$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer File: 2wnDhcqGTQSV-VGV_38HvFdh4XY.cer (raw, json) Hash identifier: 46HUfa6b0uLGVXq3Vqk9NxZK9nY1Pg+qHH/7rgC0fdw= Subject key identifier: DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3FF7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:16:47 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 160.250.170.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16375 (0x3ff7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Aug 3 09:16:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DB09C385CA864D0495F95195FF7F07BC5761E176 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:7b:a4:73:f0:a5:2e:62:a9:d2:cd:03:e9:a3: 65:51:18:c6:68:a4:59:e9:b3:e1:a1:2f:4a:76:90: 9b:4e:d8:3a:35:af:05:fb:f8:b2:c4:8d:34:22:2f: b2:e4:e7:9b:1f:35:ac:59:4d:d4:71:b6:75:64:c7: b5:3b:84:88:90:29:e4:5a:18:3f:ac:3a:1b:0b:19: d7:73:ca:44:61:33:ce:99:de:af:ca:7a:55:0a:71: 84:f5:9d:12:14:e4:83:2d:4b:db:ef:9f:c3:fa:a7: 6b:34:24:6d:d1:34:b0:50:0c:d9:b1:6e:c8:09:5a: f0:87:c8:1f:19:94:88:b4:4b:b8:69:9c:92:4c:23: 4e:ff:b5:8c:ce:97:00:69:b3:58:02:c9:3a:11:aa: eb:4c:70:bd:7e:d0:c0:21:de:33:e3:03:fa:81:79: e1:11:36:1a:a4:01:09:32:80:ae:04:6a:52:6e:6c: 75:c4:a9:a4:95:37:5c:85:cd:50:86:64:8c:86:d7: bf:72:99:ed:4e:07:3e:ec:72:66:05:b7:63:66:95: a2:fd:50:fc:17:5c:98:83:47:03:cf:5c:b7:46:8c: a2:cf:0d:b2:f9:1c:ff:7d:c1:ef:70:de:08:77:30: 96:24:70:93:e3:e7:7b:52:27:fc:82:2d:74:61:a1: 33:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.250.170.0/23 Signature Algorithm: sha256WithRSAEncryption 08:bf:08:17:a8:98:6e:1c:f3:27:90:00:4a:a1:42:6d:a0:7f: 82:e6:a2:f0:ab:f4:b1:71:d8:8e:37:85:30:3e:46:84:4e:0c: fd:05:a4:e5:cf:bf:e0:f1:ba:43:6a:bb:be:c1:d7:ea:77:78: 4d:02:18:6a:5e:b1:6f:1d:c4:61:0b:f2:78:e6:cd:03:c1:44: ce:70:59:ff:b8:36:be:bc:e7:fa:d3:b9:f8:03:68:1e:9a:11: 45:04:22:04:86:90:ec:3e:25:96:48:b2:02:d7:aa:f3:fc:72: ed:e0:cc:c4:d6:f5:b5:68:8c:1c:c9:37:cd:94:77:62:43:d0: 86:3e:39:7c:b2:cb:74:bf:7d:02:77:33:ed:b3:6a:34:6f:96: a3:88:1b:07:94:f3:2d:25:9e:8a:78:dd:03:1b:20:f3:56:30: 83:a0:ec:21:b2:88:01:d7:34:b3:89:78:82:cd:46:17:4b:5a: a2:70:27:e3:2c:7d:a0:84:ba:2c:0f:f5:28:d3:9a:c8:8b:20: 93:19:2d:59:35:d5:cd:fd:2b:93:79:a5:25:0e:68:c2:30:d2: e2:66:23:bd:95:28:0b:ae:66:fa:dc:3e:90:cb:ba:b5:5c:21: 53:30:59:9e:35:24:4f:5a:66:1a:f4:f5:ce:08:d1:a9:67:99: 6b:05:80:07 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICP/cwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDgwMzA5MTY0N1oXDTI2MDgwMzA4NDQ0MFowMzEx MC8GA1UEAxMoREIwOUMzODVDQTg2NEQwNDk1Rjk1MTk1RkY3RjA3QkM1NzYxRTE3 NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKl7pHPwpS5iqdLNA+mj ZVEYxmikWemz4aEvSnaQm07YOjWvBfv4ssSNNCIvsuTnmx81rFlN1HG2dWTHtTuE iJAp5FoYP6w6GwsZ13PKRGEzzpner8p6VQpxhPWdEhTkgy1L2++fw/qnazQkbdE0 sFAM2bFuyAla8IfIHxmUiLRLuGmckkwjTv+1jM6XAGmzWALJOhGq60xwvX7QwCHe M+MD+oF54RE2GqQBCTKArgRqUm5sdcSppJU3XIXNUIZkjIbXv3KZ7U4HPuxyZgW3 Y2aVov1Q/BdcmINHA89ct0aMos8Nsvkc/33B73DeCHcwliRwk+Pne1In/IItdGGh Mz8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBTbCcOFyoZNBJX5UZX/fwe8V2HhdjAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz Ny8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzM3LzJ3bkRoY3FHVFFTVi1WR1ZfMzhIdkZkaDRYWS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg+qowDQYJKoZIhvcNAQELBQAD ggEBAAi/CBeomG4c8yeQAEqhQm2gf4LmovCr9LFx2I43hTA+RoRODP0FpOXPv+Dx ukNqu77B1+p3eE0CGGpesW8dxGEL8njmzQPBRM5wWf+4Nr685/rTufgDaB6aEUUE IgSGkOw+JZZIsgLXqvP8cu3gzMTW9bVojBzJN82Ud2JD0IY+OXyyy3S/fQJ3M+2z ajRvlqOIGweU8y0lnop43QMbIPNWMIOg7CGyiAHXNLOJeILNRhdLWqJwJ+MsfaCE uiwP9SjTmsiLIJMZLVk11c39K5N5pSUOaMIw0uJmI72VKAuuZvrcPpDLurVcIVMw WZ41JE9aZhr09c4I0alnmWsFgAc= -----END CERTIFICATE-----Generated at Mon Aug 11 10:36:28 2025 by rpki-client