$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/-7JZNquvAsZtbrsyhSU9KZuXQFk.cer File: -7JZNquvAsZtbrsyhSU9KZuXQFk.cer (raw, json) Hash identifier: 9KK720Axe3YatOTgTMQP6mtRnyctD7AP0qasJbUfN5U= Subject key identifier: FB:B2:59:36:AB:AF:02:C6:6D:6E:BB:32:85:25:3D:29:9B:97:40:59 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CE69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/-7JZNquvAsZtbrsyhSU9KZuXQFk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:14:27 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: AS: 137774 IP: 103.123.208.0/22 IP: 2403:a9c0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52841 (0xce69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 3 08:14:27 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=FBB25936ABAF02C66D6EBB3285253D299B974059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cd:46:ca:1d:16:ce:f3:dc:d4:51:24:29:4b: 54:36:01:ac:e9:65:bc:e4:d2:60:a6:8c:be:1a:84: d1:0a:f6:25:6d:e9:2e:e6:41:b1:44:d2:a9:85:2e: bf:ac:42:83:ff:fb:52:75:3c:68:65:d9:bf:9e:2c: d0:a4:c7:2c:0d:a5:12:bd:a4:0b:34:a7:47:33:bf: 21:32:47:d3:ff:4a:0f:c6:86:79:f5:76:4a:74:d1: 0b:9b:a1:4b:ae:a5:b5:63:48:f8:b9:49:a1:0d:ee: 6a:02:2c:91:99:0d:cb:ab:9f:37:ea:c8:d7:e0:f8: 70:61:61:46:8b:b7:70:71:51:14:8c:09:26:55:bf: 3e:07:3c:ec:7b:90:ad:6d:8d:fb:e6:8b:af:d2:e1: 1e:60:3a:db:23:b8:c4:f6:b8:98:51:f0:37:2a:ae: 42:4d:d8:9a:56:4f:df:f4:45:6a:d4:a1:6e:c7:4a: e5:8e:c6:dc:99:7d:93:89:14:55:96:61:af:15:0e: 17:ae:f7:1c:5f:8d:a2:fd:5d:f1:f8:4a:67:5a:c7: 2a:99:27:f9:70:be:51:5d:30:01:ab:27:49:bb:7d: 1e:97:aa:f3:6f:65:0e:77:c0:c2:bd:8d:54:8f:8c: 5c:35:fd:a9:21:30:6a:ed:51:3e:b1:5a:d4:23:eb: 11:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:B2:59:36:AB:AF:02:C6:6D:6E:BB:32:85:25:3D:29:9B:97:40:59 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/-7JZNquvAsZtbrsyhSU9KZuXQFk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 137774 sbgp-ipAddrBlock: critical IPv4: 103.123.208.0/22 IPv6: 2403:a9c0::/32 Signature Algorithm: sha256WithRSAEncryption 46:c3:ff:cf:87:63:13:b0:53:31:5b:b8:3d:5d:fd:24:53:23: 89:8d:58:f6:fb:14:42:0c:67:93:b0:6d:43:e9:e2:50:5c:5e: 28:33:5c:66:59:43:a6:5b:e3:2f:d2:82:cb:b3:66:13:90:da: 1d:08:23:b4:83:2f:d1:d6:bf:48:0b:bd:28:c1:95:bc:00:35: 71:a3:3f:ba:ac:48:13:d4:ef:45:b6:f7:c0:5d:cf:d3:04:76: d4:a2:4f:5a:fa:0b:e5:a6:95:e9:53:26:b1:22:c0:74:fb:16: 99:3e:f6:f9:d0:26:50:49:48:95:f1:6b:be:20:05:c5:36:31: 67:76:02:c5:77:dc:d7:1b:27:f1:7c:1a:7f:31:b5:dd:8d:2c: 23:97:be:84:1f:ac:55:01:a8:fb:b1:67:d6:43:35:7a:c0:12: a7:10:b3:c5:85:ff:89:f5:5c:e2:ac:6d:85:f7:79:ec:84:72: 43:3d:48:66:ea:5e:b9:92:98:1a:9e:26:3e:d5:b2:21:fe:4a: 6b:ec:ca:e3:a3:25:fd:db:0e:06:18:16:1d:68:0e:6b:ab:aa: e7:8f:67:85:1b:05:27:89:b5:18:03:e9:2a:bb:95:e3:4d:69: 00:66:b3:c4:00:0b:f6:c6:c2:a9:13:0b:39:7b:b7:46:56:f1: cf:dd:4f:f2 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIDAM5pMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODE0MjdaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKEZCQjI1OTM2QUJBRjAyQzY2RDZFQkIzMjg1MjUzRDI5OUI5NzQw NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFzUbKHRbO89zUUSQp S1Q2AazpZbzk0mCmjL4ahNEK9iVt6S7mQbFE0qmFLr+sQoP/+1J1PGhl2b+eLNCk xywNpRK9pAs0p0czvyEyR9P/Sg/Ghnn1dkp00QuboUuupbVjSPi5SaEN7moCLJGZ DcurnzfqyNfg+HBhYUaLt3BxURSMCSZVvz4HPOx7kK1tjfvmi6/S4R5gOtsjuMT2 uJhR8DcqrkJN2JpWT9/0RWrUoW7HSuWOxtyZfZOJFFWWYa8VDheu9xxfjaL9XfH4 SmdaxyqZJ/lwvlFdMAGrJ0m7fR6XqvNvZQ53wMK9jVSPjFw1/akhMGrtUT6xWtQj 6xEFAgMBAAGjggKAMIICfDAdBgNVHQ4EFgQU+7JZNquvAsZtbrsyhSU9KZuXQFkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 MTAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjgxMC8tN0paTnF1dkFzWnRicnN5aFNVOUtadVhRRmsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIaLjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAmd70DANBAIAAjAHAwUAJAOpwDANBgkqhkiG9w0BAQsFAAOCAQEA RsP/z4djE7BTMVu4PV39JFMjiY1Y9vsUQgxnk7BtQ+niUFxeKDNcZllDplvjL9KC y7NmE5DaHQgjtIMv0da/SAu9KMGVvAA1caM/uqxIE9TvRbb3wF3P0wR21KJPWvoL 5aaV6VMmsSLAdPsWmT72+dAmUElIlfFrviAFxTYxZ3YCxXfc1xsn8XwafzG13Y0s I5e+hB+sVQGo+7Fn1kM1esASpxCzxYX/ifVc4qxthfd57IRyQz1IZupeuZKYGp4m PtWyIf5Ka+zK46Ml/dsOBhgWHWgOa6uq549nhRsFJ4m1GAPpKruV401pAGazxAAL 9sbCqRMLOXu3Rlbxz91P8g== -----END CERTIFICATE-----Generated at Sat Apr 26 08:24:10 2025 by rpki-client