$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer File: zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer (raw, json) Hash identifier: 44r1L3DNY0d0dghN1QMh/rQq69/NlqFRY+Sof4o/23Q= Subject key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 3CED Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Thu 03 Apr 2025 08:15:58 +0000 Certificate not after: Fri 03 Apr 2026 08:00:09 +0000 Subordinate resources: IP: 47.92.0.0 -- 47.127.255.255 IP: 139.129.0.0/16 IP: 139.196.0.0/16 IP: 139.224.0.0/16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:39:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15597 (0x3ced) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Apr 3 08:15:58 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:01:38:14:7f:eb:9c:13:17:15:f5:a0:1a:86: 59:77:69:59:65:2a:51:e0:15:c1:2a:3c:cf:c2:81: 98:c4:aa:55:c0:31:b4:c3:f4:72:00:4f:a7:8b:46: 6a:fb:4f:a4:23:81:2a:1f:6d:b2:36:4f:0f:fb:6e: 9a:0b:2f:b4:68:69:75:8d:f7:1c:30:a2:43:7a:b4: 06:16:ad:dd:a1:41:dc:04:b2:31:ee:64:ba:9f:12: 91:39:9e:ca:f5:63:21:34:c0:32:63:00:ca:c6:87: 8b:e2:d9:07:d9:8d:ea:b9:08:ba:d8:e2:3d:5b:71: 9a:bc:9c:49:f2:e9:31:99:a6:34:16:c4:34:84:8b: 0e:59:6f:0d:8a:25:63:d7:80:c5:48:62:ad:d6:79: fb:bd:80:25:97:8e:fa:41:62:31:4f:cb:6f:16:d6: 4d:8e:87:90:2e:94:d1:be:b2:c1:07:a2:9c:d0:5d: 77:c6:96:11:a5:a6:c3:ac:3a:65:0f:cd:fa:f6:00: 78:15:ee:c9:d7:7f:b9:dc:51:33:7a:58:5f:39:4a: c5:d2:d1:25:61:cf:e4:98:79:a5:02:f0:89:5a:2c: 59:f4:3d:c2:87:34:fe:9b:3d:63:81:94:74:58:15: da:2b:df:87:59:cb:24:94:bf:6d:32:5e:4e:09:57: 5b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.92.0.0-47.127.255.255 139.129.0.0/16 139.196.0.0/16 139.224.0.0/16 Signature Algorithm: sha256WithRSAEncryption 28:a1:d5:9b:24:eb:df:19:2a:c5:ab:35:75:5c:a6:f5:a4:d2: 3a:ba:bf:aa:66:af:c8:16:60:36:08:8c:5b:77:ad:25:fd:5f: 24:29:1c:3d:81:5d:19:03:ed:42:a2:fc:5d:0e:ee:5a:5f:f2: 00:fb:62:a6:e3:1d:a2:a1:7f:6a:eb:40:bd:ec:da:bd:53:8d: 1f:40:8f:72:33:3f:4c:41:8c:6a:40:be:d5:b5:27:1e:15:2c: 69:1e:5d:82:76:03:a9:a1:14:2f:51:52:6d:05:72:b6:e1:02: c3:8a:7e:16:ca:fb:18:55:e4:c3:49:cb:e7:d9:2a:66:5f:6f: 04:d1:bd:21:1a:2e:9e:c2:0d:1f:8f:bf:1c:fc:4f:6d:04:2c: ed:86:6c:ff:1d:9a:d2:67:be:34:3c:ce:16:35:ae:15:b0:0f: 86:2c:49:4e:dc:68:38:2a:64:39:73:25:68:be:e7:26:45:93: ef:94:60:56:2f:dc:32:de:9b:7f:5b:03:18:9d:d3:3a:57:fc: 8d:66:04:1f:c9:7e:4c:32:f8:d2:68:52:fc:7c:aa:84:a1:f7: 84:5c:de:7d:af:32:65:17:25:1d:8a:32:c9:01:fe:d5:f7:77: 27:36:c0:2a:a4:1f:af:23:95:f2:a4:62:04:c5:21:5c:5e:e1: 59:c8:da:9a -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICPO0wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDQwMzA4MTU1OFoXDTI2MDQwMzA4MDAwOVowMzEx MC8GA1UEAxMoQ0UwQTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQz NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkBOBR/65wTFxX1oBqG WXdpWWUqUeAVwSo8z8KBmMSqVcAxtMP0cgBPp4tGavtPpCOBKh9tsjZPD/tumgsv tGhpdY33HDCiQ3q0Bhat3aFB3ASyMe5kup8SkTmeyvVjITTAMmMAysaHi+LZB9mN 6rkIutjiPVtxmrycSfLpMZmmNBbENISLDllvDYolY9eAxUhirdZ5+72AJZeO+kFi MU/LbxbWTY6HkC6U0b6ywQeinNBdd8aWEaWmw6w6ZQ/N+vYAeBXuydd/udxRM3pY XzlKxdLRJWHP5Jh5pQLwiVosWfQ9woc0/ps9Y4GUdFgV2ivfh1nLJJS/bTJeTglX W+UCAwEAAaOCAmgwggJkMB0GA1UdDgQWBBTOCpywKTe1fc5moX+4QhbXq+dkNDAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzM1Ny96Z3Fjc0NrM3RYM09acUZfdUVJVzE2dm5aRFEubWZ0MDEGCCsG AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMDQG CCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAoDAwIvXAMDBy8AAwMAi4EDAwCLxAMD AIvgMA0GCSqGSIb3DQEBCwUAA4IBAQAoodWbJOvfGSrFqzV1XKb1pNI6ur+qZq/I FmA2CIxbd60l/V8kKRw9gV0ZA+1CovxdDu5aX/IA+2Km4x2ioX9q60C97Nq9U40f QI9yMz9MQYxqQL7VtSceFSxpHl2CdgOpoRQvUVJtBXK24QLDin4WyvsYVeTDScvn 2SpmX28E0b0hGi6ewg0fj78c/E9tBCzthmz/HZrSZ740PM4WNa4VsA+GLElO3Gg4 KmQ5cyVovucmRZPvlGBWL9wy3pt/WwMYndM6V/yNZgQfyX5MMvjSaFL8fKqEofeE XN59rzJlFyUdijLJAf7V93cnNsAqpB+vI5XypGIExSFcXuFZyNqa -----END CERTIFICATE-----Generated at Sat Apr 26 12:17:22 2025 by rpki-client