$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/4D4PjKiQjhc6NwrDMIv3bA6iep0.cer File: 4D4PjKiQjhc6NwrDMIv3bA6iep0.cer (raw, json) Hash identifier: m173eX6+xkA8JTv8lEsTBkIedBvRr/vA4TxUPDq/FPc= Subject key identifier: E0:3E:0F:8C:A8:90:8E:17:3A:37:0A:C3:30:8B:F7:6C:0E:A2:7A:9D Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E1BB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/4D4PjKiQjhc6NwrDMIv3bA6iep0.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:08:26 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: AS: 151223 IP: 2401:b6e0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 14:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57787 (0xe1bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:08:26 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=E03E0F8CA8908E173A370AC3308BF76C0EA27A9D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:e0:6c:e4:60:11:f0:85:90:0f:41:0a:d8:e4: 21:5a:e9:4f:72:6b:6f:39:7f:8c:e9:1a:03:73:08: 79:fc:db:da:23:47:06:72:a4:28:41:a5:da:cb:e4: 96:91:4d:12:bc:c9:c2:1f:d5:5d:e5:2b:c5:84:5e: 7b:12:0a:60:c3:d4:7a:a7:8d:a2:74:aa:45:42:a1: 1a:f1:81:e9:6b:52:d7:c8:51:2b:24:7a:73:3a:d4: 1b:36:15:0d:16:ee:48:fb:4b:20:22:22:c6:46:92: 64:0a:65:9e:41:68:14:fd:93:9c:c0:bc:a9:00:6e: 8a:b0:06:7a:91:18:4d:b5:2c:2d:ff:d0:f9:99:42: bc:a1:91:0d:e0:1b:f7:5f:72:26:f4:69:ee:e5:92: f0:a7:5d:ae:18:29:0c:82:95:c9:9b:33:26:5b:6c: 37:d0:48:12:61:62:10:19:9f:e0:29:19:10:46:27: f9:25:38:9d:8b:c3:fb:b2:bb:f1:49:4c:e1:49:ef: 95:2d:06:bb:a3:70:a4:2a:f5:74:54:f8:ee:5e:59: 5c:28:aa:7f:c9:8e:ba:99:f7:39:99:a7:41:88:29: ba:ba:e8:01:cb:e2:ca:76:f4:e6:f5:f6:4d:58:23: 88:b9:2f:98:b3:41:5e:44:d0:74:21:00:f1:d2:b1: be:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:3E:0F:8C:A8:90:8E:17:3A:37:0A:C3:30:8B:F7:6C:0E:A2:7A:9D X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/4D4PjKiQjhc6NwrDMIv3bA6iep0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151223 sbgp-ipAddrBlock: critical IPv6: 2401:b6e0::/32 Signature Algorithm: sha256WithRSAEncryption 08:99:8a:d2:39:fd:74:46:fb:3e:00:8e:43:4e:2d:2c:f1:39: 22:40:45:0e:6c:df:8d:30:5e:68:9c:76:e5:ba:2b:dc:c7:82: a3:71:2c:f3:9a:a4:e4:b3:d0:b5:d6:fb:68:4b:5c:6f:05:82: 60:d8:09:94:17:ce:6f:f7:c3:7f:3e:6b:3e:0e:e5:41:21:63: 18:73:ec:74:0e:fe:d0:59:c2:f1:16:71:31:07:d7:03:5e:8c: da:0d:e5:69:5a:fc:67:0c:02:c5:2f:96:80:b9:57:8b:c0:75: b1:c2:e2:5b:dd:b5:17:8c:cc:c3:69:b6:a0:00:41:80:b8:12: 71:4d:11:13:e9:b3:29:30:bd:53:11:b7:99:e7:b0:80:3b:fb: 0f:ea:c6:70:b2:85:5d:de:e2:d0:eb:ce:20:1b:cb:ff:70:4b: 88:bb:b6:7e:fe:51:56:63:81:c8:74:80:3f:21:42:c5:f5:8f: 41:00:44:94:24:97:a0:10:da:6a:33:b1:05:04:77:cc:3d:bc: ae:87:be:d9:87:4a:e6:94:b0:ee:a1:27:23:7e:3d:59:74:75: 51:15:9b:6d:a1:a8:1b:59:5b:f4:ce:39:65:fe:53:45:50:b4: 32:0d:1a:02:e0:e9:07:07:db:95:cb:8d:ff:f1:4e:41:5b:1b: fe:91:94:22 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAOG7MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA4MjZaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKEUwM0UwRjhDQTg5MDhFMTczQTM3MEFDMzMwOEJGNzZDMEVBMjdB OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ4GzkYBHwhZAPQQrY 5CFa6U9ya285f4zpGgNzCHn829ojRwZypChBpdrL5JaRTRK8ycIf1V3lK8WEXnsS CmDD1HqnjaJ0qkVCoRrxgelrUtfIUSskenM61Bs2FQ0W7kj7SyAiIsZGkmQKZZ5B aBT9k5zAvKkAboqwBnqRGE21LC3/0PmZQryhkQ3gG/dfcib0ae7lkvCnXa4YKQyC lcmbMyZbbDfQSBJhYhAZn+ApGRBGJ/klOJ2Lw/uyu/FJTOFJ75UtBrujcKQq9XRU +O5eWVwoqn/JjrqZ9zmZp0GIKbq66AHL4sp29Ob19k1YI4i5L5izQV5E0HQhAPHS sb6rAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQU4D4PjKiQjhc6NwrDMIv3bA6iep0w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMwNy80RDRQaktpUWpoYzZOd3JETUl2M2JBNmllcDAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJOtzAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBtuAwDQYJKoZIhvcNAQELBQADggEBAAiZitI5/XRG+z4AjkNO LSzxOSJARQ5s340wXmicduW6K9zHgqNxLPOapOSz0LXW+2hLXG8FgmDYCZQXzm/3 w38+az4O5UEhYxhz7HQO/tBZwvEWcTEH1wNejNoN5Wla/GcMAsUvloC5V4vAdbHC 4lvdtReMzMNptqAAQYC4EnFNERPpsykwvVMRt5nnsIA7+w/qxnCyhV3e4tDrziAb y/9wS4i7tn7+UVZjgch0gD8hQsX1j0EARJQkl6AQ2mozsQUEd8w9vK6HvtmHSuaU sO6hJyN+PVl0dVEVm22hqBtZW/TOOWX+U0VQtDINGgLg6QcH25XLjf/xTkFbG/6R lCI= -----END CERTIFICATE-----Generated at Wed Nov 5 13:32:50 2025 by rpki-client