$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer File: fPRMBtXqffDL1PaFCPFOhNoIt1I.cer (raw, json) Hash identifier: jKXJFb1mQcxKXUfpTSfOnPlnjuhnEiaPODBOTSd1NL8= Subject key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: D0CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 25 Apr 2025 20:09:16 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.99.76.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53451 (0xd0cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 25 20:09:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a0:e3:11:52:82:b6:f4:63:ff:e3:90:5b:96: d1:41:61:76:d6:04:ba:04:90:e0:cb:e4:80:a9:75: 45:81:20:3f:3a:d2:21:19:0c:27:8d:d9:45:4c:b6: 2e:ac:05:a0:8c:cc:62:22:58:08:c1:53:a5:66:2e: 4d:81:86:44:47:be:7d:0c:a9:da:61:b7:ee:19:e5: 73:a4:27:21:f4:e8:27:bf:d4:a8:db:a5:a1:d6:36: 8f:62:85:1a:c3:15:67:3a:fe:76:95:c0:fb:7e:1c: 15:01:fa:9d:65:05:05:ac:c1:0c:51:b2:f4:c3:26: 5a:63:81:a1:eb:ec:e5:a6:7f:68:6c:0c:7a:3e:98: b3:a7:34:ef:40:ec:65:ce:be:3d:de:51:d3:95:20: bd:97:dd:60:76:55:ab:46:42:36:ca:7c:ab:39:01: 3a:8b:bc:2e:d9:c0:3d:60:1a:33:f4:04:f8:4a:28: 46:7b:3c:d4:ed:0f:00:9b:9e:76:fa:5f:2f:dd:7a: 2c:e0:07:9c:51:9a:e0:f5:ea:62:dc:3f:5a:8f:55: 46:47:18:2f:58:75:60:f8:21:cb:ff:e3:97:37:57: a3:a7:f9:3e:aa:02:e9:82:f1:1c:4e:cf:7e:c1:6c: 57:b9:ac:63:e3:fd:db:88:f9:23:fe:08:ca:bb:5d: a5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.99.76.0/22 Signature Algorithm: sha256WithRSAEncryption 93:ad:5f:df:23:1b:07:96:25:89:37:96:dc:6c:5c:6d:fd:f0: c3:5c:28:c4:e7:c2:11:da:94:8e:d2:43:6a:3e:c7:fe:14:e3: 47:fa:36:6d:ed:ac:14:bf:86:33:8b:db:19:0a:97:82:bd:dc: f8:f5:76:9d:fa:e1:81:74:64:bf:a0:14:5a:39:24:75:cf:6b: 0c:a0:87:9d:56:3c:67:09:f6:cf:18:cd:cf:8a:0e:98:fb:24: 9f:b2:3b:57:6a:ee:c3:e2:68:47:04:dc:39:ba:bb:8d:be:9c: 2a:6a:f7:15:e8:52:c1:3a:1b:7b:17:5d:6d:a2:a1:23:09:3d: ea:d5:7b:16:1c:81:ea:b8:1b:24:4c:be:9d:89:43:2b:ad:d3: 22:4f:54:1f:50:19:2f:52:44:53:e8:e6:36:85:0b:a9:c0:9d: 43:de:11:3a:27:b4:46:16:f9:7c:6e:34:56:bd:12:31:b3:a4: 00:47:c9:46:fb:bf:63:44:b5:5a:35:d7:38:d9:d0:58:34:34: 09:b6:a0:e3:86:8b:37:92:4a:53:3c:c6:ea:2b:4a:28:84:08: 29:a8:31:db:52:c9:3a:a5:4a:d2:ad:fd:94:74:c8:21:a6:28: be:2b:e3:eb:74:9d:11:b8:a1:81:f4:0b:ad:2b:ac:d5:74:59: 62:6f:34:fb -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDANDLMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MjUyMDA5MTZaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKDdDRjQ0QzA2RDVFQTdERjBDQkQ0RjY4NTA4RjE0RTg0REEwOEI3 NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfoOMRUoK29GP/45Bb ltFBYXbWBLoEkODL5ICpdUWBID860iEZDCeN2UVMti6sBaCMzGIiWAjBU6VmLk2B hkRHvn0Mqdpht+4Z5XOkJyH06Ce/1KjbpaHWNo9ihRrDFWc6/naVwPt+HBUB+p1l BQWswQxRsvTDJlpjgaHr7OWmf2hsDHo+mLOnNO9A7GXOvj3eUdOVIL2X3WB2VatG QjbKfKs5ATqLvC7ZwD1gGjP0BPhKKEZ7PNTtDwCbnnb6Xy/deizgB5xRmuD16mLc P1qPVUZHGC9YdWD4Icv/45c3V6On+T6qAumC8RxOz37BbFe5rGPj/duI+SP+CMq7 XaUxAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUfPRMBtXqffDL1PaFCPFOhNoIt1Iw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1 NzgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjU3OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ2NMMA0GCSqGSIb3DQEBCwUA A4IBAQCTrV/fIxsHliWJN5bcbFxt/fDDXCjE58IR2pSO0kNqPsf+FONH+jZt7awU v4Yzi9sZCpeCvdz49Xad+uGBdGS/oBRaOSR1z2sMoIedVjxnCfbPGM3Pig6Y+ySf sjtXau7D4mhHBNw5uruNvpwqavcV6FLBOht7F11toqEjCT3q1XsWHIHquBskTL6d iUMrrdMiT1QfUBkvUkRT6OY2hQupwJ1D3hE6J7RGFvl8bjRWvRIxs6QAR8lG+79j RLVaNdc42dBYNDQJtqDjhos3kkpTPMbqK0oohAgpqDHbUsk6pUrSrf2UdMghpii+ K+PrdJ0RuKGB9AutK6zVdFlibzT7 -----END CERTIFICATE-----Generated at Sat Apr 26 08:19:59 2025 by rpki-client