$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/pzWZC17YD0dS1e8quQd4e4oPJNY.cer File: pzWZC17YD0dS1e8quQd4e4oPJNY.cer (raw, json) Hash identifier: VkrFzW6lG4cLRSZXB4nZaRVqCIr3KmlXeWSG0xydjG0= Subject key identifier: A7:35:99:0B:5E:D8:0F:47:52:D5:EF:2A:B9:07:78:7B:8A:0F:24:D6 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CE17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3218/pzWZC17YD0dS1e8quQd4e4oPJNY.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3218/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:12:52 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 202.127.48.0/20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52759 (0xce17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 3 08:12:52 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A735990B5ED80F4752D5EF2AB907787B8A0F24D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:30:d5:93:bd:f1:d5:24:be:60:f9:61:48:9b: 85:0a:06:ca:e1:b9:b3:05:13:5a:c5:2e:01:17:e9: 23:37:0d:3b:77:f3:04:a3:a9:65:9f:70:b2:e7:dc: 98:52:ee:52:02:26:b4:7d:cc:dc:e9:a2:5b:a3:c9: 0f:76:de:bb:2c:d1:0c:5e:d9:6b:8e:74:b5:bf:c4: de:e6:bc:44:1a:4a:9f:36:0f:2c:ea:ed:1b:da:91: b4:ec:1f:f4:5e:11:95:fd:0e:38:a9:a8:04:71:f4: c6:c9:d7:16:ae:00:cf:42:86:7e:7d:2d:b0:ef:36: 51:4c:d6:f4:8b:6a:ce:7b:ef:98:17:d0:28:b7:69: 04:91:a7:63:40:c0:07:e8:2f:af:b8:05:20:b5:39: 39:ab:84:3d:ef:fb:ab:f3:e7:49:a0:a3:7c:a9:f0: 1a:f0:33:9c:4b:6d:73:51:14:e8:40:9e:2e:b2:84: 86:55:14:b2:6a:b9:8e:ad:9d:04:c4:e5:4c:33:b6: 61:6d:bf:5a:1c:7f:ab:5e:ee:90:3d:eb:c8:41:54: b0:59:0a:b9:73:16:0c:ef:84:6b:ba:ed:3b:57:38: 68:98:82:bd:2e:c5:1b:0f:c6:59:8d:0f:57:32:e2: 78:ad:76:65:ba:b9:54:fc:af:b9:eb:16:0c:76:4c: 3f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:35:99:0B:5E:D8:0F:47:52:D5:EF:2A:B9:07:78:7B:8A:0F:24:D6 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3218/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3218/pzWZC17YD0dS1e8quQd4e4oPJNY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.127.48.0/20 Signature Algorithm: sha256WithRSAEncryption 6c:2e:5c:00:32:8c:c2:2c:ef:20:ef:9e:20:ed:bc:ba:bc:12: 65:a8:00:b0:ff:1e:c5:32:3c:a2:8a:20:e7:b3:53:c1:0b:fb: 13:8a:2e:86:d2:51:00:f0:71:92:dd:22:7f:75:93:02:c4:6d: da:5b:c5:c7:7e:d1:67:2b:48:ab:a4:9e:9c:d0:73:7e:9f:38: d6:7f:6c:66:6d:20:20:6e:3e:03:ef:2f:aa:84:66:d8:04:6c: b7:2c:97:40:52:cd:1b:f5:94:c1:c3:20:13:55:4c:92:20:e6: f9:e2:fd:e8:32:64:f2:7b:fe:50:3b:48:c7:ed:ef:ba:03:90: a5:30:f7:97:b0:20:51:b9:2e:b7:f7:81:31:0e:ce:bb:98:90: bb:75:b9:ac:ff:59:e1:d5:03:9a:e8:40:c7:68:a0:b3:c5:b8: fc:53:fa:e9:49:5a:a5:b3:69:3a:d3:e3:da:f6:a7:65:f3:c6: 6d:b8:a3:16:4f:38:a8:c0:53:be:0a:2f:0a:16:b2:e9:a3:57: 59:7e:8e:26:8b:33:10:a4:bf:15:53:fb:21:67:2a:63:5c:cc: 2c:f8:9c:8c:1c:32:01:81:ca:20:c6:a8:1b:69:7b:63:4a:fc: 34:13:64:4d:38:5f:3d:21:1a:f3:00:23:41:4f:a9:d7:ee:40: d8:da:6b:40 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgIDAM4XMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDMwODEyNTJaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKEE3MzU5OTBCNUVEODBGNDc1MkQ1RUYyQUI5MDc3ODdCOEEwRjI0 RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8MNWTvfHVJL5g+WFI m4UKBsrhubMFE1rFLgEX6SM3DTt38wSjqWWfcLLn3JhS7lICJrR9zNzpolujyQ92 3rss0Qxe2WuOdLW/xN7mvEQaSp82Dyzq7RvakbTsH/ReEZX9DjipqARx9MbJ1xau AM9Chn59LbDvNlFM1vSLas5775gX0Ci3aQSRp2NAwAfoL6+4BSC1OTmrhD3v+6vz 50mgo3yp8BrwM5xLbXNRFOhAni6yhIZVFLJquY6tnQTE5UwztmFtv1ocf6te7pA9 68hBVLBZCrlzFgzvhGu67TtXOGiYgr0uxRsPxlmND1cy4nitdmW6uVT8r7nrFgx2 TD/xAgMBAAGjggJVMIICUTAdBgNVHQ4EFgQUpzWZC17YD0dS1e8quQd4e4oPJNYw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy MTgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzIxOC9weldaQzE3WUQwZFMxZThxdVFkNGU0b1BKTlkubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEyn8wMA0GCSqGSIb3DQEBCwUA A4IBAQBsLlwAMozCLO8g754g7by6vBJlqACw/x7FMjyiiiDns1PBC/sTii6G0lEA 8HGS3SJ/dZMCxG3aW8XHftFnK0irpJ6c0HN+nzjWf2xmbSAgbj4D7y+qhGbYBGy3 LJdAUs0b9ZTBwyATVUySIOb54v3oMmTye/5QO0jH7e+6A5ClMPeXsCBRuS6394Ex Ds67mJC7dbms/1nh1QOa6EDHaKCzxbj8U/rpSVqls2k60+Pa9qdl88ZtuKMWTzio wFO+Ci8KFrLpo1dZfo4mizMQpL8VU/shZypjXMws+JyMHDIBgcogxqgbaXtjSvw0 E2RNOF89IRrzACNBT6nX7kDY2mtA -----END CERTIFICATE-----Generated at Sat Apr 26 08:17:46 2025 by rpki-client