$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/YUdo14zf1NPTMMvhK6DxuTJ6rM8.cer File: YUdo14zf1NPTMMvhK6DxuTJ6rM8.cer (raw, json) Hash identifier: Wwc1auSAlKlC88XgtrI0pm96m5S+DSRu+27wsx7+OSs= Subject key identifier: 61:47:68:D7:8C:DF:D4:D3:D3:30:CB:E1:2B:A0:F1:B9:32:7A:AC:CF Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: D8C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/YUdo14zf1NPTMMvhK6DxuTJ6rM8.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:13:45 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 103.98.124.0/22 IP: 103.98.248.0/21 IP: 2401:98c0::/32 IP: 2401:a5c0::/32 IP: 2401:a640::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 07:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55488 (0xd8c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 3 09:13:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=614768D78CDFD4D3D330CBE12BA0F1B9327AACCF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ee:c5:5d:9e:43:cd:8d:81:5b:89:65:8a:9d: 2e:f6:f3:10:b9:6e:de:d7:c4:4b:5a:43:bc:2e:cc: 4a:21:18:d7:c3:ce:5e:e1:27:aa:4d:08:15:3c:07: 68:0f:ff:33:fe:d6:a7:61:05:3e:7e:3e:4b:93:29: 44:c0:e0:fb:f9:32:1a:00:42:eb:7f:bb:dc:21:43: 7a:a3:fb:f2:4e:ca:f6:9a:96:4a:23:b1:cf:36:4a: b9:33:2c:e9:a0:0c:68:08:a2:12:52:13:01:55:30: 22:01:5a:29:e9:ea:59:3a:ce:eb:2b:a1:df:f2:db: 17:3a:0f:56:6b:a0:b0:db:12:3f:29:ac:df:50:a3: 85:1c:99:6e:ea:e6:ab:7c:c0:fa:ab:3a:00:a8:54: ce:79:12:55:7b:a8:fa:c3:b1:b2:d3:e5:01:85:0b: 7d:56:49:41:d9:51:5b:5d:81:d4:3e:ef:1b:60:6c: 29:61:0e:c5:f9:19:f4:76:7f:76:95:e1:89:31:7c: d0:18:82:81:16:c0:de:85:71:d4:f4:e8:65:31:64: 18:5d:e7:34:e7:f5:fe:9e:8d:b6:02:0e:6f:77:1c: 5f:c3:af:08:c3:fc:f7:b7:a6:69:f9:19:d5:c3:f5: 83:c6:cd:5e:84:ca:8a:ed:6a:de:28:73:59:9f:81: 3c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:47:68:D7:8C:DF:D4:D3:D3:30:CB:E1:2B:A0:F1:B9:32:7A:AC:CF X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/YUdo14zf1NPTMMvhK6DxuTJ6rM8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.124.0/22 103.98.248.0/21 IPv6: 2401:98c0::/32 2401:a5c0::/32 2401:a640::/32 Signature Algorithm: sha256WithRSAEncryption 9f:2c:b0:6a:70:d9:4e:8d:fe:f9:cb:5f:cc:9b:1c:19:32:41: a8:c1:f3:40:88:7d:88:6e:e0:89:91:07:02:44:1c:19:51:e7: ce:c7:78:8b:fd:49:26:a2:d0:2c:cf:cd:28:5a:e5:82:0c:c5: 20:cb:89:8b:24:c4:bf:62:2d:b5:a9:46:75:85:f9:ad:05:83: 0f:e1:5b:e7:32:34:9e:b8:9c:30:27:de:f4:a7:91:be:50:33: f1:95:7a:9e:56:81:10:92:57:af:16:ca:57:55:5c:58:b6:ca: cc:ca:8e:7a:07:69:26:b7:6f:23:3d:ce:8e:56:c2:bf:0f:61: bf:99:8a:91:7c:3f:54:83:bf:7f:e4:14:ca:c0:06:47:6c:12: b9:2d:11:cc:e0:6a:bf:45:39:6e:79:24:6d:1b:cd:d1:0c:d6: 03:e1:76:07:27:a0:fd:c4:49:96:ae:2d:dd:f0:93:c4:7c:c4: 18:af:e3:78:6f:e9:8b:ce:d7:e1:91:eb:5c:02:8e:65:fa:f4: 6d:e2:f8:fd:6c:71:e7:54:55:3c:43:47:6b:d7:f2:48:e5:5e: 5b:f6:2b:9f:e3:e5:2e:1e:0a:88:ba:e9:00:04:22:04:97:60: 0b:e9:ad:93:02:40:5b:73:ba:c4:bf:e0:59:bc:b7:a1:99:10: 2a:af:28:54 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgIDANjAMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA4MDMwOTEzNDVaFw0yNjA4MDMwODQ0NDBaMDMx MTAvBgNVBAMTKDYxNDc2OEQ3OENERkQ0RDNEMzMwQ0JFMTJCQTBGMUI5MzI3QUFD Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC37sVdnkPNjYFbiWWK nS728xC5bt7XxEtaQ7wuzEohGNfDzl7hJ6pNCBU8B2gP/zP+1qdhBT5+PkuTKUTA 4Pv5MhoAQut/u9whQ3qj+/JOyvaalkojsc82SrkzLOmgDGgIohJSEwFVMCIBWinp 6lk6zusrod/y2xc6D1ZroLDbEj8prN9Qo4UcmW7q5qt8wPqrOgCoVM55ElV7qPrD sbLT5QGFC31WSUHZUVtdgdQ+7xtgbClhDsX5GfR2f3aV4YkxfNAYgoEWwN6FcdT0 6GUxZBhd5zTn9f6ejbYCDm93HF/DrwjD/Pe3pmn5GdXD9YPGzV6Eyortat4oc1mf gTypAgMBAAGjggJ4MIICdDAdBgNVHQ4EFgQUYUdo14zf1NPTMMvhK6DxuTJ6rM8w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMwMy9ZVWRvMTR6ZjFOUFRNTXZoSzZEeHVUSjZyTTgubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCZ2J8AwQDZ2L4MBsEAgACMBUD BQAkAZjAAwUAJAGlwAMFACQBpkAwDQYJKoZIhvcNAQELBQADggEBAJ8ssGpw2U6N /vnLX8ybHBkyQajB80CIfYhu4ImRBwJEHBlR587HeIv9SSai0CzPzSha5YIMxSDL iYskxL9iLbWpRnWF+a0Fgw/hW+cyNJ64nDAn3vSnkb5QM/GVep5WgRCSV68WyldV XFi2yszKjnoHaSa3byM9zo5Wwr8PYb+ZipF8P1SDv3/kFMrABkdsErktEczgar9F OW55JG0bzdEM1gPhdgcnoP3ESZauLd3wk8R8xBiv43hv6YvO1+GR61wCjmX69G3i +P1scedUVTxDR2vX8kjlXlv2K5/j5S4eCoi66QAEIgSXYAvprZMCQFtzusS/4Fm8 t6GZECqvKFQ= -----END CERTIFICATE-----Generated at Wed Aug 13 04:31:26 2025 by rpki-client