$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/pWAVr1iCpF6pHb4Gm4-A3c2zt60.cer File: pWAVr1iCpF6pHb4Gm4-A3c2zt60.cer (raw, json) Hash identifier: tzJsgq0L2zl/sejfn4F2pe8bNcx2/c8qRAsGSbQFgqE= Subject key identifier: A5:60:15:AF:58:82:A4:5E:A9:1D:BE:06:9B:8F:80:DD:CD:B3:B7:AD Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: D025 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/pWAVr1iCpF6pHb4Gm4-A3c2zt60.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sat 19 Apr 2025 19:36:40 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 103.196.168.0/22 IP: 202.123.116.0/22 IP: 2402:f780::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53285 (0xd025) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 19 19:36:40 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A56015AF5882A45EA91DBE069B8F80DDCDB3B7AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b9:e4:f7:6e:25:9a:9a:6b:39:0d:d7:db:97: bb:80:7f:a0:e5:2e:36:9d:66:9a:a6:9d:c4:a9:b7: 2c:28:9b:99:86:07:ed:93:58:14:31:ea:62:e1:83: 89:a4:ec:e2:69:b3:87:22:2f:f3:07:06:6e:07:4c: 60:ee:70:d6:6e:7e:7e:c5:5a:1d:41:d0:00:f7:27: bd:e0:d4:9f:84:ac:cc:68:c1:18:86:f7:6b:56:18: 15:a3:90:a0:45:7f:76:55:7e:08:6f:8c:94:45:50: c4:83:69:14:d1:93:34:61:37:a0:9f:b7:d3:6f:a3: 4e:d6:e3:9c:a5:c4:ff:c5:ec:ef:14:2d:2a:9f:53: 71:a5:95:a7:ee:48:6a:bb:66:55:9a:46:92:3f:00: 03:c6:39:dd:af:be:04:e9:b6:a0:af:2e:64:dd:4b: dc:72:6a:3c:8a:74:c2:36:81:63:f5:eb:0c:14:5d: 1d:59:21:8f:59:aa:e1:36:f6:bc:36:c2:7a:2c:8b: 07:f9:6c:53:7f:37:7c:dd:bf:37:7e:4d:e4:ca:f1: 86:1e:62:a7:4b:fc:9a:3a:d0:f9:5d:47:7a:a7:c5: 8a:87:9b:0a:f5:ad:b3:4a:64:e0:db:3a:f6:ea:8b: 52:15:0c:7c:d1:e1:68:99:0e:8d:1f:55:0a:4a:92: 72:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:60:15:AF:58:82:A4:5E:A9:1D:BE:06:9B:8F:80:DD:CD:B3:B7:AD X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1374/pWAVr1iCpF6pHb4Gm4-A3c2zt60.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.196.168.0/22 202.123.116.0/22 IPv6: 2402:f780::/32 Signature Algorithm: sha256WithRSAEncryption 56:70:57:9c:0d:ef:8d:d4:79:9e:1f:22:a0:b5:b0:fc:a7:c2: f8:e2:94:e9:1a:9d:5f:3e:05:48:be:4a:e0:88:ba:15:75:30: 34:27:78:3a:57:5c:df:75:99:82:fb:bd:e1:c7:c5:da:43:79: d9:40:4b:33:33:1b:b1:f9:43:36:63:60:b4:5c:8f:d6:f3:4f: 09:81:db:13:6c:d5:4f:21:b7:08:cd:b5:db:b5:cc:b7:4f:46: ec:c2:05:fb:96:67:c6:20:e8:97:e3:29:6d:0a:3d:fd:a6:e8: 68:de:3b:7b:9a:b4:ff:f6:9c:83:fa:c5:d5:74:37:a8:77:a1: e8:cc:f7:ab:18:06:16:97:63:c5:44:30:7d:e6:fd:ee:40:7e: 57:f0:34:a5:ca:e1:23:4a:96:14:43:19:7d:6e:43:c1:39:30: 47:26:d6:78:b9:fb:d2:99:6a:dc:e6:22:f1:fd:f4:f0:2b:8f: cc:04:e6:dd:74:66:63:8d:34:ac:a6:79:b9:e0:17:f7:f1:b6: 25:92:20:c3:56:d4:52:09:50:2c:64:81:92:63:84:c4:b0:4e: fb:bb:95:5f:2e:ac:82:8d:2b:65:4b:a1:54:fe:68:b6:7f:69: 9c:f8:c7:44:8c:47:1f:f9:3b:31:dc:b5:7e:8d:d9:32:67:04: 7d:70:82:93 -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgIDANAlMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MTkxOTM2NDBaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKEE1NjAxNUFGNTg4MkE0NUVBOTFEQkUwNjlCOEY4MEREQ0RCM0I3 QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUueT3biWamms5Ddfb l7uAf6DlLjadZpqmncSptywom5mGB+2TWBQx6mLhg4mk7OJps4ciL/MHBm4HTGDu cNZufn7FWh1B0AD3J73g1J+ErMxowRiG92tWGBWjkKBFf3ZVfghvjJRFUMSDaRTR kzRhN6Cft9Nvo07W45ylxP/F7O8ULSqfU3GllafuSGq7ZlWaRpI/AAPGOd2vvgTp tqCvLmTdS9xyajyKdMI2gWP16wwUXR1ZIY9ZquE29rw2wnosiwf5bFN/N3zdvzd+ TeTK8YYeYqdL/Jo60PldR3qnxYqHmwr1rbNKZODbOvbqi1IVDHzR4WiZDo0fVQpK knIdAgMBAAGjggJqMIICZjAdBgNVHQ4EFgQUpWAVr1iCpF6pHb4Gm4+A3c2zt60w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEz NzQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMTM3NC9wV0FWcjFpQ3BGNnBIYjRHbTQtQTNjMnp0NjAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ8SoAwQCynt0MA0EAgACMAcD BQAkAveAMA0GCSqGSIb3DQEBCwUAA4IBAQBWcFecDe+N1HmeHyKgtbD8p8L44pTp Gp1fPgVIvkrgiLoVdTA0J3g6V1zfdZmC+73hx8XaQ3nZQEszMxux+UM2Y2C0XI/W 808JgdsTbNVPIbcIzbXbtcy3T0bswgX7lmfGIOiX4yltCj39puho3jt7mrT/9pyD +sXVdDeod6HozPerGAYWl2PFRDB95v3uQH5X8DSlyuEjSpYUQxl9bkPBOTBHJtZ4 ufvSmWrc5iLx/fTwK4/MBObddGZjjTSspnm54Bf38bYlkiDDVtRSCVAsZIGSY4TE sE77u5VfLqyCjStlS6FU/mi2f2mc+MdEjEcf+Tsx3LV+jdkyZwR9cIKT -----END CERTIFICATE-----Generated at Sat Apr 26 09:43:35 2025 by rpki-client