$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer File: zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer (raw, json) Hash identifier: D9b58VAD6fiJj55tqmxioOaq6LEraIcADwOf2AjW8tM= Subject key identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: D8D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:14:02 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 103.28.204.0/22 IP: 163.53.52.0/22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 07:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55512 (0xd8d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Aug 3 09:14:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:17:40:29:ae:04:e6:f1:9e:a3:3a:be:50:cc: 22:f2:25:13:59:b7:26:4f:04:c4:8e:be:a3:95:80: b6:cb:73:7e:c2:9f:51:75:57:82:f4:0e:c3:04:d9: c9:a2:d3:cd:c1:0d:ca:cb:49:c1:88:16:0e:26:57: 7b:80:7b:af:a2:f8:a2:04:2c:78:73:11:da:36:85: c3:dd:39:7c:32:62:79:ab:be:ec:50:aa:10:6c:31: 6a:4d:21:11:ec:f3:01:a7:41:75:2a:4c:15:ad:e5: 9d:72:6d:18:ba:41:11:04:79:2e:6b:b3:38:67:a5: 0f:52:5e:53:b0:fc:77:96:f9:cd:47:99:ee:c1:3f: 41:c0:f4:2a:5d:92:ce:e9:9c:a0:c9:bd:df:f6:71: b6:d3:67:2f:d3:fd:42:55:93:66:b6:0c:37:57:da: 8d:7e:b6:57:bd:ab:d7:a4:ae:f9:da:dc:fd:ba:b7: 8b:f9:31:43:fa:17:d6:0c:de:bd:e8:61:c6:88:f9: 23:65:f3:69:fd:59:8b:c2:68:bb:37:dc:19:ea:66: 0e:56:4a:fb:84:30:65:c8:d9:8f:74:40:03:09:aa: 5d:2d:20:8f:e6:4b:86:4e:63:2b:94:a4:d4:5c:dc: 47:65:a6:d0:06:88:d4:ff:56:5a:ba:11:ef:55:9f: b6:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.28.204.0/22 163.53.52.0/22 Signature Algorithm: sha256WithRSAEncryption ac:96:f4:ea:de:1e:b4:ee:f5:49:ab:4f:b0:27:3f:d8:d6:bb: db:c9:f7:a1:0e:0d:36:34:0a:e0:d0:6b:04:78:8b:35:18:78: fc:85:4b:42:30:c2:fc:94:9b:e7:16:de:80:4b:00:4f:6c:54: b5:86:26:35:88:17:87:66:85:67:58:75:06:20:9c:1b:a8:c2: 7b:15:c7:da:b3:b3:d1:54:68:ed:d7:38:a7:89:39:61:67:4b: ec:77:6b:65:79:5a:d0:ae:b1:ee:22:a2:9d:8b:f7:c5:97:d4: ec:af:ce:4c:c2:cd:04:7f:ff:93:d5:ac:69:76:bf:c1:09:fe: 48:a5:9b:b5:f8:1d:eb:42:d1:23:3c:d7:9d:aa:e9:59:44:20: 25:30:33:0a:01:07:9c:7d:a1:07:7b:52:5f:a2:7b:bb:bc:a6: be:90:97:6e:0f:83:33:2d:da:1b:30:3b:51:0b:f2:d5:73:90: 6b:c6:18:9c:99:d6:c4:10:c9:2e:9b:17:18:a6:17:5f:fe:fd: e5:dc:1a:1a:26:5d:fd:2f:24:6c:cc:83:42:b2:96:b1:32:52: 38:5c:e8:83:1a:01:00:66:2b:12:5f:18:b9:f1:c8:a0:fb:47: 59:93:ef:55:36:e5:7b:e4:c6:58:0c:94:a9:fa:0b:f1:75:50: cf:dd:45:0f -----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgIDANjYMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTA4MDMwOTE0MDJaFw0yNjA4MDMwODQ0NDBaMDMx MTAvBgNVBAMTKENDQTNBNzFEMzI2NkVFQkZFNkYxODlERUVFNDI5RUE5RTA0M0E0 RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFF0AprgTm8Z6jOr5Q zCLyJRNZtyZPBMSOvqOVgLbLc37Cn1F1V4L0DsME2cmi083BDcrLScGIFg4mV3uA e6+i+KIELHhzEdo2hcPdOXwyYnmrvuxQqhBsMWpNIRHs8wGnQXUqTBWt5Z1ybRi6 QREEeS5rszhnpQ9SXlOw/HeW+c1Hme7BP0HA9Cpdks7pnKDJvd/2cbbTZy/T/UJV k2a2DDdX2o1+tle9q9ekrvna3P26t4v5MUP6F9YM3r3oYcaI+SNl82n9WYvCaLs3 3BnqZg5WSvuEMGXI2Y90QAMJql0tII/mS4ZOYyuUpNRc3EdlptAGiNT/Vlq6Ee9V n7YnAgMBAAGjggJZMIICVTAdBgNVHQ4EFgQUzKOnHTJm7r/m8Yne7kKeqeBDpOcw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQ3 My8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC80NzMvektPbkhUSm03cl9tOFluZTdrS2VxZUJEcE9jLm1mdDAxBggr BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAl BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAmcczAMEAqM1NDANBgkqhkiG9w0B AQsFAAOCAQEArJb06t4etO71SatPsCc/2Na728n3oQ4NNjQK4NBrBHiLNRh4/IVL QjDC/JSb5xbegEsAT2xUtYYmNYgXh2aFZ1h1BiCcG6jCexXH2rOz0VRo7dc4p4k5 YWdL7HdrZXla0K6x7iKinYv3xZfU7K/OTMLNBH//k9WsaXa/wQn+SKWbtfgd60LR IzzXnarpWUQgJTAzCgEHnH2hB3tSX6J7u7ymvpCXbg+DMy3aGzA7UQvy1XOQa8YY nJnWxBDJLpsXGKYXX/795dwaGiZd/S8kbMyDQrKWsTJSOFzogxoBAGYrEl8YufHI oPtHWZPvVTble+TGWAyUqfoL8XVQz91FDw== -----END CERTIFICATE-----Generated at Wed Aug 13 05:56:43 2025 by rpki-client