$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer (raw, json) Hash identifier: y6Zsoy+RPiiXnOyyv4FeE4WNdZl/iPLN0mdbFXSMWoM= Subject key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 45B2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 11 Feb 2026 19:59:16 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: IP: 157.10.220.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 00:59:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17842 (0x45b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Feb 11 19:59:16 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:88:3c:a6:c9:f5:15:a4:7c:43:97:6f:54:b9: 88:2a:59:d0:98:20:99:f1:99:74:52:5f:3a:1d:77: d6:96:95:1b:12:23:3e:60:1f:68:1e:95:c4:c9:ef: 4d:d6:2c:d3:21:50:e1:67:ea:f2:55:b8:ad:d3:6d: 55:e2:73:69:f9:0a:43:e4:c7:77:47:e6:0d:07:99: 81:4a:2b:8a:fe:3a:12:f9:bb:2c:07:ba:df:f1:bd: 41:07:d6:77:5f:b6:f2:8b:ab:34:7b:00:cf:18:b1: 52:ad:fa:04:c1:84:cd:49:11:cc:90:39:c6:ca:3b: e6:93:f5:53:4c:9d:d1:aa:be:23:44:6a:20:74:1c: e3:00:a6:03:28:18:d9:23:fc:8c:ce:7f:8b:9c:c6: 4b:78:3f:81:10:fd:6a:38:6e:22:09:c3:7a:80:52: af:0a:f3:b2:f9:32:cb:66:aa:22:69:bf:0a:ea:52: ab:e3:5e:bb:76:34:85:d9:66:38:dc:e0:ae:e4:b6: c4:c0:2d:23:54:b1:2b:e7:ab:03:46:c1:b9:74:f7: b0:32:ee:b2:6c:3b:e9:77:74:0b:96:1d:f4:dd:e7: 69:5d:89:b8:56:c0:5f:d8:da:04:cd:f7:0d:4f:42: 74:ef:b1:54:d1:77:b5:e3:a4:7e:53:e2:36:84:71: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption 75:ed:77:d6:de:59:8e:69:c6:d1:66:77:22:4c:79:ee:24:c3: b0:bb:d1:73:48:96:1c:74:ed:38:8b:46:c5:02:1c:ba:e2:9a: 09:41:87:71:58:a8:6e:64:be:6e:5f:a7:81:df:7c:1e:d0:e6: cb:c9:73:20:21:7b:bf:ec:9b:be:6b:2c:f6:b7:b0:6d:eb:0f: 20:6e:df:71:da:be:0c:3f:25:8c:b8:b8:44:a2:58:d8:1f:0a: 88:1b:5d:51:d3:40:5a:dc:b3:97:eb:82:14:60:a5:1c:d3:7d: cb:98:da:2f:96:5b:51:ee:0c:46:12:39:42:23:54:c5:de:3a: 51:bd:52:50:af:6f:a1:63:c8:c1:84:d7:48:82:91:3e:14:9e: b7:8c:4c:da:d9:2a:f4:e3:01:06:f2:5c:4e:df:41:d7:8a:b4: 87:a0:9b:0a:f9:51:b9:47:2f:70:05:2d:6c:33:e3:34:b5:9d: 60:37:4e:78:4e:5b:31:e6:0f:c9:f6:b8:73:9d:d9:65:de:e5: cd:07:d9:8f:4e:8e:bc:5a:4a:94:8e:50:17:44:85:8a:82:c0: da:4a:cd:1b:c2:ed:b0:c0:a5:a4:a2:f6:7f:2c:b7:62:37:c1: b2:2d:e2:28:0e:92:22:07:75:e5:ad:3f:50:5e:56:83:ba:7d: 20:10:0a:2f -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICRbIwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI2MDIxMTE5NTkxNloXDTI3MDEwOTA4MjMxOFowMzEx MC8GA1UEAxMoOTBGMzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhF MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWIPKbJ9RWkfEOXb1S5 iCpZ0JggmfGZdFJfOh131paVGxIjPmAfaB6VxMnvTdYs0yFQ4Wfq8lW4rdNtVeJz afkKQ+THd0fmDQeZgUoriv46Evm7LAe63/G9QQfWd1+28ourNHsAzxixUq36BMGE zUkRzJA5xso75pP1U0yd0aq+I0RqIHQc4wCmAygY2SP8jM5/i5zGS3g/gRD9ajhu IgnDeoBSrwrzsvkyy2aqImm/CupSq+Neu3Y0hdlmONzgruS2xMAtI1SxK+erA0bB uXT3sDLusmw76Xd0C5Yd9N3naV2JuFbAX9jaBM33DU9CdO+xVNF3teOkflPiNoRx uTECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQ8w4d8yfRA5B/G+CO0+pkv7d44zAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU4L2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCtwwDQYJKoZIhvcNAQELBQAD ggEBAHXtd9beWY5pxtFmdyJMee4kw7C70XNIlhx07TiLRsUCHLrimglBh3FYqG5k vm5fp4HffB7Q5svJcyAhe7/sm75rLPa3sG3rDyBu33Havgw/JYy4uESiWNgfCogb XVHTQFrcs5frghRgpRzTfcuY2i+WW1HuDEYSOUIjVMXeOlG9UlCvb6FjyMGE10iC kT4UnreMTNrZKvTjAQbyXE7fQdeKtIegmwr5UblHL3AFLWwz4zS1nWA3TnhOWzHm D8n2uHOd2WXe5c0H2Y9OjrxaSpSOUBdEhYqCwNpKzRvC7bDApaSi9n8st2I3wbIt 4igOkiIHdeWtP1BeVoO6fSAQCi8= -----END CERTIFICATE-----Generated at Sun Mar 1 23:57:02 2026 by rpki-client