$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/YBt2TrIFMYSt13mb83x-Ctsz99w.cer File: YBt2TrIFMYSt13mb83x-Ctsz99w.cer (raw, json) Hash identifier: l3He9fU0v6uLPy8P/aM43jWIGYyxfMkoIL4/o8PmUFM= Subject key identifier: 60:1B:76:4E:B2:05:31:84:AD:D7:79:9B:F3:7C:7E:0A:DB:33:F7:DC Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: D9C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3336/YBt2TrIFMYSt13mb83x-Ctsz99w.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3336/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:17:17 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 2401:dd60::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 07:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55744 (0xd9c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 3 09:17:17 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=601B764EB2053184ADD7799BF37C7E0ADB33F7DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:86:2d:8b:3d:6f:c2:e2:da:f9:ce:f9:51:f5: 04:63:64:4a:85:6c:6c:f6:13:8e:80:3b:db:bb:65: fe:55:b3:49:25:03:09:8e:58:39:04:7e:6f:a9:84: 71:59:66:94:6c:20:a5:4d:4c:90:88:b8:fa:b2:13: 8d:89:91:c6:40:ad:de:30:be:5a:0a:e7:9d:aa:1e: 0d:23:97:71:f1:ec:67:3f:37:47:2d:9f:d4:b5:35: 4c:79:f0:9d:e3:bb:3c:51:30:1d:f7:a2:29:67:35: 62:1a:16:02:ff:1f:e9:be:53:b2:df:72:f1:c7:8f: 5a:1f:98:82:a5:98:3e:d8:f8:ff:87:44:48:6d:bc: 66:0b:e5:30:db:d6:69:cb:39:00:fa:e3:ea:ec:17: 28:68:eb:25:1d:4a:23:92:6c:a1:cc:15:a1:bf:8e: b4:a7:c2:c6:de:7c:51:55:fe:0f:da:66:21:0f:11: f9:55:35:b2:fa:ac:db:9f:8e:0a:77:38:18:c8:d4: 78:1d:67:5b:67:a6:41:59:aa:a0:46:fe:c6:ba:d1: 84:e3:47:dc:c4:02:60:d2:51:76:78:54:25:74:21: 85:0d:19:f8:df:3c:4d:38:04:06:d4:58:c0:74:74: 76:d4:b0:bf:59:11:57:9a:cb:46:4a:8f:b4:89:af: 4f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:1B:76:4E:B2:05:31:84:AD:D7:79:9B:F3:7C:7E:0A:DB:33:F7:DC X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3336/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3336/YBt2TrIFMYSt13mb83x-Ctsz99w.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:dd60::/32 Signature Algorithm: sha256WithRSAEncryption 94:92:84:1f:bb:d7:42:6e:ea:a0:60:7e:50:ad:c4:5a:d9:ab: 58:7e:e5:43:33:8b:d0:1a:45:ce:d6:dd:4e:fd:00:f6:13:30: 93:6d:39:0c:39:cc:5c:32:ee:02:20:bf:c8:95:99:d8:04:d3: bd:fd:a1:cb:50:3a:37:1c:63:e9:27:1f:96:ff:f7:ac:0f:89: 1a:2c:32:48:c2:88:04:5d:6f:1b:01:11:d5:df:bb:fb:67:d8: 07:11:38:b5:45:09:74:91:17:d0:0e:4f:23:c4:23:6a:b3:11: b3:55:a5:50:61:22:d8:19:58:f6:08:71:d8:bd:ff:e1:62:03: 2d:b1:4e:da:45:9b:2f:67:26:05:b4:25:f3:d4:e9:c0:3f:f9: 76:d1:ef:37:64:81:f4:0f:5c:35:66:ff:a0:87:31:37:8e:53: 4f:fb:29:fd:62:df:39:6a:fe:b0:ec:d0:46:69:2a:65:64:f4: 04:30:d0:7a:dc:7d:ed:3f:af:ec:67:92:e7:0d:29:ed:5e:1d: 3a:af:a2:b4:b8:bc:03:85:31:82:e8:8e:ef:b1:ae:34:e5:7d: 9f:90:77:c1:24:9d:7f:39:82:93:45:85:23:33:f4:69:0c:2d: c1:89:6b:b9:69:a3:27:f0:c7:ea:9a:7b:8c:b2:f8:fc:c2:7d: f3:64:5f:c2 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIDANnAMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA4MDMwOTE3MTdaFw0yNjA4MDMwODQ0NDBaMDMx MTAvBgNVBAMTKDYwMUI3NjRFQjIwNTMxODRBREQ3Nzk5QkYzN0M3RTBBREIzM0Y3 REMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXhi2LPW/C4tr5zvlR 9QRjZEqFbGz2E46AO9u7Zf5Vs0klAwmOWDkEfm+phHFZZpRsIKVNTJCIuPqyE42J kcZArd4wvloK552qHg0jl3Hx7Gc/N0ctn9S1NUx58J3juzxRMB33oilnNWIaFgL/ H+m+U7LfcvHHj1ofmIKlmD7Y+P+HREhtvGYL5TDb1mnLOQD64+rsFyho6yUdSiOS bKHMFaG/jrSnwsbefFFV/g/aZiEPEflVNbL6rNufjgp3OBjI1HgdZ1tnpkFZqqBG /sa60YTjR9zEAmDSUXZ4VCV0IYUNGfjfPE04BAbUWMB0dHbUsL9ZEVeay0ZKj7SJ r09PAgMBAAGjggJWMIICUjAdBgNVHQ4EFgQUYBt2TrIFMYSt13mb83x+Ctsz99ww HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MzYvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMzNi9ZQnQyVHJJRk1ZU3QxM21iODN4LUN0c3o5OXcubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHdYDANBgkqhkiG9w0BAQsF AAOCAQEAlJKEH7vXQm7qoGB+UK3EWtmrWH7lQzOL0BpFztbdTv0A9hMwk205DDnM XDLuAiC/yJWZ2ATTvf2hy1A6Nxxj6Scflv/3rA+JGiwySMKIBF1vGwER1d+7+2fY BxE4tUUJdJEX0A5PI8QjarMRs1WlUGEi2BlY9ghx2L3/4WIDLbFO2kWbL2cmBbQl 89TpwD/5dtHvN2SB9A9cNWb/oIcxN45TT/sp/WLfOWr+sOzQRmkqZWT0BDDQetx9 7T+v7GeS5w0p7V4dOq+itLi8A4UxguiO77GuNOV9n5B3wSSdfzmCk0WFIzP0aQwt wYlruWmjJ/DH6pp7jLL4/MJ982Rfwg== -----END CERTIFICATE-----Generated at Wed Aug 13 06:01:06 2025 by rpki-client