F6:66:BB:50:7A Authority key identifier: A5:6E:87:2A:40:3E:7B:9C:EB:94:31:A0:8F:54:04:01:D2:FB:D7:10 Certificate issuer: /CN=A9162E3D0001/serialNumber=A56E872A403E7B9CEB9431A08F540401D2FBD710 Certificate serial: 0849B1AF329F39EF996AEFC4553291A53DFF4E38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer Manifest: rsync://rpki-rps.cnnic.cn/repo/A1097027706349944834/0/D8652A391E44DB4EE76BEE76A4C433F666BB507A.mft caRepository: rsync://rpki-rps.cnnic.cn/repo/A1097027706349944834/0/ Notify URL: https://rrdp-rps.cnnic.cn/rrdp/notification.xml Certificate not before: Thu 16 Apr 2026 05:11:28 +0000 Certificate not after: Thu 15 Apr 2027 05:16:28 +0000 Subordinate resources: IP: 103.249.244.0/22 IP: 163.53.60.0/22 IP: 218.245.48.0/20 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 17:12:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:49:b1:af:32:9f:39:ef:99:6a:ef:c4:55:32:91:a5:3d:ff:4e:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0001, serialNumber=A56E872A403E7B9CEB9431A08F540401D2FBD710 Validity Not Before: Apr 16 05:11:28 2026 GMT Not After : Apr 15 05:16:28 2027 GMT Subject: CN=D8652A391E44DB4EE76BEE76A4C433F666BB507A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:1b:17:55:67:f2:30:b9:62:a8:79:28:a3:15: bd:9a:da:78:a9:e8:fa:0a:a3:47:f2:2f:a8:99:17: 62:20:9b:ce:1c:68:69:b2:b8:14:75:d1:6a:2e:ff: 52:c1:6f:4a:c1:dd:f2:07:86:5a:7a:eb:a8:10:b7: 0c:41:e8:0d:a7:2e:30:04:cd:d0:6d:02:45:0c:d7: 9a:0b:19:fa:2b:84:d1:f0:d2:b3:70:27:f6:2f:8b: f7:58:b5:24:d6:36:da:6b:94:4e:41:e4:29:6b:7c: 84:9f:5b:d6:a7:50:7d:5d:27:e2:c0:8b:c9:45:cb: 67:ea:8a:65:aa:fc:48:5d:eb:4d:5a:86:72:7e:2c: da:4f:e6:0f:f6:c0:91:b5:94:e4:3c:d8:54:e6:4f: ff:6e:56:8a:5e:e8:aa:36:09:95:55:d3:a2:72:0a: d8:63:50:5c:fb:61:43:44:6c:77:7c:6c:09:d4:64: da:e3:f6:e2:c6:9e:b0:7c:3b:de:18:f6:49:d6:08: 26:6c:df:9d:2b:16:0b:15:a4:d5:1f:59:d3:80:fd: 61:be:98:ee:17:0d:18:a4:f5:0f:8f:2c:9a:ab:67: 31:45:3e:5f:eb:61:b8:f6:39:bf:e2:4e:d1:f1:0e: fb:44:5b:8d:7c:4f:20:b1:d3:12:5c:7f:9a:7e:8a: 53:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D8:65:2A:39:1E:44:DB:4E:E7:6B:EE:76:A4:C4:33:F6:66:BB:50:7A X509v3 Authority Key Identifier: keyid:A5:6E:87:2A:40:3E:7B:9C:EB:94:31:A0:8F:54:04:01:D2:FB:D7:10 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer Subject Information Access: CA Repository - URI:rsync://rpki-rps.cnnic.cn/repo/A1097027706349944834/0/ RPKI Manifest - URI:rsync://rpki-rps.cnnic.cn/repo/A1097027706349944834/0/D8652A391E44DB4EE76BEE76A4C433F666BB507A.mft RPKI Notify - URI:https://rrdp-rps.cnnic.cn/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.249.244.0/22 163.53.60.0/22 218.245.48.0/20 Signature Algorithm: sha256WithRSAEncryption 7b:ce:a1:49:c1:4c:52:5d:47:f0:9b:ef:f4:da:79:97:13:ff: 6d:8d:22:f1:55:7f:af:f3:ee:04:90:73:ce:b9:01:80:87:9d: d3:73:d5:9f:fc:0c:6e:02:19:85:10:40:8a:54:25:7d:6d:af: d7:e7:79:a5:4f:4b:1a:fe:8b:9a:1c:6b:59:88:44:5f:73:aa: c3:10:e6:f8:47:bb:31:df:09:46:4d:8f:c0:e3:72:75:7a:d4: bf:5d:e7:61:99:91:13:99:e3:3e:0a:0a:df:f3:6d:50:3c:4c: 3a:c5:af:9c:b7:94:11:76:6d:08:44:43:17:5d:37:c9:40:f2: 64:57:d5:20:92:f4:25:2d:09:cd:e2:30:95:30:3b:9e:4b:b7: 94:90:b3:1a:67:5d:95:22:3f:11:3d:1b:a8:b2:f3:a1:0c:69: 59:cd:5b:b7:8e:db:3e:07:3b:c9:a2:d5:32:02:55:44:94:e1: e1:ca:9f:5c:a4:4c:1f:bd:2c:76:53:68:54:36:74:88:ba:45: 47:4a:57:93:96:3b:1e:17:9c:0c:3c:81:81:6b:fb:4a:89:65: 0d:30:ab:9f:42:40:c4:29:85:af:ff:5c:4f:a7:30:80:7b:83: b6:35:ae:b6:bd:ab:a7:e6:a0:4a:f3:dd:cb:9b:f8:ce:84:d7: f5:9b:4e:88 -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgIUCEmxrzKfOe+Zau/EVTKRpT3/TjgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjJFM0QwMDAxMTEwLwYDVQQFEyhBNTZFODcyQTQw M0U3QjlDRUI5NDMxQTA4RjU0MDQwMUQyRkJENzEwMB4XDTI2MDQxNjA1MTEyOFoX DTI3MDQxNTA1MTYyOFowMzExMC8GA1UEAxMoRDg2NTJBMzkxRTQ0REI0RUU3NkJF RTc2QTRDNDMzRjY2NkJCNTA3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANEbF1Vn8jC5Yqh5KKMVvZraeKno+gqjR/IvqJkXYiCbzhxoabK4FHXRai7/ UsFvSsHd8geGWnrrqBC3DEHoDacuMATN0G0CRQzXmgsZ+iuE0fDSs3An9i+L91i1 JNY22muUTkHkKWt8hJ9b1qdQfV0n4sCLyUXLZ+qKZar8SF3rTVqGcn4s2k/mD/bA kbWU5DzYVOZP/25Wil7oqjYJlVXTonIK2GNQXPthQ0Rsd3xsCdRk2uP24saesHw7 3hj2SdYIJmzfnSsWCxWk1R9Z04D9Yb6Y7hcNGKT1D48smqtnMUU+X+thuPY5v+JO 0fEO+0RbjXxPILHTElx/mn6KU6kCAwEAAaOCAqYwggKiMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNhlKjkeRNtO52vudqTEM/Zmu1B6MB8GA1UdIwQYMBaAFKVu hypAPnuc65QxoI9UBAHS+9cQMA4GA1UdDwEB/wQEAwIBBjBzBgNVHR8EbDBqMGig ZqBkhmJyc3luYzovL3Jwa2ktcnBzLmNubmljLmNuL3JlcG8vQTEwNTUzOTA3NzUw OTA2NzU3MTUvMS9BNTZFODcyQTQwM0U3QjlDRUI5NDMxQTA4RjU0MDQwMUQyRkJE NzEwLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9wVzZIS2tBLWU1enJsREdnajFRRUFkTDcxeEEuY2VyMIIBAQYIKwYB BQUHAQsEgfQwgfEwQgYIKwYBBQUHMAWGNnJzeW5jOi8vcnBraS1ycHMuY25uaWMu Y24vcmVwby9BMTA5NzAyNzcwNjM0OTk0NDgzNC8wLzBuBggrBgEFBQcwCoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDI3NzA2MzQ5OTQ0ODM0 LzAvRDg2NTJBMzkxRTQ0REI0RUU3NkJFRTc2QTRDNDMzRjY2NkJCNTA3QS5tZnQw OwYIKwYBBQUHMA2GL2h0dHBzOi8vcnJkcC1ycHMuY25uaWMuY24vcnJkcC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUH AQcBAf8EHDAaMBgEAgABMBIDBAJn+fQDBAKjNTwDBATa9TAwDQYJKoZIhvcNAQEL BQADggEBAHvOoUnBTFJdR/Cb7/TaeZcT/22NIvFVf6/z7gSQc865AYCHndNz1Z/8 DG4CGYUQQIpUJX1tr9fneaVPSxr+i5oca1mIRF9zqsMQ5vhHuzHfCUZNj8DjcnV6 1L9d52GZkROZ4z4KCt/zbVA8TDrFr5y3lBF2bQhEQxddN8lA8mRX1SCS9CUtCc3i MJUwO55Lt5SQsxpnXZUiPxE9G6iy86EMaVnNW7eO2z4HO8mi1TICVUSU4eHKn1yk TB+9LHZTaFQ2dIi6RUdKV5OWOx4XnAw8gYFr+0qJZQ0wq59CQMQpha//XE+nMIB7 g7Y1rra9q6fmoErz3cub+M6E1/WbTog= -----END CERTIFICATE-----Generated at Fri Apr 17 18:50:23 2026 by rpki-client