$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/pWAVr1iCpF6pHb4Gm4-A3c2zt60.cer File: pWAVr1iCpF6pHb4Gm4-A3c2zt60.cer (raw, json) Hash identifier: uvDlhvCU29pKKKhwSgOhBLjSb/qNhzqK/0FQTnJVD7c= Subject key identifier: A5:60:15:AF:58:82:A4:5E:A9:1D:BE:06:9B:8F:80:DD:CD:B3:B7:AD Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E161 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/pWAVr1iCpF6pHb4Gm4-A3c2zt60.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:07:17 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 103.196.168.0/22 IP: 202.123.116.0/22 IP: 2402:f780::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57697 (0xe161) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:07:17 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=A56015AF5882A45EA91DBE069B8F80DDCDB3B7AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b9:e4:f7:6e:25:9a:9a:6b:39:0d:d7:db:97: bb:80:7f:a0:e5:2e:36:9d:66:9a:a6:9d:c4:a9:b7: 2c:28:9b:99:86:07:ed:93:58:14:31:ea:62:e1:83: 89:a4:ec:e2:69:b3:87:22:2f:f3:07:06:6e:07:4c: 60:ee:70:d6:6e:7e:7e:c5:5a:1d:41:d0:00:f7:27: bd:e0:d4:9f:84:ac:cc:68:c1:18:86:f7:6b:56:18: 15:a3:90:a0:45:7f:76:55:7e:08:6f:8c:94:45:50: c4:83:69:14:d1:93:34:61:37:a0:9f:b7:d3:6f:a3: 4e:d6:e3:9c:a5:c4:ff:c5:ec:ef:14:2d:2a:9f:53: 71:a5:95:a7:ee:48:6a:bb:66:55:9a:46:92:3f:00: 03:c6:39:dd:af:be:04:e9:b6:a0:af:2e:64:dd:4b: dc:72:6a:3c:8a:74:c2:36:81:63:f5:eb:0c:14:5d: 1d:59:21:8f:59:aa:e1:36:f6:bc:36:c2:7a:2c:8b: 07:f9:6c:53:7f:37:7c:dd:bf:37:7e:4d:e4:ca:f1: 86:1e:62:a7:4b:fc:9a:3a:d0:f9:5d:47:7a:a7:c5: 8a:87:9b:0a:f5:ad:b3:4a:64:e0:db:3a:f6:ea:8b: 52:15:0c:7c:d1:e1:68:99:0e:8d:1f:55:0a:4a:92: 72:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:60:15:AF:58:82:A4:5E:A9:1D:BE:06:9B:8F:80:DD:CD:B3:B7:AD X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/pWAVr1iCpF6pHb4Gm4-A3c2zt60.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.196.168.0/22 202.123.116.0/22 IPv6: 2402:f780::/32 Signature Algorithm: sha256WithRSAEncryption 04:4f:0c:b5:e7:72:96:72:2f:f8:df:51:b5:09:cb:50:f3:11: bf:19:bd:b3:69:cf:88:58:fe:00:88:e1:35:2d:5d:c8:af:cf: 18:9b:8b:60:a2:68:83:e1:b0:0d:cc:ef:89:15:1a:a0:2f:7d: db:4a:2f:92:96:7a:46:2a:c5:cb:14:3e:07:26:20:d3:30:c4: 2f:57:71:68:a7:2c:21:80:48:15:6d:83:58:91:e2:4d:9b:68: b3:21:92:8c:e2:27:6a:14:42:58:ee:e4:44:a5:f0:df:e8:16: 32:f2:16:81:46:da:9a:29:e3:e3:89:d5:6c:cd:65:3e:70:f9: ac:7a:22:c8:38:fa:b1:95:3f:42:52:62:b6:fa:c3:f8:e4:df: 83:3b:43:88:2a:23:82:bb:bf:0d:75:00:77:ce:29:1a:e7:78: 71:f3:38:5b:b1:e0:3b:22:7c:75:20:49:59:18:de:2d:88:d2: 45:26:2b:7b:32:42:e5:a8:58:68:45:e4:9d:f2:91:94:cf:32: 9d:cb:a9:e9:fc:8d:76:47:5e:a5:76:2f:88:f9:65:eb:bb:54: 66:a3:45:56:86:aa:40:42:17:fe:9e:36:72:43:b3:51:b2:6d: 81:26:d5:57:07:e3:6d:6e:42:7f:88:e8:8e:8d:92:d0:23:94: 26:df:8c:2e -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgIDAOFhMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA3MTdaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKEE1NjAxNUFGNTg4MkE0NUVBOTFEQkUwNjlCOEY4MEREQ0RCM0I3 QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUueT3biWamms5Ddfb l7uAf6DlLjadZpqmncSptywom5mGB+2TWBQx6mLhg4mk7OJps4ciL/MHBm4HTGDu cNZufn7FWh1B0AD3J73g1J+ErMxowRiG92tWGBWjkKBFf3ZVfghvjJRFUMSDaRTR kzRhN6Cft9Nvo07W45ylxP/F7O8ULSqfU3GllafuSGq7ZlWaRpI/AAPGOd2vvgTp tqCvLmTdS9xyajyKdMI2gWP16wwUXR1ZIY9ZquE29rw2wnosiwf5bFN/N3zdvzd+ TeTK8YYeYqdL/Jo60PldR3qnxYqHmwr1rbNKZODbOvbqi1IVDHzR4WiZDo0fVQpK knIdAgMBAAGjggJqMIICZjAdBgNVHQ4EFgQUpWAVr1iCpF6pHb4Gm4+A3c2zt60w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEz NzQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTM3NC9wV0FWcjFpQ3BGNnBIYjRHbTQtQTNjMnp0NjAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ8SoAwQCynt0MA0EAgACMAcD BQAkAveAMA0GCSqGSIb3DQEBCwUAA4IBAQAETwy153KWci/431G1CctQ8xG/Gb2z ac+IWP4AiOE1LV3Ir88Ym4tgomiD4bANzO+JFRqgL33bSi+SlnpGKsXLFD4HJiDT MMQvV3FopywhgEgVbYNYkeJNm2izIZKM4idqFEJY7uREpfDf6BYy8haBRtqaKePj idVszWU+cPmseiLIOPqxlT9CUmK2+sP45N+DO0OIKiOCu78NdQB3zika53hx8zhb seA7Inx1IElZGN4tiNJFJit7MkLlqFhoReSd8pGUzzKdy6np/I12R16ldi+I+WXr u1Rmo0VWhqpAQhf+njZyQ7NRsm2BJtVXB+NtbkJ/iOiOjZLQI5Qm34wu -----END CERTIFICATE-----Generated at Wed Nov 5 15:49:40 2025 by rpki-client