$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer File: kZiaAq0NE2kvy29vluo2LX3c-ks.cer (raw, json) Hash identifier: j7YCTkub0knbhGINU3ygbiH+pTYr3JcugcRgdm5Hp98= Subject key identifier: 91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: EAD7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Mon 02 Feb 2026 02:52:03 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: IP: 27.106.128.0/18 IP: 45.121.96.0/22 IP: 103.61.176.0/22 IP: 211.148.64.0/18 IP: 220.152.128.0/17 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 10:59:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60119 (0xead7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Feb 2 02:52:03 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:1d:3f:db:d1:33:46:25:ad:6e:ae:05:8c:fd: 13:2b:5c:e1:f1:ae:17:d4:ec:23:40:53:55:99:93: 5e:a8:c8:bc:7f:95:a5:80:58:1e:68:fb:8f:bc:ec: 48:04:c6:cb:70:9f:89:59:d0:54:cf:0e:ea:10:ed: b9:f0:88:f2:b9:06:39:e1:a7:d2:d2:06:fc:e7:0d: 74:25:d0:05:92:8b:2b:33:6d:df:f7:6b:66:78:85: 90:61:0e:b7:54:39:5a:43:19:08:6a:b7:bf:41:c6: d7:cb:91:b2:1b:11:2d:f1:e6:ee:28:fa:c2:5c:24: df:97:2c:0b:78:c2:79:db:e2:af:b4:5e:d9:c8:cf: 25:d5:3d:70:f6:0f:fb:3e:20:07:b7:d2:e2:c2:c8: 31:af:f6:c5:9a:d9:b2:43:09:86:5d:7e:22:9f:d7: 1d:29:cf:1b:cd:2e:ae:87:7d:70:64:21:0b:06:73: b8:88:78:a8:10:ca:7b:68:0b:c1:2e:cf:bd:15:7e: 3c:fb:51:ef:e7:45:cd:84:7f:db:db:4d:0d:5f:c3: 01:3a:a6:be:8d:91:4b:1e:f2:94:24:cb:0c:d7:70: 64:f2:e6:79:4e:91:5a:c0:20:cc:0a:57:ad:49:fc: a0:28:88:e1:ba:fe:ab:d7:77:3c:5b:75:61:cd:6a: 9a:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.106.128.0/18 45.121.96.0/22 103.61.176.0/22 211.148.64.0/18 220.152.128.0/17 Signature Algorithm: sha256WithRSAEncryption 30:e8:67:32:6e:06:e8:f2:3c:ef:f3:39:49:61:ef:74:e0:f8: 73:23:6a:88:d8:48:17:52:cc:28:e8:69:5f:8f:b9:11:ec:0b: a5:36:e2:b2:65:b9:33:27:b3:fe:87:b5:3f:16:37:6b:69:9a: ad:8f:8a:1d:04:44:89:a8:dc:eb:aa:70:f6:47:57:4e:0b:48: 5e:66:fb:c6:98:81:5e:39:b1:38:bd:3b:d8:3c:ef:a1:6f:bc: d7:75:c9:ef:fb:3c:32:57:dc:7f:3b:d1:32:54:09:69:15:fa: c6:76:f6:f1:a7:88:4e:87:ac:5c:26:56:56:e5:3a:79:55:01: 68:97:f1:25:aa:9a:e5:7b:7b:7a:32:3a:30:14:63:07:8b:0e: 97:65:0a:4b:86:ee:84:80:0e:c2:8d:a0:5e:fa:82:c0:a6:64: 5b:5e:f1:36:f0:dd:73:bc:49:56:b1:c7:02:0b:a5:d2:88:8b: 66:3d:cf:55:5b:eb:bb:0a:cb:a2:68:74:f1:ef:d4:1a:e2:31: 9a:2c:dd:5c:79:5c:98:82:97:2e:75:53:94:4f:86:f5:95:50: 84:37:21:a3:99:55:f5:55:06:90:7a:46:a0:17:56:a4:22:73: 94:bc:dd:32:de:a5:86:68:4f:2b:27:ea:3e:40:1a:db:79:b1: bf:a2:fe:62 -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgIDAOrXMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAyMDIwMjUyMDNaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKDkxOTg5QTAyQUQwRDEzNjkyRkNCNkY2Rjk2RUEzNjJEN0REQ0ZB NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtHT/b0TNGJa1urgWM /RMrXOHxrhfU7CNAU1WZk16oyLx/laWAWB5o+4+87EgExstwn4lZ0FTPDuoQ7bnw iPK5Bjnhp9LSBvznDXQl0AWSiyszbd/3a2Z4hZBhDrdUOVpDGQhqt79BxtfLkbIb ES3x5u4o+sJcJN+XLAt4wnnb4q+0XtnIzyXVPXD2D/s+IAe30uLCyDGv9sWa2bJD CYZdfiKf1x0pzxvNLq6HfXBkIQsGc7iIeKgQyntoC8Euz70Vfjz7Ue/nRc2Ef9vb TQ1fwwE6pr6NkUse8pQkywzXcGTy5nlOkVrAIMwKV61J/KAoiOG6/qvXdzxbdWHN appzAgMBAAGjggJtMIICaTAdBgNVHQ4EFgQUkZiaAq0NE2kvy29vluo2LX3c+ksw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEy MzkvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTIzOS9rWmlhQXEwTkUya3Z5Mjl2bHVvMkxYM2Mta3MubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGG2qAAwQCLXlgAwQCZz2wAwQG 05RAAwQH3JiAMA0GCSqGSIb3DQEBCwUAA4IBAQAw6Gcybgbo8jzv8zlJYe904Phz I2qI2EgXUswo6Glfj7kR7AulNuKyZbkzJ7P+h7U/FjdraZqtj4odBESJqNzrqnD2 R1dOC0heZvvGmIFeObE4vTvYPO+hb7zXdcnv+zwyV9x/O9EyVAlpFfrGdvbxp4hO h6xcJlZW5Tp5VQFol/Elqprle3t6MjowFGMHiw6XZQpLhu6EgA7CjaBe+oLApmRb XvE28N1zvElWsccCC6XSiItmPc9VW+u7CsuiaHTx79Qa4jGaLN1ceVyYgpcudVOU T4b1lVCENyGjmVX1VQaQekagF1akInOUvN0y3qWGaE8rJ+o+QBrbebG/ov5i -----END CERTIFICATE-----Generated at Mon Mar 2 10:05:52 2026 by rpki-client