$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yiG6irdU_NZK2pljjW_l5HJTtME.cer File: yiG6irdU_NZK2pljjW_l5HJTtME.cer (raw, json) Hash identifier: CbSv+Tb+Uk1zXCkfOD7lsHwUpZn82/yKRoxR1vIHnew= Subject key identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E1A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 23 Oct 2025 03:08:12 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: IP: 210.76.160.0/19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57767 (0xe1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Oct 23 03:08:12 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=CA21BA8AB754FCD64ADA99638D6FE5E47253B4C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8e:dd:a8:7e:40:56:ab:e1:49:1f:01:ab:ad: eb:cd:6f:98:0f:30:c5:66:bf:78:47:16:49:d4:90: cc:69:a7:2a:db:11:0f:1c:6e:2a:32:a1:a6:a6:29: 63:c0:e1:af:8f:bc:70:fd:e1:b3:88:d5:92:28:81: 51:1d:27:cf:56:9d:a6:a2:37:66:11:be:ab:2c:77: 94:5d:93:9f:f1:78:d1:a8:8e:ca:a8:b4:ec:0c:18: 4e:23:02:d7:ce:ac:43:2a:4e:64:8e:4d:1b:92:e9: 69:d6:65:f3:16:1f:6e:6e:d8:ac:bd:92:bc:87:55: 77:a9:29:3a:99:33:a8:79:e2:d2:87:c4:36:85:1a: 2b:53:50:c5:95:47:10:5c:ad:3c:9c:ba:8b:43:d0: 41:16:75:6b:8c:10:58:54:9f:53:f9:c6:81:a7:76: 59:1b:97:e3:a2:7b:58:e9:a3:7e:96:74:7d:d4:30: f2:7b:9c:59:9e:22:74:6f:cb:0b:9c:bf:76:c7:25: fd:3d:1b:41:b1:a5:20:e3:4d:86:47:40:38:4e:41: ce:eb:1d:76:3f:91:a8:95:73:1e:37:18:ab:3d:34: 00:51:a4:41:38:2a:c9:74:7f:e7:9b:42:38:16:88: 0a:5e:32:fb:4e:78:a9:e9:21:f0:fd:a8:c8:9e:6c: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:21:BA:8A:B7:54:FC:D6:4A:DA:99:63:8D:6F:E5:E4:72:53:B4:C1 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/98/yiG6irdU_NZK2pljjW_l5HJTtME.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.76.160.0/19 Signature Algorithm: sha256WithRSAEncryption 83:74:aa:db:a9:af:37:be:7b:a0:c7:de:59:af:09:17:55:5a: b2:bf:07:f2:41:3f:db:f4:38:9e:c6:2d:16:3d:f6:03:ab:f4: a2:ff:35:10:21:2e:81:2d:3b:c7:ef:50:87:c3:17:c8:26:54: ae:ef:53:b5:00:75:df:7b:88:da:07:93:19:0f:7b:3e:a6:e8: 93:fa:2a:1a:63:30:4c:ff:6f:65:db:25:92:51:87:dc:b4:bd: 82:2d:bc:39:8a:03:4b:75:75:79:03:cc:3b:c7:30:29:b8:24: 98:9c:31:dc:89:e7:b5:d5:a6:98:64:4e:05:a6:d5:26:c0:15: 86:87:57:2a:2a:21:5c:9e:fd:0f:69:fe:f7:fd:e3:f1:06:e2: d5:00:0d:30:69:0c:39:1d:21:44:c5:f2:e3:f9:a4:30:76:6d: 7d:46:40:c5:d3:03:66:b5:aa:db:2b:e5:34:43:d9:e5:6f:95: 5f:14:72:7b:e8:93:a6:78:df:f7:c2:e8:5f:41:6e:a9:e9:85: ad:a3:2a:65:fc:3d:f5:c2:c4:21:64:70:38:a9:48:a7:50:6e: dc:48:4d:ef:4c:34:3f:67:ae:d5:30:02:7f:2f:27:ff:69:9a: 09:c8:a2:f2:ee:4c:01:f5:bd:f3:33:0e:51:77:2d:c9:b6:fc: b4:43:a3:1e -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgIDAOGnMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA4MTJaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKENBMjFCQThBQjc1NEZDRDY0QURBOTk2MzhENkZFNUU0NzI1M0I0 QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjt2ofkBWq+FJHwGr revNb5gPMMVmv3hHFknUkMxppyrbEQ8cbioyoaamKWPA4a+PvHD94bOI1ZIogVEd J89WnaaiN2YRvqssd5Rdk5/xeNGojsqotOwMGE4jAtfOrEMqTmSOTRuS6WnWZfMW H25u2Ky9kryHVXepKTqZM6h54tKHxDaFGitTUMWVRxBcrTycuotD0EEWdWuMEFhU n1P5xoGndlkbl+Oie1jpo36WdH3UMPJ7nFmeInRvywucv3bHJf09G0GxpSDjTYZH QDhOQc7rHXY/kaiVcx43GKs9NABRpEE4Ksl0f+ebQjgWiApeMvtOeKnpIfD9qMie bG63AgMBAAGjggJRMIICTTAdBgNVHQ4EFgQUyiG6irdU/NZK2pljjW/l5HJTtMEw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzk4 LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzk4L3lpRzZpcmRVX05aSzJwbGpqV19sNUhKVHRNRS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSTKAwDQYJKoZIhvcNAQELBQADggEB AIN0qtuprze+e6DH3lmvCRdVWrK/B/JBP9v0OJ7GLRY99gOr9KL/NRAhLoEtO8fv UIfDF8gmVK7vU7UAdd97iNoHkxkPez6m6JP6KhpjMEz/b2XbJZJRh9y0vYItvDmK A0t1dXkDzDvHMCm4JJicMdyJ57XVpphkTgWm1SbAFYaHVyoqIVye/Q9p/vf94/EG 4tUADTBpDDkdIUTF8uP5pDB2bX1GQMXTA2a1qtsr5TRD2eVvlV8Ucnvok6Z43/fC 6F9Bbqnpha2jKmX8PfXCxCFkcDipSKdQbtxITe9MND9nrtUwAn8vJ/9pmgnIovLu TAH1vfMzDlF3Lcm2/LRDox4= -----END CERTIFICATE-----Generated at Wed Nov 5 15:21:35 2025 by rpki-client