$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/-7JZNquvAsZtbrsyhSU9KZuXQFk.cer File: -7JZNquvAsZtbrsyhSU9KZuXQFk.cer (raw, json) Hash identifier: Qv94jmBt3jD+zNiesaYVf6AzoLV0FKk6omiNaq+vw+Y= Subject key identifier: FB:B2:59:36:AB:AF:02:C6:6D:6E:BB:32:85:25:3D:29:9B:97:40:59 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: DA06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/-7JZNquvAsZtbrsyhSU9KZuXQFk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:18:07 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: AS: 137774 IP: 103.123.208.0/22 IP: 2403:a9c0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 12:05:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55814 (0xda06) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 3 09:18:07 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FBB25936ABAF02C66D6EBB3285253D299B974059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cd:46:ca:1d:16:ce:f3:dc:d4:51:24:29:4b: 54:36:01:ac:e9:65:bc:e4:d2:60:a6:8c:be:1a:84: d1:0a:f6:25:6d:e9:2e:e6:41:b1:44:d2:a9:85:2e: bf:ac:42:83:ff:fb:52:75:3c:68:65:d9:bf:9e:2c: d0:a4:c7:2c:0d:a5:12:bd:a4:0b:34:a7:47:33:bf: 21:32:47:d3:ff:4a:0f:c6:86:79:f5:76:4a:74:d1: 0b:9b:a1:4b:ae:a5:b5:63:48:f8:b9:49:a1:0d:ee: 6a:02:2c:91:99:0d:cb:ab:9f:37:ea:c8:d7:e0:f8: 70:61:61:46:8b:b7:70:71:51:14:8c:09:26:55:bf: 3e:07:3c:ec:7b:90:ad:6d:8d:fb:e6:8b:af:d2:e1: 1e:60:3a:db:23:b8:c4:f6:b8:98:51:f0:37:2a:ae: 42:4d:d8:9a:56:4f:df:f4:45:6a:d4:a1:6e:c7:4a: e5:8e:c6:dc:99:7d:93:89:14:55:96:61:af:15:0e: 17:ae:f7:1c:5f:8d:a2:fd:5d:f1:f8:4a:67:5a:c7: 2a:99:27:f9:70:be:51:5d:30:01:ab:27:49:bb:7d: 1e:97:aa:f3:6f:65:0e:77:c0:c2:bd:8d:54:8f:8c: 5c:35:fd:a9:21:30:6a:ed:51:3e:b1:5a:d4:23:eb: 11:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:B2:59:36:AB:AF:02:C6:6D:6E:BB:32:85:25:3D:29:9B:97:40:59 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/-7JZNquvAsZtbrsyhSU9KZuXQFk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 137774 sbgp-ipAddrBlock: critical IPv4: 103.123.208.0/22 IPv6: 2403:a9c0::/32 Signature Algorithm: sha256WithRSAEncryption 3e:09:67:01:cf:d6:91:71:af:ab:4f:c2:41:2b:bb:b7:70:a8: e3:38:88:34:3f:58:97:ac:7d:1c:fa:ff:53:1b:63:8f:80:2a: fc:aa:87:5f:a9:34:89:75:ee:e0:8d:f6:40:e0:c6:d3:45:2e: 41:6e:7f:d3:30:71:9f:d7:a1:d2:35:6c:59:1c:90:f0:80:7e: 82:ea:bb:ac:af:eb:00:af:65:78:bf:65:9d:7a:72:9c:07:0f: 46:80:85:6a:a2:1f:d9:97:f5:31:bb:6f:53:a0:ba:79:4f:8b: 53:33:bd:f2:a5:12:fb:9f:06:68:a3:12:4f:b6:63:30:3b:44: 0c:c2:ba:22:71:58:d2:f9:34:ec:fb:2c:27:0b:45:29:67:03: 3f:52:d0:ca:90:ec:04:0e:05:a8:01:d3:72:ea:57:c9:fb:98: ed:ac:6e:7f:01:b7:d2:ea:62:5b:6f:d1:6f:e3:01:8d:31:7f: fd:4b:27:ee:ea:95:cd:2a:78:aa:98:cc:76:43:56:8a:d2:a3: 64:57:8f:17:a5:7b:3e:11:40:83:35:51:5e:96:a9:b9:f8:ab: b2:d3:47:5e:d4:71:99:7e:0e:17:b1:11:80:83:d0:f6:00:a0: b6:a2:77:b7:c9:dd:1a:32:43:77:a3:be:b3:f1:77:90:63:4a: ae:a3:7a:f9 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIDANoGMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA4MDMwOTE4MDdaFw0yNjA4MDMwODQ0NDBaMDMx MTAvBgNVBAMTKEZCQjI1OTM2QUJBRjAyQzY2RDZFQkIzMjg1MjUzRDI5OUI5NzQw NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFzUbKHRbO89zUUSQp S1Q2AazpZbzk0mCmjL4ahNEK9iVt6S7mQbFE0qmFLr+sQoP/+1J1PGhl2b+eLNCk xywNpRK9pAs0p0czvyEyR9P/Sg/Ghnn1dkp00QuboUuupbVjSPi5SaEN7moCLJGZ DcurnzfqyNfg+HBhYUaLt3BxURSMCSZVvz4HPOx7kK1tjfvmi6/S4R5gOtsjuMT2 uJhR8DcqrkJN2JpWT9/0RWrUoW7HSuWOxtyZfZOJFFWWYa8VDheu9xxfjaL9XfH4 SmdaxyqZJ/lwvlFdMAGrJ0m7fR6XqvNvZQ53wMK9jVSPjFw1/akhMGrtUT6xWtQj 6xEFAgMBAAGjggKAMIICfDAdBgNVHQ4EFgQU+7JZNquvAsZtbrsyhSU9KZuXQFkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 MTAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjgxMC8tN0paTnF1dkFzWnRicnN5aFNVOUtadVhRRmsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIaLjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAmd70DANBAIAAjAHAwUAJAOpwDANBgkqhkiG9w0BAQsFAAOCAQEA PglnAc/WkXGvq0/CQSu7t3Co4ziIND9Yl6x9HPr/Uxtjj4Aq/KqHX6k0iXXu4I32 QODG00UuQW5/0zBxn9eh0jVsWRyQ8IB+guq7rK/rAK9leL9lnXpynAcPRoCFaqIf 2Zf1MbtvU6C6eU+LUzO98qUS+58GaKMST7ZjMDtEDMK6InFY0vk07PssJwtFKWcD P1LQypDsBA4FqAHTcupXyfuY7axufwG30upiW2/Rb+MBjTF//Usn7uqVzSp4qpjM dkNWitKjZFePF6V7PhFAgzVRXpapufirstNHXtRxmX4OF7ERgIPQ9gCgtqJ3t8nd GjJDd6O+s/F3kGNKrqN6+Q== -----END CERTIFICATE-----Generated at Wed Aug 13 08:06:12 2025 by rpki-client