$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/YUdo14zf1NPTMMvhK6DxuTJ6rM8.cer File: YUdo14zf1NPTMMvhK6DxuTJ6rM8.cer (raw, json) Hash identifier: 8y7BZi6SftYi66pnvR80Vo3RVq1t5sPL3OR8obVfyFo= Subject key identifier: 61:47:68:D7:8C:DF:D4:D3:D3:30:CB:E1:2B:A0:F1:B9:32:7A:AC:CF Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CD3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/YUdo14zf1NPTMMvhK6DxuTJ6rM8.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:08:14 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.98.124.0/22 IP: 103.98.248.0/21 IP: 2401:98c0::/32 IP: 2401:a5c0::/32 IP: 2401:a640::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52543 (0xcd3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 3 08:08:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=614768D78CDFD4D3D330CBE12BA0F1B9327AACCF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ee:c5:5d:9e:43:cd:8d:81:5b:89:65:8a:9d: 2e:f6:f3:10:b9:6e:de:d7:c4:4b:5a:43:bc:2e:cc: 4a:21:18:d7:c3:ce:5e:e1:27:aa:4d:08:15:3c:07: 68:0f:ff:33:fe:d6:a7:61:05:3e:7e:3e:4b:93:29: 44:c0:e0:fb:f9:32:1a:00:42:eb:7f:bb:dc:21:43: 7a:a3:fb:f2:4e:ca:f6:9a:96:4a:23:b1:cf:36:4a: b9:33:2c:e9:a0:0c:68:08:a2:12:52:13:01:55:30: 22:01:5a:29:e9:ea:59:3a:ce:eb:2b:a1:df:f2:db: 17:3a:0f:56:6b:a0:b0:db:12:3f:29:ac:df:50:a3: 85:1c:99:6e:ea:e6:ab:7c:c0:fa:ab:3a:00:a8:54: ce:79:12:55:7b:a8:fa:c3:b1:b2:d3:e5:01:85:0b: 7d:56:49:41:d9:51:5b:5d:81:d4:3e:ef:1b:60:6c: 29:61:0e:c5:f9:19:f4:76:7f:76:95:e1:89:31:7c: d0:18:82:81:16:c0:de:85:71:d4:f4:e8:65:31:64: 18:5d:e7:34:e7:f5:fe:9e:8d:b6:02:0e:6f:77:1c: 5f:c3:af:08:c3:fc:f7:b7:a6:69:f9:19:d5:c3:f5: 83:c6:cd:5e:84:ca:8a:ed:6a:de:28:73:59:9f:81: 3c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:47:68:D7:8C:DF:D4:D3:D3:30:CB:E1:2B:A0:F1:B9:32:7A:AC:CF X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/YUdo14zf1NPTMMvhK6DxuTJ6rM8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.124.0/22 103.98.248.0/21 IPv6: 2401:98c0::/32 2401:a5c0::/32 2401:a640::/32 Signature Algorithm: sha256WithRSAEncryption 8e:89:f2:bc:0e:50:29:c0:7f:45:06:9f:e8:68:bc:32:6f:63: e2:90:ab:f3:11:33:58:ff:bb:a7:f7:de:7c:23:36:e4:4e:c6: 92:a4:29:8f:6f:b8:1d:ec:72:f7:56:1c:d9:1e:78:a1:58:69: 7f:87:bd:5e:7b:12:f9:d4:fa:41:8c:be:19:2f:8f:ae:b5:4c: b6:5c:03:f8:08:ba:5b:a2:f8:7d:1e:80:34:d3:15:7a:20:ca: 8b:0d:e5:97:a5:09:b8:1e:79:e3:b3:b4:cd:73:dc:bd:23:e6: 73:13:97:c0:f6:a4:0c:86:a1:16:26:50:4c:e0:05:f7:69:20: f5:9c:8f:7b:fc:ed:f9:e0:aa:fb:93:b7:ff:9b:9b:ab:18:05: 89:7b:93:1d:8b:ae:ef:d9:6b:82:51:50:d7:2a:71:6e:13:7d: c5:ab:86:0b:7c:16:80:27:df:99:a3:37:96:13:8f:9c:1d:84: eb:4e:73:b1:8e:6d:56:c0:44:c6:54:16:04:ce:e8:65:3a:1f: e4:1f:60:37:32:60:ff:07:6a:b6:ea:d6:d9:20:a0:6f:e8:c6: 0f:be:94:2f:a5:57:7c:97:38:98:72:6e:2a:fa:75:46:25:0f: e2:3f:12:15:29:79:98:52:7c:ad:c5:c0:18:1a:53:41:bb:e3: 55:c9:55:59 -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgIDAM0/MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODA4MTRaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDYxNDc2OEQ3OENERkQ0RDNEMzMwQ0JFMTJCQTBGMUI5MzI3QUFD Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC37sVdnkPNjYFbiWWK nS728xC5bt7XxEtaQ7wuzEohGNfDzl7hJ6pNCBU8B2gP/zP+1qdhBT5+PkuTKUTA 4Pv5MhoAQut/u9whQ3qj+/JOyvaalkojsc82SrkzLOmgDGgIohJSEwFVMCIBWinp 6lk6zusrod/y2xc6D1ZroLDbEj8prN9Qo4UcmW7q5qt8wPqrOgCoVM55ElV7qPrD sbLT5QGFC31WSUHZUVtdgdQ+7xtgbClhDsX5GfR2f3aV4YkxfNAYgoEWwN6FcdT0 6GUxZBhd5zTn9f6ejbYCDm93HF/DrwjD/Pe3pmn5GdXD9YPGzV6Eyortat4oc1mf gTypAgMBAAGjggJ4MIICdDAdBgNVHQ4EFgQUYUdo14zf1NPTMMvhK6DxuTJ6rM8w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMwMy9ZVWRvMTR6ZjFOUFRNTXZoSzZEeHVUSjZyTTgubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCZ2J8AwQDZ2L4MBsEAgACMBUD BQAkAZjAAwUAJAGlwAMFACQBpkAwDQYJKoZIhvcNAQELBQADggEBAI6J8rwOUCnA f0UGn+hovDJvY+KQq/MRM1j/u6f33nwjNuROxpKkKY9vuB3scvdWHNkeeKFYaX+H vV57EvnU+kGMvhkvj661TLZcA/gIului+H0egDTTFXogyosN5ZelCbgeeeOztM1z 3L0j5nMTl8D2pAyGoRYmUEzgBfdpIPWcj3v87fngqvuTt/+bm6sYBYl7kx2Lru/Z a4JRUNcqcW4TfcWrhgt8FoAn35mjN5YTj5wdhOtOc7GObVbARMZUFgTO6GU6H+Qf YDcyYP8Harbq1tkgoG/oxg++lC+lV3yXOJhybir6dUYlD+I/EhUpeZhSfK3FwBga U0G741XJVVk= -----END CERTIFICATE-----Generated at Sat Apr 26 08:22:57 2025 by rpki-client