$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer File: zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer (raw, json) Hash identifier: CCt77BJsMknfi8eqIyHZI/XbJUH1sFDR+TGTEWz70k8= Subject key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 401D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Sun 03 Aug 2025 09:19:03 +0000 Certificate not after: Mon 03 Aug 2026 08:44:40 +0000 Subordinate resources: IP: 47.92.0.0 -- 47.127.255.255 IP: 139.129.0.0/16 IP: 139.196.0.0/16 IP: 139.224.0.0/16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 09:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16413 (0x401d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Aug 3 09:19:03 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:01:38:14:7f:eb:9c:13:17:15:f5:a0:1a:86: 59:77:69:59:65:2a:51:e0:15:c1:2a:3c:cf:c2:81: 98:c4:aa:55:c0:31:b4:c3:f4:72:00:4f:a7:8b:46: 6a:fb:4f:a4:23:81:2a:1f:6d:b2:36:4f:0f:fb:6e: 9a:0b:2f:b4:68:69:75:8d:f7:1c:30:a2:43:7a:b4: 06:16:ad:dd:a1:41:dc:04:b2:31:ee:64:ba:9f:12: 91:39:9e:ca:f5:63:21:34:c0:32:63:00:ca:c6:87: 8b:e2:d9:07:d9:8d:ea:b9:08:ba:d8:e2:3d:5b:71: 9a:bc:9c:49:f2:e9:31:99:a6:34:16:c4:34:84:8b: 0e:59:6f:0d:8a:25:63:d7:80:c5:48:62:ad:d6:79: fb:bd:80:25:97:8e:fa:41:62:31:4f:cb:6f:16:d6: 4d:8e:87:90:2e:94:d1:be:b2:c1:07:a2:9c:d0:5d: 77:c6:96:11:a5:a6:c3:ac:3a:65:0f:cd:fa:f6:00: 78:15:ee:c9:d7:7f:b9:dc:51:33:7a:58:5f:39:4a: c5:d2:d1:25:61:cf:e4:98:79:a5:02:f0:89:5a:2c: 59:f4:3d:c2:87:34:fe:9b:3d:63:81:94:74:58:15: da:2b:df:87:59:cb:24:94:bf:6d:32:5e:4e:09:57: 5b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.92.0.0-47.127.255.255 139.129.0.0/16 139.196.0.0/16 139.224.0.0/16 Signature Algorithm: sha256WithRSAEncryption 40:79:8e:89:ed:45:b7:cd:b2:94:3c:bc:b5:7a:36:1d:c2:a3: dc:33:40:32:26:89:a6:31:2b:6d:c4:81:73:19:01:66:02:32: 91:d9:cf:42:1e:9d:38:98:27:74:90:8e:bb:14:67:4a:10:db: a5:bb:c5:dc:ba:5b:9a:3a:20:e9:32:fe:35:91:35:83:60:c2: 45:4c:c6:f4:d9:03:69:48:3b:aa:f6:47:5d:d8:23:58:cd:22: 75:30:7e:d6:a4:c7:94:5b:fb:9c:e6:6c:88:fe:85:43:04:b7: 30:de:6c:44:f5:73:0e:8e:05:c3:0c:68:7c:09:c5:33:ed:9b: 80:ff:d8:2e:ca:9a:dc:26:dd:58:9b:32:6e:ca:4a:1a:5e:61: 09:b5:0e:11:1f:3f:07:10:2c:3f:17:1b:7f:69:50:c3:3b:60: 61:74:4e:ae:cb:74:6f:74:58:3e:91:0a:7a:5c:9c:c2:2d:9c: 2e:09:2f:8c:6c:2e:c5:cb:df:ce:fd:f4:5c:f4:2b:f9:0e:ce: f0:c4:a0:e4:c6:dc:74:6c:53:38:af:71:7e:e7:ac:7f:63:60: 59:2c:97:03:08:0c:ad:d0:09:03:73:6c:97:b4:04:95:ab:be: 03:d0:96:30:86:e2:85:f6:f4:19:c9:f0:a8:a2:e0:90:ee:6a: ba:06:7a:ac -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgICQB0wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MDgwMzA5MTkwM1oXDTI2MDgwMzA4NDQ0MFowMzEx MC8GA1UEAxMoQ0UwQTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQz NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANkBOBR/65wTFxX1oBqG WXdpWWUqUeAVwSo8z8KBmMSqVcAxtMP0cgBPp4tGavtPpCOBKh9tsjZPD/tumgsv tGhpdY33HDCiQ3q0Bhat3aFB3ASyMe5kup8SkTmeyvVjITTAMmMAysaHi+LZB9mN 6rkIutjiPVtxmrycSfLpMZmmNBbENISLDllvDYolY9eAxUhirdZ5+72AJZeO+kFi MU/LbxbWTY6HkC6U0b6ywQeinNBdd8aWEaWmw6w6ZQ/N+vYAeBXuydd/udxRM3pY XzlKxdLRJWHP5Jh5pQLwiVosWfQ9woc0/ps9Y4GUdFgV2ivfh1nLJJS/bTJeTglX W+UCAwEAAaOCAmgwggJkMB0GA1UdDgQWBBTOCpywKTe1fc5moX+4QhbXq+dkNDAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzM1Ny96Z3Fjc0NrM3RYM09acUZfdUVJVzE2dm5aRFEubWZ0MDEGCCsG AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMDQG CCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAoDAwIvXAMDBy8AAwMAi4EDAwCLxAMD AIvgMA0GCSqGSIb3DQEBCwUAA4IBAQBAeY6J7UW3zbKUPLy1ejYdwqPcM0AyJomm MSttxIFzGQFmAjKR2c9CHp04mCd0kI67FGdKENulu8XculuaOiDpMv41kTWDYMJF TMb02QNpSDuq9kdd2CNYzSJ1MH7WpMeUW/uc5myI/oVDBLcw3mxE9XMOjgXDDGh8 CcUz7ZuA/9guyprcJt1YmzJuykoaXmEJtQ4RHz8HECw/Fxt/aVDDO2BhdE6uy3Rv dFg+kQp6XJzCLZwuCS+MbC7Fy9/O/fRc9Cv5Ds7wxKDkxtx0bFM4r3F+56x/Y2BZ LJcDCAyt0AkDc2yXtASVq74D0JYwhuKF9vQZyfCoouCQ7mq6Bnqs -----END CERTIFICATE-----Generated at Mon Aug 11 08:09:46 2025 by rpki-client