$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer File: 2wnDhcqGTQSV-VGV_38HvFdh4XY.cer (raw, json) Hash identifier: PzLietOk4lMjUiAiOH20ocDlKOo127iqYxGdbOFAOVc= Subject key identifier: DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3CBB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:12:13 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 160.250.170.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:39:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15547 (0x3cbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Apr 3 08:12:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=DB09C385CA864D0495F95195FF7F07BC5761E176 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:7b:a4:73:f0:a5:2e:62:a9:d2:cd:03:e9:a3: 65:51:18:c6:68:a4:59:e9:b3:e1:a1:2f:4a:76:90: 9b:4e:d8:3a:35:af:05:fb:f8:b2:c4:8d:34:22:2f: b2:e4:e7:9b:1f:35:ac:59:4d:d4:71:b6:75:64:c7: b5:3b:84:88:90:29:e4:5a:18:3f:ac:3a:1b:0b:19: d7:73:ca:44:61:33:ce:99:de:af:ca:7a:55:0a:71: 84:f5:9d:12:14:e4:83:2d:4b:db:ef:9f:c3:fa:a7: 6b:34:24:6d:d1:34:b0:50:0c:d9:b1:6e:c8:09:5a: f0:87:c8:1f:19:94:88:b4:4b:b8:69:9c:92:4c:23: 4e:ff:b5:8c:ce:97:00:69:b3:58:02:c9:3a:11:aa: eb:4c:70:bd:7e:d0:c0:21:de:33:e3:03:fa:81:79: e1:11:36:1a:a4:01:09:32:80:ae:04:6a:52:6e:6c: 75:c4:a9:a4:95:37:5c:85:cd:50:86:64:8c:86:d7: bf:72:99:ed:4e:07:3e:ec:72:66:05:b7:63:66:95: a2:fd:50:fc:17:5c:98:83:47:03:cf:5c:b7:46:8c: a2:cf:0d:b2:f9:1c:ff:7d:c1:ef:70:de:08:77:30: 96:24:70:93:e3:e7:7b:52:27:fc:82:2d:74:61:a1: 33:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.250.170.0/23 Signature Algorithm: sha256WithRSAEncryption 54:7e:f7:62:fd:f9:e6:60:37:57:2d:fb:68:8c:50:c8:0b:70: 2c:6e:d6:61:46:b8:e5:5b:89:c9:33:e0:66:06:00:ee:0f:5c: 98:25:0b:f7:41:c5:fc:eb:3e:35:95:8c:66:76:96:62:e5:ce: b6:80:1e:86:48:bd:1c:95:a1:f0:2d:3e:a7:a4:b3:44:2e:5c: 80:76:d0:2d:7d:dc:e0:76:fe:36:07:f4:2c:11:73:a1:cd:48: 2f:2c:93:d0:33:75:a5:62:30:db:93:f4:c4:b8:af:ca:18:e8: ac:af:ea:f9:3d:27:91:99:61:9b:17:e6:6c:50:4b:be:96:a2: 7c:c8:74:7b:fd:5a:42:8d:a9:ba:83:ec:5f:a7:04:e8:47:0d: 8d:e5:cd:a4:33:75:a0:19:ea:16:c1:37:17:33:43:97:ea:e9: 63:ce:02:31:3a:33:c9:85:aa:17:34:00:18:f6:95:16:9c:9c: c5:39:86:f9:f1:bd:94:02:ee:a6:d9:85:f3:68:67:d5:b1:77: a4:d2:4b:31:21:5d:70:80:cf:52:a2:c2:b9:6b:e3:4f:cf:d4: 67:56:2d:5b:e8:62:ff:be:54:74:57:dc:28:e3:21:3e:68:84: 93:2c:bb:ab:67:05:0b:43:ba:d3:f0:e7:bd:6d:c4:c2:4b:28: a9:a2:a8:dc -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICPLswDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MTIxM1oXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoREIwOUMzODVDQTg2NEQwNDk1Rjk1MTk1RkY3RjA3QkM1NzYxRTE3 NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKl7pHPwpS5iqdLNA+mj ZVEYxmikWemz4aEvSnaQm07YOjWvBfv4ssSNNCIvsuTnmx81rFlN1HG2dWTHtTuE iJAp5FoYP6w6GwsZ13PKRGEzzpner8p6VQpxhPWdEhTkgy1L2++fw/qnazQkbdE0 sFAM2bFuyAla8IfIHxmUiLRLuGmckkwjTv+1jM6XAGmzWALJOhGq60xwvX7QwCHe M+MD+oF54RE2GqQBCTKArgRqUm5sdcSppJU3XIXNUIZkjIbXv3KZ7U4HPuxyZgW3 Y2aVov1Q/BdcmINHA89ct0aMos8Nsvkc/33B73DeCHcwliRwk+Pne1In/IItdGGh Mz8CAwEAAaOCAlUwggJRMB0GA1UdDgQWBBTbCcOFyoZNBJX5UZX/fwe8V2HhdjAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz Ny8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMzM3LzJ3bkRoY3FHVFFTVi1WR1ZfMzhIdkZkaDRYWS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg+qowDQYJKoZIhvcNAQELBQAD ggEBAFR+92L9+eZgN1ct+2iMUMgLcCxu1mFGuOVbickz4GYGAO4PXJglC/dBxfzr PjWVjGZ2lmLlzraAHoZIvRyVofAtPqeks0QuXIB20C193OB2/jYH9CwRc6HNSC8s k9AzdaViMNuT9MS4r8oY6Kyv6vk9J5GZYZsX5mxQS76WonzIdHv9WkKNqbqD7F+n BOhHDY3lzaQzdaAZ6hbBNxczQ5fq6WPOAjE6M8mFqhc0ABj2lRacnMU5hvnxvZQC 7qbZhfNoZ9Wxd6TSSzEhXXCAz1Kiwrlr40/P1GdWLVvoYv++VHRX3CjjIT5ohJMs u6tnBQtDutPw571txMJLKKmiqNw= -----END CERTIFICATE-----Generated at Sat Apr 26 09:40:35 2025 by rpki-client