$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.cer File: 289BA9CBEB71D9603BED963E3B60B1790E8F78A2.cer (raw, json) Hash identifier: hDJ8AuoTxLZ/SYgCjQEGCyw1waSzrWEaU5RPUvVFzew= Subject key identifier: 28:9B:A9:CB:EB:71:D9:60:3B:ED:96:3E:3B:60:B1:79:0E:8F:78:A2 Authority key identifier: A5:6E:87:2A:40:3E:7B:9C:EB:94:31:A0:8F:54:04:01:D2:FB:D7:10 Certificate issuer: /CN=A9162E3D0001/serialNumber=A56E872A403E7B9CEB9431A08F540401D2FBD710 Certificate serial: 031FCA9FD09CED3EBDFA1281067E5978EC13D3B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer Manifest: rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft caRepository: rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/ Notify URL: https://rrdp-rps.cnnic.cn/rrdp/notification.xml Certificate not before: Fri 08 May 2026 02:32:55 +0000 Certificate not after: Fri 07 May 2027 02:37:55 +0000 Subordinate resources: AS: 55999 IP: 43.240.160.0/19 IP: 103.36.176.0/20 IP: 163.128.236.0/23 IP: 2402:5820::/32 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 11:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:1f:ca:9f:d0:9c:ed:3e:bd:fa:12:81:06:7e:59:78:ec:13:d3:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0001, serialNumber=A56E872A403E7B9CEB9431A08F540401D2FBD710 Validity Not Before: May 8 02:32:55 2026 GMT Not After : May 7 02:37:55 2027 GMT Subject: CN=289BA9CBEB71D9603BED963E3B60B1790E8F78A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:c2:53:06:3b:52:25:5e:2a:4c:f0:99:e0:73: 7a:97:a8:0a:13:a2:b9:31:56:51:50:7d:f6:be:7f: a0:de:f7:e0:13:04:f5:15:01:2e:0f:ec:65:03:12: 51:00:f9:05:9f:ba:eb:0d:b0:15:4c:71:3d:79:cf: 34:b3:49:fe:5e:3b:2b:00:e3:53:84:f5:67:ca:b8: c1:e6:67:f0:94:4d:56:74:7a:b2:16:d8:a7:c8:9a: 55:e6:3b:c1:1a:1e:a7:82:aa:c0:26:d1:02:ed:8c: 93:ab:88:37:55:df:c7:2b:d4:6c:ce:04:77:03:e8: c0:55:5f:b8:0f:36:df:5f:87:09:1d:85:45:a7:a7: 67:60:38:6e:e9:4b:5a:5a:f4:ca:07:59:91:6c:59: 7c:8e:58:4d:7a:27:f6:ae:78:f1:f0:1d:4c:13:63: cd:2d:84:b4:72:fa:3d:03:9d:1d:30:bc:a9:10:19: b1:11:3d:59:94:c4:9a:82:79:19:84:49:1f:bf:8b: 81:7b:de:67:f8:4b:4e:2a:cf:29:d7:77:7e:cd:69: a7:ab:f3:b0:b5:df:d3:fe:ec:a9:8f:9e:4c:a5:91: 14:61:46:fc:01:36:11:d2:f7:61:ca:39:fd:af:1c: f6:1d:1a:b2:44:a4:0a:6f:43:f6:92:3f:61:b9:ac: f3:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 28:9B:A9:CB:EB:71:D9:60:3B:ED:96:3E:3B:60:B1:79:0E:8F:78:A2 X509v3 Authority Key Identifier: keyid:A5:6E:87:2A:40:3E:7B:9C:EB:94:31:A0:8F:54:04:01:D2:FB:D7:10 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer Subject Information Access: CA Repository - URI:rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/ RPKI Manifest - URI:rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft RPKI Notify - URI:https://rrdp-rps.cnnic.cn/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.160.0/19 103.36.176.0/20 163.128.236.0/23 IPv6: 2402:5820::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 55999 Signature Algorithm: sha256WithRSAEncryption 44:f8:d0:27:18:3e:1e:a8:b0:39:3d:cc:24:e8:26:a8:04:ee: a2:ff:f6:13:b0:cc:3f:68:07:17:d7:d8:a3:6e:cd:d9:6c:db: c5:6d:b6:01:97:ce:c2:46:1a:ba:ee:d4:8b:5a:60:3a:6a:89: 35:a0:43:cc:a9:ea:58:78:f9:0a:2e:8e:02:c4:4f:95:26:98: 3b:66:91:60:8d:6d:6a:85:cf:5a:02:e4:f5:aa:dc:0f:38:82: 9d:7a:82:48:60:c2:42:cf:79:95:23:86:c1:f8:31:a6:68:3f: 61:9d:3f:93:a4:d5:c9:44:86:db:2a:de:a4:41:1e:03:b2:7a: 9e:fc:52:96:b8:54:a8:20:dd:bc:11:2a:f6:8d:1b:58:df:37: 01:5d:0d:f7:32:35:59:2b:75:34:0a:bd:ed:59:16:b6:bc:2e: e5:1c:f0:4d:91:5a:ec:07:43:16:72:ba:1b:1e:df:f4:51:0f: 44:e2:d0:33:a8:ec:22:90:7e:29:d1:69:ab:72:1d:50:5d:14: ae:d1:dc:04:28:8a:64:68:b4:87:ae:5f:ae:a3:9d:3f:e7:84: cf:de:ff:d4:1d:7c:b3:c0:88:e7:70:11:3b:81:b5:36:99:68: b0:78:3e:74:5f:de:04:29:a4:54:ed:b1:a4:07:99:fd:56:b1: b5:ee:e7:c6 -----BEGIN CERTIFICATE----- MIIF3jCCBMagAwIBAgIUAx/Kn9Cc7T69+hKBBn5ZeOwT07cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjJFM0QwMDAxMTEwLwYDVQQFEyhBNTZFODcyQTQw M0U3QjlDRUI5NDMxQTA4RjU0MDQwMUQyRkJENzEwMB4XDTI2MDUwODAyMzI1NVoX DTI3MDUwNzAyMzc1NVowMzExMC8GA1UEAxMoMjg5QkE5Q0JFQjcxRDk2MDNCRUQ5 NjNFM0I2MEIxNzkwRThGNzhBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANPCUwY7UiVeKkzwmeBzepeoChOiuTFWUVB99r5/oN734BME9RUBLg/sZQMS UQD5BZ+66w2wFUxxPXnPNLNJ/l47KwDjU4T1Z8q4weZn8JRNVnR6shbYp8iaVeY7 wRoep4KqwCbRAu2Mk6uIN1XfxyvUbM4EdwPowFVfuA8231+HCR2FRaenZ2A4bulL Wlr0ygdZkWxZfI5YTXon9q548fAdTBNjzS2EtHL6PQOdHTC8qRAZsRE9WZTEmoJ5 GYRJH7+LgXveZ/hLTirPKdd3fs1pp6vzsLXf0/7sqY+eTKWRFGFG/AE2EdL3Yco5 /a8c9h0askSkCm9D9pI/Ybms83kCAwEAAaOCAtEwggLNMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCibqcvrcdlgO+2WPjtgsXkOj3iiMB8GA1UdIwQYMBaAFKVu hypAPnuc65QxoI9UBAHS+9cQMA4GA1UdDwEB/wQEAwIBBjBzBgNVHR8EbDBqMGig ZqBkhmJyc3luYzovL3Jwa2ktcnBzLmNubmljLmNuL3JlcG8vQTEwNTUzOTA3NzUw OTA2NzU3MTUvMS9BNTZFODcyQTQwM0U3QjlDRUI5NDMxQTA4RjU0MDQwMUQyRkJE NzEwLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9wVzZIS2tBLWU1enJsREdnajFRRUFkTDcxeEEuY2VyMIIBAQYIKwYB BQUHAQsEgfQwgfEwQgYIKwYBBQUHMAWGNnJzeW5jOi8vcnBraS1ycHMuY25uaWMu Y24vcmVwby9BMTA5NjY5Mzg5OTU5NTg3NDMwNS8wLzBuBggrBgEFBQcwCoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NjkzODk5NTk1ODc0MzA1 LzAvMjg5QkE5Q0JFQjcxRDk2MDNCRUQ5NjNFM0I2MEIxNzkwRThGNzhBMi5tZnQw OwYIKwYBBQUHMA2GL2h0dHBzOi8vcnJkcC1ycHMuY25uaWMuY24vcnJkcC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUH AQcBAf8EKzApMBgEAgABMBIDBAUr8KADBARnJLADBAGjgOwwDQQCAAIwBwMFACQC WCAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDANq/MA0GCSqGSIb3DQEBCwUAA4IB AQBE+NAnGD4eqLA5Pcwk6CaoBO6i//YTsMw/aAcX19ijbs3ZbNvFbbYBl87CRhq6 7tSLWmA6aok1oEPMqepYePkKLo4CxE+VJpg7ZpFgjW1qhc9aAuT1qtwPOIKdeoJI YMJCz3mVI4bB+DGmaD9hnT+TpNXJRIbbKt6kQR4Dsnqe/FKWuFSoIN28ESr2jRtY 3zcBXQ33MjVZK3U0Cr3tWRa2vC7lHPBNkVrsB0MWcrobHt/0UQ9E4tAzqOwikH4p 0Wmrch1QXRSu0dwEKIpkaLSHrl+uo50/54TP3v/UHXyzwIjncBE7gbU2mWiweD50 X94EKaRU7bGkB5n9VrG17ufG -----END CERTIFICATE-----Generated at Wed May 13 20:17:13 2026 by rpki-client