$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/YUdo14zf1NPTMMvhK6DxuTJ6rM8.cer File: YUdo14zf1NPTMMvhK6DxuTJ6rM8.cer (raw, json) Hash identifier: MB3sG3ZOeWvx+rzlEUSeyi38KoBX/Zc5jRHW7NrlHvw= Subject key identifier: 61:47:68:D7:8C:DF:D4:D3:D3:30:CB:E1:2B:A0:F1:B9:32:7A:AC:CF Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E14F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/YUdo14zf1NPTMMvhK6DxuTJ6rM8.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:07:06 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 103.98.124.0/22 IP: 103.98.248.0/21 IP: 2401:98c0::/32 IP: 2401:a5c0::/32 IP: 2401:a640::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57679 (0xe14f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:07:06 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=614768D78CDFD4D3D330CBE12BA0F1B9327AACCF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ee:c5:5d:9e:43:cd:8d:81:5b:89:65:8a:9d: 2e:f6:f3:10:b9:6e:de:d7:c4:4b:5a:43:bc:2e:cc: 4a:21:18:d7:c3:ce:5e:e1:27:aa:4d:08:15:3c:07: 68:0f:ff:33:fe:d6:a7:61:05:3e:7e:3e:4b:93:29: 44:c0:e0:fb:f9:32:1a:00:42:eb:7f:bb:dc:21:43: 7a:a3:fb:f2:4e:ca:f6:9a:96:4a:23:b1:cf:36:4a: b9:33:2c:e9:a0:0c:68:08:a2:12:52:13:01:55:30: 22:01:5a:29:e9:ea:59:3a:ce:eb:2b:a1:df:f2:db: 17:3a:0f:56:6b:a0:b0:db:12:3f:29:ac:df:50:a3: 85:1c:99:6e:ea:e6:ab:7c:c0:fa:ab:3a:00:a8:54: ce:79:12:55:7b:a8:fa:c3:b1:b2:d3:e5:01:85:0b: 7d:56:49:41:d9:51:5b:5d:81:d4:3e:ef:1b:60:6c: 29:61:0e:c5:f9:19:f4:76:7f:76:95:e1:89:31:7c: d0:18:82:81:16:c0:de:85:71:d4:f4:e8:65:31:64: 18:5d:e7:34:e7:f5:fe:9e:8d:b6:02:0e:6f:77:1c: 5f:c3:af:08:c3:fc:f7:b7:a6:69:f9:19:d5:c3:f5: 83:c6:cd:5e:84:ca:8a:ed:6a:de:28:73:59:9f:81: 3c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:47:68:D7:8C:DF:D4:D3:D3:30:CB:E1:2B:A0:F1:B9:32:7A:AC:CF X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3303/YUdo14zf1NPTMMvhK6DxuTJ6rM8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.124.0/22 103.98.248.0/21 IPv6: 2401:98c0::/32 2401:a5c0::/32 2401:a640::/32 Signature Algorithm: sha256WithRSAEncryption 5d:b4:a8:64:93:b5:ff:63:76:3e:51:a2:65:a9:c8:e1:8b:a6: 70:cb:7d:b8:97:d3:53:0f:4b:7a:0a:81:0e:5c:6f:64:48:7a: 92:a6:4b:e8:18:44:30:95:66:b6:9d:eb:8b:46:e1:2a:55:0b: 12:1f:91:83:86:9c:3c:3c:0d:0a:af:b1:f8:9f:38:66:28:a3: 0e:ac:24:b7:07:27:47:bb:13:8e:b8:5c:c2:97:5f:62:7b:da: 33:d8:90:01:81:75:d1:39:36:60:ba:fe:f1:47:49:ca:a3:6c: 1e:f4:c1:0b:a2:f2:ff:dd:c2:25:46:80:97:79:e1:64:85:c7: 89:59:f7:74:82:20:20:8a:b0:4b:49:8e:8f:dd:a8:6e:f0:53: 26:c3:ba:03:c0:1e:12:0e:47:e4:30:9f:a4:62:b7:2a:6a:fe: c0:2e:77:84:21:1d:71:6a:ad:e3:99:b9:ca:12:24:cd:94:d7: 3b:07:74:74:98:4d:c5:47:1f:b5:1f:87:e0:5c:77:56:07:2b: 87:b0:f7:95:3f:af:86:53:bb:c1:9b:a8:6c:e5:a3:09:6f:7b: 98:90:66:22:d9:11:60:31:77:6e:dd:42:e2:35:50:cd:b0:f2: d9:a0:19:83:d4:b9:25:bc:9f:16:cd:8c:77:16:6b:6f:64:b9: 42:9a:ee:bc -----BEGIN CERTIFICATE----- MIIFdDCCBFygAwIBAgIDAOFPMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA3MDZaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKDYxNDc2OEQ3OENERkQ0RDNEMzMwQ0JFMTJCQTBGMUI5MzI3QUFD Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC37sVdnkPNjYFbiWWK nS728xC5bt7XxEtaQ7wuzEohGNfDzl7hJ6pNCBU8B2gP/zP+1qdhBT5+PkuTKUTA 4Pv5MhoAQut/u9whQ3qj+/JOyvaalkojsc82SrkzLOmgDGgIohJSEwFVMCIBWinp 6lk6zusrod/y2xc6D1ZroLDbEj8prN9Qo4UcmW7q5qt8wPqrOgCoVM55ElV7qPrD sbLT5QGFC31WSUHZUVtdgdQ+7xtgbClhDsX5GfR2f3aV4YkxfNAYgoEWwN6FcdT0 6GUxZBhd5zTn9f6ejbYCDm93HF/DrwjD/Pe3pmn5GdXD9YPGzV6Eyortat4oc1mf gTypAgMBAAGjggJ4MIICdDAdBgNVHQ4EFgQUYUdo14zf1NPTMMvhK6DxuTJ6rM8w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz MDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzMwMy9ZVWRvMTR6ZjFOUFRNTXZoSzZEeHVUSjZyTTgubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCZ2J8AwQDZ2L4MBsEAgACMBUD BQAkAZjAAwUAJAGlwAMFACQBpkAwDQYJKoZIhvcNAQELBQADggEBAF20qGSTtf9j dj5RomWpyOGLpnDLfbiX01MPS3oKgQ5cb2RIepKmS+gYRDCVZrad64tG4SpVCxIf kYOGnDw8DQqvsfifOGYoow6sJLcHJ0e7E464XMKXX2J72jPYkAGBddE5NmC6/vFH ScqjbB70wQui8v/dwiVGgJd54WSFx4lZ93SCICCKsEtJjo/dqG7wUybDugPAHhIO R+Qwn6Ritypq/sAud4QhHXFqreOZucoSJM2U1zsHdHSYTcVHH7Ufh+Bcd1YHK4ew 95U/r4ZTu8GbqGzlowlve5iQZiLZEWAxd27dQuI1UM2w8tmgGYPUuSW8nxbNjHcW a29kuUKa7rw= -----END CERTIFICATE-----Generated at Wed Nov 5 15:51:30 2025 by rpki-client