$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yiG6irdU_NZK2pljjW_l5HJTtME.cer File: yiG6irdU_NZK2pljjW_l5HJTtME.cer (raw, json) Hash identifier: D8Ces53sJ3jsuR5Zxbqlhfe3091FQ6eDOK3t6EYTcRQ= Subject key identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: CF50 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 09 Apr 2025 19:36:24 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 210.76.160.0/19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53072 (0xcf50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Apr 9 19:36:24 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=CA21BA8AB754FCD64ADA99638D6FE5E47253B4C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8e:dd:a8:7e:40:56:ab:e1:49:1f:01:ab:ad: eb:cd:6f:98:0f:30:c5:66:bf:78:47:16:49:d4:90: cc:69:a7:2a:db:11:0f:1c:6e:2a:32:a1:a6:a6:29: 63:c0:e1:af:8f:bc:70:fd:e1:b3:88:d5:92:28:81: 51:1d:27:cf:56:9d:a6:a2:37:66:11:be:ab:2c:77: 94:5d:93:9f:f1:78:d1:a8:8e:ca:a8:b4:ec:0c:18: 4e:23:02:d7:ce:ac:43:2a:4e:64:8e:4d:1b:92:e9: 69:d6:65:f3:16:1f:6e:6e:d8:ac:bd:92:bc:87:55: 77:a9:29:3a:99:33:a8:79:e2:d2:87:c4:36:85:1a: 2b:53:50:c5:95:47:10:5c:ad:3c:9c:ba:8b:43:d0: 41:16:75:6b:8c:10:58:54:9f:53:f9:c6:81:a7:76: 59:1b:97:e3:a2:7b:58:e9:a3:7e:96:74:7d:d4:30: f2:7b:9c:59:9e:22:74:6f:cb:0b:9c:bf:76:c7:25: fd:3d:1b:41:b1:a5:20:e3:4d:86:47:40:38:4e:41: ce:eb:1d:76:3f:91:a8:95:73:1e:37:18:ab:3d:34: 00:51:a4:41:38:2a:c9:74:7f:e7:9b:42:38:16:88: 0a:5e:32:fb:4e:78:a9:e9:21:f0:fd:a8:c8:9e:6c: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.76.160.0/19 Signature Algorithm: sha256WithRSAEncryption 42:e8:da:df:ca:75:cd:84:eb:27:6a:e2:a5:2f:00:8f:c0:21: 40:b0:45:c5:6c:27:27:72:b1:e6:5f:fd:7c:3a:2d:86:39:cd: 93:c0:2f:28:c4:84:60:57:d0:ad:2a:d3:36:30:92:96:9c:ee: 34:b1:5b:03:60:8a:ef:a1:87:28:4a:3a:db:30:0b:72:a0:ee: de:e1:44:4b:fa:67:7e:11:7b:ee:f8:31:f2:fd:7c:1f:ab:ab: af:9c:1d:c2:ef:e9:79:99:66:9f:61:2c:29:d4:2b:05:28:fb: ba:98:b3:38:35:8d:89:21:59:e0:bb:8b:98:16:10:5e:a7:93: 84:d0:1c:f3:1a:1d:fc:b4:04:e0:84:28:ba:c7:ab:04:45:fe: c9:98:90:56:39:1e:b2:05:d6:17:2d:14:86:83:81:8b:91:6e: 7d:1e:b7:27:92:04:2f:a6:42:8b:f2:0d:f4:d0:80:ad:3b:66: e0:c7:42:55:b7:19:61:7a:b1:8a:fa:1f:62:bd:97:43:43:34: 5b:55:d6:62:0a:cf:69:6f:17:98:c0:b0:44:61:46:72:08:e9: af:4b:e9:40:bc:a2:43:c1:04:16:65:cf:3d:1b:3d:7b:50:51: 41:3c:3c:38:09:38:6c:59:48:dd:70:90:aa:06:11:dd:e4:8f: 7e:3e:c4:fb -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIDAM9QMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA0MDkxOTM2MjRaFw0yNjA0MDMwODAwMDlaMDMx MTAvBgNVBAMTKENBMjFCQThBQjc1NEZDRDY0QURBOTk2MzhENkZFNUU0NzI1M0I0 QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjt2ofkBWq+FJHwGr revNb5gPMMVmv3hHFknUkMxppyrbEQ8cbioyoaamKWPA4a+PvHD94bOI1ZIogVEd J89WnaaiN2YRvqssd5Rdk5/xeNGojsqotOwMGE4jAtfOrEMqTmSOTRuS6WnWZfMW H25u2Ky9kryHVXepKTqZM6h54tKHxDaFGitTUMWVRxBcrTycuotD0EEWdWuMEFhU n1P5xoGndlkbl+Oie1jpo36WdH3UMPJ7nFmeInRvywucv3bHJf09G0GxpSDjTYZH QDhOQc7rHXY/kaiVcx43GKs9NABRpEE4Ksl0f+ebQjgWiApeMvtOeKnpIfD9qMie bG63AgMBAAGjggJRMIICTTAdBgNVHQ4EFgQUyiG6irdU/NZK2pljjW/l5HJTtMEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzk4 LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzk4L3lpRzZpcmRVX05aSzJwbGpqV19sNUhKVHRNRS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSTKAwDQYJKoZIhvcNAQELBQADggEB AELo2t/Kdc2E6ydq4qUvAI/AIUCwRcVsJydyseZf/Xw6LYY5zZPALyjEhGBX0K0q 0zYwkpac7jSxWwNgiu+hhyhKOtswC3Kg7t7hREv6Z34Re+74MfL9fB+rq6+cHcLv 6XmZZp9hLCnUKwUo+7qYszg1jYkhWeC7i5gWEF6nk4TQHPMaHfy0BOCEKLrHqwRF /smYkFY5HrIF1hctFIaDgYuRbn0etyeSBC+mQovyDfTQgK07ZuDHQlW3GWF6sYr6 H2K9l0NDNFtV1mIKz2lvF5jAsERhRnII6a9L6UC8okPBBBZlzz0bPXtQUUE8PDgJ OGxZSN1wkKoGEd3kj34+xPs= -----END CERTIFICATE-----Generated at Sat Apr 26 08:16:33 2025 by rpki-client