$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/OpXd7iyMGeRxgIou20cqqm_g9Jg.cer File: OpXd7iyMGeRxgIou20cqqm_g9Jg.cer (raw, json) Hash identifier: R5uYjm7bV5YZ7Y8LbR2gJ191yIQGPmT7G8ziI+PgI5A= Subject key identifier: 3A:95:DD:EE:2C:8C:19:E4:71:80:8A:2E:DB:47:2A:AA:6F:E0:F4:98 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CC9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/OpXd7iyMGeRxgIou20cqqm_g9Jg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:05:13 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: AS: 151219 IP: 2401:aa20::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52379 (0xcc9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 3 08:05:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3A95DDEE2C8C19E471808A2EDB472AAA6FE0F498 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e8:49:0c:1a:8f:92:44:66:a3:cc:e1:bc:ca: 85:6f:60:c5:c8:cc:6c:ee:39:be:c1:af:3f:88:5c: 75:1f:e5:52:e9:4d:8c:d5:ef:ad:08:a6:e6:86:39: 51:a2:eb:c1:8e:54:12:9c:53:cf:f9:b5:f7:7e:25: a6:e1:78:21:41:b3:9b:b5:77:ae:d2:8c:82:aa:ce: 01:11:ec:d0:a3:3c:38:7d:04:7c:b9:61:3d:c8:82: 1e:fb:2a:3c:ea:89:fb:2b:69:49:de:bc:88:1c:17: d7:57:b1:19:da:d5:52:b5:1c:73:91:69:92:84:65: 4d:e5:1d:67:5f:ba:6e:52:3c:bb:e4:1f:13:8d:c2: 62:be:21:47:6e:5f:05:35:f3:fa:0d:35:36:d1:11: d1:23:92:3c:99:8b:81:d1:7a:4e:42:ba:54:97:c8: 36:76:2b:8c:17:a3:fa:0b:1f:29:f6:3e:f8:34:ea: ab:f0:b8:51:df:4e:b2:23:08:13:c6:61:4e:8d:de: d3:15:00:31:1d:b9:30:6f:c0:d8:af:56:87:e3:1f: 6b:89:48:8a:32:51:4a:49:bc:7f:1a:48:09:6e:17: 5f:9d:9e:e5:78:b8:8d:d9:2d:bd:ab:79:61:75:10: ef:8f:51:35:30:8b:4a:3c:0a:a1:20:c2:f3:fa:b6: cc:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:95:DD:EE:2C:8C:19:E4:71:80:8A:2E:DB:47:2A:AA:6F:E0:F4:98 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/OpXd7iyMGeRxgIou20cqqm_g9Jg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151219 sbgp-ipAddrBlock: critical IPv6: 2401:aa20::/32 Signature Algorithm: sha256WithRSAEncryption 06:5e:f8:75:40:6b:8e:95:43:03:f7:50:5d:e2:da:a1:04:c2: e2:80:c3:f0:30:ff:1e:66:5e:9a:ce:18:71:62:ce:54:83:4a: a2:9a:f0:5f:71:73:ae:e1:8a:12:a5:5e:88:d9:8d:07:1b:61: b7:1c:7f:ac:2e:d6:02:ae:99:db:6c:08:bb:c3:1c:54:df:e5: 72:7f:3b:cc:92:13:c3:78:74:8e:3e:93:2c:1c:75:0b:90:71: 34:0b:78:e0:dd:ba:45:bc:1c:85:cf:b3:c8:e8:7a:5c:41:f2: 5e:bc:99:a6:1c:12:93:a4:d4:e0:43:8e:5b:77:ab:10:c9:10: 93:8d:b3:2c:b2:b8:aa:f0:b4:00:30:63:41:9d:d8:74:7e:6e: 72:d6:94:d3:41:9b:e0:1a:4c:e0:2d:b5:62:b7:26:51:7c:49: 23:76:e3:04:6b:a2:30:6f:17:29:63:c6:55:03:00:eb:d4:27: 92:94:21:81:68:21:5a:f0:70:aa:91:dd:03:3e:2c:f3:f0:16: 5d:18:0e:04:d8:64:29:10:71:f1:04:90:4e:ca:9d:d4:45:aa: fd:97:8a:e5:c5:01:ed:51:28:aa:c1:1c:b3:8e:2d:df:48:dd: c7:f1:87:fc:85:4f:c0:31:d2:47:c2:23:4c:4f:7e:db:28:eb: 9c:7d:8b:11 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAMybMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA1MTNaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDNBOTVEREVFMkM4QzE5RTQ3MTgwOEEyRURCNDcyQUFBNkZFMEY0 OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC56EkMGo+SRGajzOG8 yoVvYMXIzGzuOb7Brz+IXHUf5VLpTYzV760IpuaGOVGi68GOVBKcU8/5tfd+Jabh eCFBs5u1d67SjIKqzgER7NCjPDh9BHy5YT3Igh77KjzqifsraUnevIgcF9dXsRna 1VK1HHORaZKEZU3lHWdfum5SPLvkHxONwmK+IUduXwU18/oNNTbREdEjkjyZi4HR ek5CulSXyDZ2K4wXo/oLHyn2Pvg06qvwuFHfTrIjCBPGYU6N3tMVADEduTBvwNiv VofjH2uJSIoyUUpJvH8aSAluF1+dnuV4uI3ZLb2reWF1EO+PUTUwi0o8CqEgwvP6 tswJAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQUOpXd7iyMGeRxgIou20cqqm/g9Jgw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy OTcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI5Ny9PcFhkN2l5TUdlUnhnSW91MjBjcXFtX2c5SmcubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJOszAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBqiAwDQYJKoZIhvcNAQELBQADggEBAAZe+HVAa46VQwP3UF3i 2qEEwuKAw/Aw/x5mXprOGHFizlSDSqKa8F9xc67hihKlXojZjQcbYbccf6wu1gKu mdtsCLvDHFTf5XJ/O8ySE8N4dI4+kywcdQuQcTQLeODdukW8HIXPs8joelxB8l68 maYcEpOk1OBDjlt3qxDJEJONsyyyuKrwtAAwY0Gd2HR+bnLWlNNBm+AaTOAttWK3 JlF8SSN24wRrojBvFyljxlUDAOvUJ5KUIYFoIVrwcKqR3QM+LPPwFl0YDgTYZCkQ cfEEkE7KndRFqv2XiuXFAe1RKKrBHLOOLd9I3cfxh/yFT8Ax0kfCI0xPftso65x9 ixE= -----END CERTIFICATE-----Generated at Sat Apr 26 08:19:54 2025 by rpki-client