$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer File: fPRMBtXqffDL1PaFCPFOhNoIt1I.cer (raw, json) Hash identifier: vLyLY8mxqO9M2D1XPn/m/YEee0wThAnd2v+vwTebuII= Subject key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: DA54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:18:58 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 103.99.76.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:05:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55892 (0xda54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 3 09:18:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a0:e3:11:52:82:b6:f4:63:ff:e3:90:5b:96: d1:41:61:76:d6:04:ba:04:90:e0:cb:e4:80:a9:75: 45:81:20:3f:3a:d2:21:19:0c:27:8d:d9:45:4c:b6: 2e:ac:05:a0:8c:cc:62:22:58:08:c1:53:a5:66:2e: 4d:81:86:44:47:be:7d:0c:a9:da:61:b7:ee:19:e5: 73:a4:27:21:f4:e8:27:bf:d4:a8:db:a5:a1:d6:36: 8f:62:85:1a:c3:15:67:3a:fe:76:95:c0:fb:7e:1c: 15:01:fa:9d:65:05:05:ac:c1:0c:51:b2:f4:c3:26: 5a:63:81:a1:eb:ec:e5:a6:7f:68:6c:0c:7a:3e:98: b3:a7:34:ef:40:ec:65:ce:be:3d:de:51:d3:95:20: bd:97:dd:60:76:55:ab:46:42:36:ca:7c:ab:39:01: 3a:8b:bc:2e:d9:c0:3d:60:1a:33:f4:04:f8:4a:28: 46:7b:3c:d4:ed:0f:00:9b:9e:76:fa:5f:2f:dd:7a: 2c:e0:07:9c:51:9a:e0:f5:ea:62:dc:3f:5a:8f:55: 46:47:18:2f:58:75:60:f8:21:cb:ff:e3:97:37:57: a3:a7:f9:3e:aa:02:e9:82:f1:1c:4e:cf:7e:c1:6c: 57:b9:ac:63:e3:fd:db:88:f9:23:fe:08:ca:bb:5d: a5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.99.76.0/22 Signature Algorithm: sha256WithRSAEncryption af:ca:46:38:fd:4c:41:51:5d:a5:e6:ee:92:66:19:77:06:1d: a3:3a:a2:72:35:03:74:72:9d:b2:78:8b:82:2b:52:23:e7:83: d4:68:71:d4:cd:6e:44:0d:d2:fa:2e:fd:51:fa:98:ea:f2:22: 5d:82:3d:76:32:9f:fb:d7:ed:d8:47:ec:3b:3a:e4:03:8f:68: 20:3f:34:d2:bc:ef:bf:3f:60:3b:be:5f:9b:d4:42:42:6d:7e: 96:c9:c1:85:3a:51:2b:34:79:84:39:7d:89:65:c9:98:52:6a: 6d:36:ef:4c:2e:9f:6f:fd:3b:dd:ed:eb:91:b3:12:aa:15:77: 92:6c:06:2c:19:eb:35:58:55:22:91:c5:9b:70:5d:ad:36:6e: 6d:2d:bb:08:ae:ec:ae:3f:98:f9:11:4a:92:7f:28:bb:5c:81: 0c:30:45:b5:76:71:52:6d:e8:38:5f:80:5a:23:42:8f:39:c6: 66:c4:57:f8:54:a0:96:45:df:e1:21:fa:2a:e2:a4:20:2e:0e: 07:cc:ad:61:c1:2f:5f:38:4d:e1:b4:68:63:a7:78:1a:c4:f8: 08:b0:25:01:98:5b:ce:2d:df:3b:cb:56:79:3a:16:03:1c:d4: 16:e4:34:5f:70:ed:00:74:84:88:26:07:7c:f3:02:fe:a3:d9: b7:09:98:68 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDANpUMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA4MDMwOTE4NThaFw0yNjA4MDMwODQ0NDBaMDMx MTAvBgNVBAMTKDdDRjQ0QzA2RDVFQTdERjBDQkQ0RjY4NTA4RjE0RTg0REEwOEI3 NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfoOMRUoK29GP/45Bb ltFBYXbWBLoEkODL5ICpdUWBID860iEZDCeN2UVMti6sBaCMzGIiWAjBU6VmLk2B hkRHvn0Mqdpht+4Z5XOkJyH06Ce/1KjbpaHWNo9ihRrDFWc6/naVwPt+HBUB+p1l BQWswQxRsvTDJlpjgaHr7OWmf2hsDHo+mLOnNO9A7GXOvj3eUdOVIL2X3WB2VatG QjbKfKs5ATqLvC7ZwD1gGjP0BPhKKEZ7PNTtDwCbnnb6Xy/deizgB5xRmuD16mLc P1qPVUZHGC9YdWD4Icv/45c3V6On+T6qAumC8RxOz37BbFe5rGPj/duI+SP+CMq7 XaUxAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUfPRMBtXqffDL1PaFCPFOhNoIt1Iw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1 NzgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjU3OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ2NMMA0GCSqGSIb3DQEBCwUA A4IBAQCvykY4/UxBUV2l5u6SZhl3Bh2jOqJyNQN0cp2yeIuCK1Ij54PUaHHUzW5E DdL6Lv1R+pjq8iJdgj12Mp/71+3YR+w7OuQDj2ggPzTSvO+/P2A7vl+b1EJCbX6W ycGFOlErNHmEOX2JZcmYUmptNu9MLp9v/Tvd7euRsxKqFXeSbAYsGes1WFUikcWb cF2tNm5tLbsIruyuP5j5EUqSfyi7XIEMMEW1dnFSbeg4X4BaI0KPOcZmxFf4VKCW Rd/hIfoq4qQgLg4HzK1hwS9fOE3htGhjp3gaxPgIsCUBmFvOLd87y1Z5OhYDHNQW 5DRfcO0AdISIJgd88wL+o9m3CZho -----END CERTIFICATE-----Generated at Mon Aug 11 12:56:23 2025 by rpki-client