$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/4D4PjKiQjhc6NwrDMIv3bA6iep0.cer File: 4D4PjKiQjhc6NwrDMIv3bA6iep0.cer (raw, json) Hash identifier: 1JeHJ4rWF02U9HMdRIVm2ZvCsdAL6XK1DoqgZl/0o2g= Subject key identifier: E0:3E:0F:8C:A8:90:8E:17:3A:37:0A:C3:30:8B:F7:6C:0E:A2:7A:9D Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CD09 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/4D4PjKiQjhc6NwrDMIv3bA6iep0.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:07:16 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: AS: 151223 IP: 2401:b6e0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52489 (0xcd09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 3 08:07:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E03E0F8CA8908E173A370AC3308BF76C0EA27A9D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:e0:6c:e4:60:11:f0:85:90:0f:41:0a:d8:e4: 21:5a:e9:4f:72:6b:6f:39:7f:8c:e9:1a:03:73:08: 79:fc:db:da:23:47:06:72:a4:28:41:a5:da:cb:e4: 96:91:4d:12:bc:c9:c2:1f:d5:5d:e5:2b:c5:84:5e: 7b:12:0a:60:c3:d4:7a:a7:8d:a2:74:aa:45:42:a1: 1a:f1:81:e9:6b:52:d7:c8:51:2b:24:7a:73:3a:d4: 1b:36:15:0d:16:ee:48:fb:4b:20:22:22:c6:46:92: 64:0a:65:9e:41:68:14:fd:93:9c:c0:bc:a9:00:6e: 8a:b0:06:7a:91:18:4d:b5:2c:2d:ff:d0:f9:99:42: bc:a1:91:0d:e0:1b:f7:5f:72:26:f4:69:ee:e5:92: f0:a7:5d:ae:18:29:0c:82:95:c9:9b:33:26:5b:6c: 37:d0:48:12:61:62:10:19:9f:e0:29:19:10:46:27: f9:25:38:9d:8b:c3:fb:b2:bb:f1:49:4c:e1:49:ef: 95:2d:06:bb:a3:70:a4:2a:f5:74:54:f8:ee:5e:59: 5c:28:aa:7f:c9:8e:ba:99:f7:39:99:a7:41:88:29: ba:ba:e8:01:cb:e2:ca:76:f4:e6:f5:f6:4d:58:23: 88:b9:2f:98:b3:41:5e:44:d0:74:21:00:f1:d2:b1: be:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:3E:0F:8C:A8:90:8E:17:3A:37:0A:C3:30:8B:F7:6C:0E:A2:7A:9D X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/4D4PjKiQjhc6NwrDMIv3bA6iep0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151223 sbgp-ipAddrBlock: critical IPv6: 2401:b6e0::/32 Signature Algorithm: sha256WithRSAEncryption 2f:0d:e0:f2:16:3e:c0:ef:ec:66:6e:bf:d1:76:93:55:fa:04: 37:48:a8:e7:25:ae:ad:df:fb:2f:4f:57:13:69:0d:ca:56:38: d6:34:2e:de:f2:f5:7f:95:44:a8:f0:7c:f0:77:ce:a9:b1:be: c4:8e:66:80:f3:e9:98:0d:eb:f4:d8:c0:a8:15:1f:b1:f8:d4: 47:4d:40:51:2d:3e:62:08:c8:5c:94:69:6b:8e:93:c9:e4:c1: 8a:f6:1b:14:e1:e3:bc:31:14:ae:a5:f0:bf:a3:8d:be:c5:fc: 57:31:4e:08:97:14:25:49:d9:5d:71:ac:0d:1f:2c:79:41:ad: 76:cb:b5:4c:3a:19:76:7f:0b:e6:5f:43:1e:4b:83:3a:84:2e: 40:7c:47:fe:97:7e:ec:28:80:d6:7e:cc:93:9f:7c:42:80:a3: f2:c6:75:a8:0a:9a:54:a2:63:34:0d:dc:b8:54:9c:c0:a5:4c: 47:3f:91:d5:9c:93:91:1c:af:08:c7:ce:38:c1:80:f3:5f:ff: c3:66:76:a3:f0:a7:39:f4:c0:09:40:1e:b2:2f:63:0c:50:0f: 42:e1:d2:cd:87:55:ad:3a:ae:aa:7f:5f:98:68:8b:37:6a:cb: 9c:2a:7a:95:08:3c:a6:ce:93:9d:5c:d2:1e:e5:8b:7e:8c:c6: 8f:4f:18:7e -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAM0JMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA3MTZaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKEUwM0UwRjhDQTg5MDhFMTczQTM3MEFDMzMwOEJGNzZDMEVBMjdB OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ4GzkYBHwhZAPQQrY 5CFa6U9ya285f4zpGgNzCHn829ojRwZypChBpdrL5JaRTRK8ycIf1V3lK8WEXnsS CmDD1HqnjaJ0qkVCoRrxgelrUtfIUSskenM61Bs2FQ0W7kj7SyAiIsZGkmQKZZ5B aBT9k5zAvKkAboqwBnqRGE21LC3/0PmZQryhkQ3gG/dfcib0ae7lkvCnXa4YKQyC lcmbMyZbbDfQSBJhYhAZn+ApGRBGJ/klOJ2Lw/uyu/FJTOFJ75UtBrujcKQq9XRU +O5eWVwoqn/JjrqZ9zmZp0GIKbq66AHL4sp29Ob19k1YI4i5L5izQV5E0HQhAPHS sb6rAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQU4D4PjKiQjhc6NwrDMIv3bA6iep0w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMwNy80RDRQaktpUWpoYzZOd3JETUl2M2JBNmllcDAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJOtzAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBtuAwDQYJKoZIhvcNAQELBQADggEBAC8N4PIWPsDv7GZuv9F2 k1X6BDdIqOclrq3f+y9PVxNpDcpWONY0Lt7y9X+VRKjwfPB3zqmxvsSOZoDz6ZgN 6/TYwKgVH7H41EdNQFEtPmIIyFyUaWuOk8nkwYr2GxTh47wxFK6l8L+jjb7F/Fcx TgiXFCVJ2V1xrA0fLHlBrXbLtUw6GXZ/C+ZfQx5LgzqELkB8R/6XfuwogNZ+zJOf fEKAo/LGdagKmlSiYzQN3LhUnMClTEc/kdWck5EcrwjHzjjBgPNf/8NmdqPwpzn0 wAlAHrIvYwxQD0Lh0s2HVa06rqp/X5hoizdqy5wqepUIPKbOk51c0h7li36Mxo9P GH4= -----END CERTIFICATE-----Generated at Sat Apr 26 08:16:51 2025 by rpki-client