$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/OpXd7iyMGeRxgIou20cqqm_g9Jg.cer File: OpXd7iyMGeRxgIou20cqqm_g9Jg.cer (raw, json) Hash identifier: IOQzPoanUb+xDGEjWsTQ2StHnORil5vapaiefIi97kg= Subject key identifier: 3A:95:DD:EE:2C:8C:19:E4:71:80:8A:2E:DB:47:2A:AA:6F:E0:F4:98 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E053 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/OpXd7iyMGeRxgIou20cqqm_g9Jg.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:04:14 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: AS: 151219 IP: 2401:aa20::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 14:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57427 (0xe053) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:04:14 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=3A95DDEE2C8C19E471808A2EDB472AAA6FE0F498 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e8:49:0c:1a:8f:92:44:66:a3:cc:e1:bc:ca: 85:6f:60:c5:c8:cc:6c:ee:39:be:c1:af:3f:88:5c: 75:1f:e5:52:e9:4d:8c:d5:ef:ad:08:a6:e6:86:39: 51:a2:eb:c1:8e:54:12:9c:53:cf:f9:b5:f7:7e:25: a6:e1:78:21:41:b3:9b:b5:77:ae:d2:8c:82:aa:ce: 01:11:ec:d0:a3:3c:38:7d:04:7c:b9:61:3d:c8:82: 1e:fb:2a:3c:ea:89:fb:2b:69:49:de:bc:88:1c:17: d7:57:b1:19:da:d5:52:b5:1c:73:91:69:92:84:65: 4d:e5:1d:67:5f:ba:6e:52:3c:bb:e4:1f:13:8d:c2: 62:be:21:47:6e:5f:05:35:f3:fa:0d:35:36:d1:11: d1:23:92:3c:99:8b:81:d1:7a:4e:42:ba:54:97:c8: 36:76:2b:8c:17:a3:fa:0b:1f:29:f6:3e:f8:34:ea: ab:f0:b8:51:df:4e:b2:23:08:13:c6:61:4e:8d:de: d3:15:00:31:1d:b9:30:6f:c0:d8:af:56:87:e3:1f: 6b:89:48:8a:32:51:4a:49:bc:7f:1a:48:09:6e:17: 5f:9d:9e:e5:78:b8:8d:d9:2d:bd:ab:79:61:75:10: ef:8f:51:35:30:8b:4a:3c:0a:a1:20:c2:f3:fa:b6: cc:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:95:DD:EE:2C:8C:19:E4:71:80:8A:2E:DB:47:2A:AA:6F:E0:F4:98 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3297/OpXd7iyMGeRxgIou20cqqm_g9Jg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151219 sbgp-ipAddrBlock: critical IPv6: 2401:aa20::/32 Signature Algorithm: sha256WithRSAEncryption 26:df:27:d6:5a:4b:09:d1:71:fe:46:ad:25:ed:b9:f8:3f:c1: ad:5c:d7:9c:50:17:c1:16:76:72:ed:94:be:13:4a:99:95:0e: e7:88:cb:d5:93:b1:57:05:56:c1:f2:d5:1c:34:78:f2:73:bc: 67:8e:01:3e:22:5d:bf:24:d1:48:c9:54:bf:db:0f:1a:f9:53: 48:09:26:4e:f9:f5:8b:a1:3f:80:50:43:f2:ad:9c:70:94:24: 73:9e:e5:a1:a9:cb:21:9b:43:79:08:b8:68:de:53:24:5e:68: 38:a9:b2:29:b1:21:42:7f:14:25:01:b9:89:c3:89:2c:91:66: 81:54:5d:3e:c4:a9:f6:fb:4c:d8:7a:52:9a:27:08:83:ae:af: c5:98:d3:ae:0c:98:47:6a:e7:31:77:89:a0:50:26:41:00:9d: fe:63:cb:4d:0d:b6:54:29:13:b1:3e:14:4c:8b:98:40:58:6a: 73:a8:e9:e1:05:a4:6f:f3:4c:6b:42:ba:c7:d9:54:8c:9f:89: d1:23:f6:26:4e:15:f8:5c:08:12:c7:d6:88:fa:a3:b6:1c:ca: 4d:dc:14:d1:9b:95:87:19:e3:53:36:4e:61:b2:96:44:f2:1d: 0f:d1:8d:0a:49:3b:0b:ed:fd:f4:94:e4:0f:8b:fa:b0:40:09: 0a:b0:d1:1c -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAOBTMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA0MTRaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKDNBOTVEREVFMkM4QzE5RTQ3MTgwOEEyRURCNDcyQUFBNkZFMEY0 OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC56EkMGo+SRGajzOG8 yoVvYMXIzGzuOb7Brz+IXHUf5VLpTYzV760IpuaGOVGi68GOVBKcU8/5tfd+Jabh eCFBs5u1d67SjIKqzgER7NCjPDh9BHy5YT3Igh77KjzqifsraUnevIgcF9dXsRna 1VK1HHORaZKEZU3lHWdfum5SPLvkHxONwmK+IUduXwU18/oNNTbREdEjkjyZi4HR ek5CulSXyDZ2K4wXo/oLHyn2Pvg06qvwuFHfTrIjCBPGYU6N3tMVADEduTBvwNiv VofjH2uJSIoyUUpJvH8aSAluF1+dnuV4uI3ZLb2reWF1EO+PUTUwi0o8CqEgwvP6 tswJAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQUOpXd7iyMGeRxgIou20cqqm/g9Jgw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy OTcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI5Ny9PcFhkN2l5TUdlUnhnSW91MjBjcXFtX2c5SmcubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJOszAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBqiAwDQYJKoZIhvcNAQELBQADggEBACbfJ9ZaSwnRcf5GrSXt ufg/wa1c15xQF8EWdnLtlL4TSpmVDueIy9WTsVcFVsHy1Rw0ePJzvGeOAT4iXb8k 0UjJVL/bDxr5U0gJJk759YuhP4BQQ/KtnHCUJHOe5aGpyyGbQ3kIuGjeUyReaDip simxIUJ/FCUBuYnDiSyRZoFUXT7Eqfb7TNh6UponCIOur8WY064MmEdq5zF3iaBQ JkEAnf5jy00NtlQpE7E+FEyLmEBYanOo6eEFpG/zTGtCusfZVIyfidEj9iZOFfhc CBLH1oj6o7Ycyk3cFNGblYcZ41M2TmGylkTyHQ/RjQpJOwvt/fSU5A+L+rBACQqw 0Rw= -----END CERTIFICATE-----Generated at Wed Nov 5 12:05:17 2025 by rpki-client