$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/-7JZNquvAsZtbrsyhSU9KZuXQFk.cer File: -7JZNquvAsZtbrsyhSU9KZuXQFk.cer (raw, json) Hash identifier: JfvHznVusms7c+1OVhTA3nuAsgyA1oXQ4DGxdNMYpIE= Subject key identifier: FB:B2:59:36:AB:AF:02:C6:6D:6E:BB:32:85:25:3D:29:9B:97:40:59 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E2FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/-7JZNquvAsZtbrsyhSU9KZuXQFk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:13:14 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: AS: 137774 IP: 103.123.208.0/22 IP: 2403:a9c0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58111 (0xe2ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:13:14 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=FBB25936ABAF02C66D6EBB3285253D299B974059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cd:46:ca:1d:16:ce:f3:dc:d4:51:24:29:4b: 54:36:01:ac:e9:65:bc:e4:d2:60:a6:8c:be:1a:84: d1:0a:f6:25:6d:e9:2e:e6:41:b1:44:d2:a9:85:2e: bf:ac:42:83:ff:fb:52:75:3c:68:65:d9:bf:9e:2c: d0:a4:c7:2c:0d:a5:12:bd:a4:0b:34:a7:47:33:bf: 21:32:47:d3:ff:4a:0f:c6:86:79:f5:76:4a:74:d1: 0b:9b:a1:4b:ae:a5:b5:63:48:f8:b9:49:a1:0d:ee: 6a:02:2c:91:99:0d:cb:ab:9f:37:ea:c8:d7:e0:f8: 70:61:61:46:8b:b7:70:71:51:14:8c:09:26:55:bf: 3e:07:3c:ec:7b:90:ad:6d:8d:fb:e6:8b:af:d2:e1: 1e:60:3a:db:23:b8:c4:f6:b8:98:51:f0:37:2a:ae: 42:4d:d8:9a:56:4f:df:f4:45:6a:d4:a1:6e:c7:4a: e5:8e:c6:dc:99:7d:93:89:14:55:96:61:af:15:0e: 17:ae:f7:1c:5f:8d:a2:fd:5d:f1:f8:4a:67:5a:c7: 2a:99:27:f9:70:be:51:5d:30:01:ab:27:49:bb:7d: 1e:97:aa:f3:6f:65:0e:77:c0:c2:bd:8d:54:8f:8c: 5c:35:fd:a9:21:30:6a:ed:51:3e:b1:5a:d4:23:eb: 11:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:B2:59:36:AB:AF:02:C6:6D:6E:BB:32:85:25:3D:29:9B:97:40:59 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2810/-7JZNquvAsZtbrsyhSU9KZuXQFk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 137774 sbgp-ipAddrBlock: critical IPv4: 103.123.208.0/22 IPv6: 2403:a9c0::/32 Signature Algorithm: sha256WithRSAEncryption 5b:36:75:e0:8a:e9:ab:40:a8:63:ae:17:3c:55:96:2b:fa:a5: 2a:fa:10:a5:ec:fa:cc:62:69:3f:03:59:04:64:5f:9d:46:2a: 2b:32:f9:f0:f9:85:80:b9:69:1b:dd:51:6e:c3:02:c9:45:19: 77:4b:e8:4e:a9:db:47:ce:5b:89:c9:e7:07:af:b1:20:a2:7e: 44:9b:af:a4:3b:f5:cb:aa:3c:18:09:db:3a:48:ed:a2:13:ed: 08:c2:e7:76:92:7c:48:fc:30:a7:0a:f9:55:bb:49:a2:d2:b2: 77:4e:54:5c:c1:aa:e9:cc:82:b9:65:03:f9:ff:5d:d7:e1:7c: cf:7a:7b:02:3a:d3:ae:a6:4b:b5:be:82:26:1a:98:bb:c3:37: be:fe:fa:69:68:e9:c6:1d:ba:46:5f:7e:eb:40:3b:72:a2:d4: 4e:a8:61:78:68:78:b2:e8:2b:c1:84:81:b7:29:20:40:99:2e: 15:99:80:08:5f:a1:0e:f4:d2:be:6b:54:6a:6b:ee:27:1d:5e: 97:09:95:9a:da:63:a4:ff:b4:da:d5:12:d6:7b:a5:8f:95:1e: 46:59:38:d6:44:0a:ef:a7:d1:0f:e7:45:11:98:32:e2:7f:5b: 1b:03:e7:52:c7:d8:1b:85:fd:6d:d1:72:4c:0c:cf:30:70:60: 97:9f:6c:fd -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIDAOL/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzEzMTRaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKEZCQjI1OTM2QUJBRjAyQzY2RDZFQkIzMjg1MjUzRDI5OUI5NzQw NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFzUbKHRbO89zUUSQp S1Q2AazpZbzk0mCmjL4ahNEK9iVt6S7mQbFE0qmFLr+sQoP/+1J1PGhl2b+eLNCk xywNpRK9pAs0p0czvyEyR9P/Sg/Ghnn1dkp00QuboUuupbVjSPi5SaEN7moCLJGZ DcurnzfqyNfg+HBhYUaLt3BxURSMCSZVvz4HPOx7kK1tjfvmi6/S4R5gOtsjuMT2 uJhR8DcqrkJN2JpWT9/0RWrUoW7HSuWOxtyZfZOJFFWWYa8VDheu9xxfjaL9XfH4 SmdaxyqZJ/lwvlFdMAGrJ0m7fR6XqvNvZQ53wMK9jVSPjFw1/akhMGrtUT6xWtQj 6xEFAgMBAAGjggKAMIICfDAdBgNVHQ4EFgQU+7JZNquvAsZtbrsyhSU9KZuXQFkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4 MTAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjgxMC8tN0paTnF1dkFzWnRicnN5aFNVOUtadVhRRmsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIaLjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAmd70DANBAIAAjAHAwUAJAOpwDANBgkqhkiG9w0BAQsFAAOCAQEA WzZ14Irpq0CoY64XPFWWK/qlKvoQpez6zGJpPwNZBGRfnUYqKzL58PmFgLlpG91R bsMCyUUZd0voTqnbR85bicnnB6+xIKJ+RJuvpDv1y6o8GAnbOkjtohPtCMLndpJ8 SPwwpwr5VbtJotKyd05UXMGq6cyCuWUD+f9d1+F8z3p7AjrTrqZLtb6CJhqYu8M3 vv76aWjpxh26Rl9+60A7cqLUTqhheGh4sugrwYSBtykgQJkuFZmACF+hDvTSvmtU amvuJx1elwmVmtpjpP+02tUS1nulj5UeRlk41kQK76fRD+dFEZgy4n9bGwPnUsfY G4X9bdFyTAzPMHBgl59s/Q== -----END CERTIFICATE-----Generated at Wed Nov 5 15:52:57 2025 by rpki-client