$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer (raw, json) Hash identifier: R9M3/pqoJgFCEtsWr2gL2uoFHXgLvEqJTRIsosFCnbY= Subject key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 4011 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:18:12 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 157.10.220.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 09:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16401 (0x4011) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Aug 3 09:18:12 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:88:3c:a6:c9:f5:15:a4:7c:43:97:6f:54:b9: 88:2a:59:d0:98:20:99:f1:99:74:52:5f:3a:1d:77: d6:96:95:1b:12:23:3e:60:1f:68:1e:95:c4:c9:ef: 4d:d6:2c:d3:21:50:e1:67:ea:f2:55:b8:ad:d3:6d: 55:e2:73:69:f9:0a:43:e4:c7:77:47:e6:0d:07:99: 81:4a:2b:8a:fe:3a:12:f9:bb:2c:07:ba:df:f1:bd: 41:07:d6:77:5f:b6:f2:8b:ab:34:7b:00:cf:18:b1: 52:ad:fa:04:c1:84:cd:49:11:cc:90:39:c6:ca:3b: e6:93:f5:53:4c:9d:d1:aa:be:23:44:6a:20:74:1c: e3:00:a6:03:28:18:d9:23:fc:8c:ce:7f:8b:9c:c6: 4b:78:3f:81:10:fd:6a:38:6e:22:09:c3:7a:80:52: af:0a:f3:b2:f9:32:cb:66:aa:22:69:bf:0a:ea:52: ab:e3:5e:bb:76:34:85:d9:66:38:dc:e0:ae:e4:b6: c4:c0:2d:23:54:b1:2b:e7:ab:03:46:c1:b9:74:f7: b0:32:ee:b2:6c:3b:e9:77:74:0b:96:1d:f4:dd:e7: 69:5d:89:b8:56:c0:5f:d8:da:04:cd:f7:0d:4f:42: 74:ef:b1:54:d1:77:b5:e3:a4:7e:53:e2:36:84:71: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:9f:0e:45:67:16:6a:15:0a:6e:af:97:1d:a5:24:49:99:d4: 4f:30:d4:ce:cf:b5:ec:b3:07:27:aa:4b:b7:91:79:32:4a:48: 91:07:07:06:27:b2:6d:ad:10:f4:b4:77:c3:57:a6:a9:8f:e4: 11:f9:9f:2b:89:0f:31:98:5a:67:5c:6c:9a:31:c1:a0:21:97: ff:98:67:54:20:5c:50:90:ba:04:11:2b:3a:37:56:b5:b8:bc: fb:cd:3c:e3:2f:e6:b9:fa:0d:61:f1:c1:7a:64:cb:cb:4f:5e: 72:fb:57:89:20:85:e2:92:ff:b9:0c:2a:fc:3c:8b:e0:fc:9e: da:b3:e7:86:4b:73:93:4e:e8:39:5a:24:03:ac:19:26:c4:27: 80:59:16:95:7f:13:c9:1f:41:b7:24:0c:28:9b:f4:10:03:94: f3:d0:58:14:2e:69:03:fb:2e:3b:2d:79:88:fd:3d:ed:28:49: 38:52:19:8c:b2:af:db:6a:ce:1e:c0:7e:93:51:f0:68:53:17: 45:f1:80:ef:e0:b0:45:5e:22:f3:d3:74:15:39:8c:fe:07:df: 76:65:bf:39:5f:15:f7:0d:b7:53:ef:69:d6:7a:ac:5f:ba:7d: a7:33:b6:9a:dc:5e:d2:41:ed:02:1d:ed:46:23:96:33:00:d5: 34:48:61:f6 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQBEwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDgwMzA5MTgxMloXDTI2MDgwMzA4NDQ0MFowMzEx MC8GA1UEAxMoOTBGMzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhF MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWIPKbJ9RWkfEOXb1S5 iCpZ0JggmfGZdFJfOh131paVGxIjPmAfaB6VxMnvTdYs0yFQ4Wfq8lW4rdNtVeJz afkKQ+THd0fmDQeZgUoriv46Evm7LAe63/G9QQfWd1+28ourNHsAzxixUq36BMGE zUkRzJA5xso75pP1U0yd0aq+I0RqIHQc4wCmAygY2SP8jM5/i5zGS3g/gRD9ajhu IgnDeoBSrwrzsvkyy2aqImm/CupSq+Neu3Y0hdlmONzgruS2xMAtI1SxK+erA0bB uXT3sDLusmw76Xd0C5Yd9N3naV2JuFbAX9jaBM33DU9CdO+xVNF3teOkflPiNoRx uTECAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSQ8w4d8yfRA5B/G+CO0+pkv7d44zAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zMjU4L2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdCtwwDQYJKoZIhvcNAQELBQAD ggEBAIyfDkVnFmoVCm6vlx2lJEmZ1E8w1M7PteyzByeqS7eReTJKSJEHBwYnsm2t EPS0d8NXpqmP5BH5nyuJDzGYWmdcbJoxwaAhl/+YZ1QgXFCQugQRKzo3VrW4vPvN POMv5rn6DWHxwXpky8tPXnL7V4kgheKS/7kMKvw8i+D8ntqz54ZLc5NO6DlaJAOs GSbEJ4BZFpV/E8kfQbckDCib9BADlPPQWBQuaQP7LjsteYj9Pe0oSThSGYyyr9tq zh7AfpNR8GhTF0XxgO/gsEVeIvPTdBU5jP4H33ZlvzlfFfcNt1PvadZ6rF+6facz tprcXtJB7QId7UYjljMA1TRIYfY= -----END CERTIFICATE-----Generated at Mon Aug 11 07:34:19 2025 by rpki-client