$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1055390775090675715/1/4AF5DD9398EBC33EA0CAE041D7F52EE2CADD0AFB.cer File: 4AF5DD9398EBC33EA0CAE041D7F52EE2CADD0AFB.cer (raw, json) Hash identifier: GhdJaLDi2K4z5ATe/XAmCD6+bqHxRJih4Bdg4iZ/34I= Subject key identifier: 4A:F5:DD:93:98:EB:C3:3E:A0:CA:E0:41:D7:F5:2E:E2:CA:DD:0A:FB Authority key identifier: A5:6E:87:2A:40:3E:7B:9C:EB:94:31:A0:8F:54:04:01:D2:FB:D7:10 Certificate issuer: /CN=A9162E3D0001/serialNumber=A56E872A403E7B9CEB9431A08F540401D2FBD710 Certificate serial: 2D349651986153B4A083C7D9E2AAE93E73C47BC7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer Manifest: rsync://rpki-rps.cnnic.cn/repo/A1106398388187824147/0/4AF5DD9398EBC33EA0CAE041D7F52EE2CADD0AFB.mft caRepository: rsync://rpki-rps.cnnic.cn/repo/A1106398388187824147/0/ Notify URL: https://rrdp-rps.cnnic.cn/rrdp/notification.xml Certificate not before: Tue 12 May 2026 01:47:13 +0000 Certificate not after: Tue 11 May 2027 01:52:13 +0000 Subordinate resources: AS: 4611 IP: 103.66.32.0/22 IP: 103.228.136.0/22 IP: 202.123.107.0/24 IP: 202.123.110.0/24 IP: 203.192.1.0 -- 203.192.2.255 IP: 203.192.4.0/24 IP: 203.192.6.0 -- 203.192.10.255 IP: 2402:afc0::/32 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 11:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:34:96:51:98:61:53:b4:a0:83:c7:d9:e2:aa:e9:3e:73:c4:7b:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0001, serialNumber=A56E872A403E7B9CEB9431A08F540401D2FBD710 Validity Not Before: May 12 01:47:13 2026 GMT Not After : May 11 01:52:13 2027 GMT Subject: CN=4AF5DD9398EBC33EA0CAE041D7F52EE2CADD0AFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:0e:75:76:92:4b:82:33:26:9a:cb:73:5d:29: c0:82:12:0a:13:cd:26:5c:44:19:53:f1:ac:1f:cf: 79:6f:9b:eb:bd:9d:0a:1c:ae:01:67:67:eb:ff:8f: 9a:2c:38:c7:b9:6f:58:65:55:ac:c0:ac:9a:76:6a: 44:4d:97:bc:5f:b0:0f:a8:05:e3:ec:cb:bd:27:f0: f6:47:8e:81:33:d7:0e:42:28:e0:30:58:8c:f6:e6: 19:8a:5c:d5:5e:77:68:1e:4f:41:f0:3a:db:bc:b3: d8:3e:3e:57:92:fa:07:94:f9:d5:8e:99:b5:f1:89: fe:e6:a9:55:02:ca:83:e2:36:0b:50:b4:ae:44:b9: df:33:90:16:61:67:8e:55:d7:5d:d7:be:c8:09:8b: 4c:69:07:31:91:09:11:2d:5c:a7:40:68:70:4a:43: 89:e8:52:8b:e2:87:93:85:87:9b:67:23:d3:ef:cd: b5:5e:c5:98:df:e5:34:ee:55:8a:aa:36:ed:2e:28: 69:d2:a9:fa:27:1d:8f:59:51:b2:80:98:c5:29:f0: 7c:8b:ff:20:11:ae:32:66:87:5f:a6:3c:42:12:fd: 90:3c:62:39:de:8d:7e:b2:50:13:dd:de:5d:58:95: 05:ea:f4:04:5b:c9:d8:a2:01:ae:e4:26:35:67:d0: c6:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 4A:F5:DD:93:98:EB:C3:3E:A0:CA:E0:41:D7:F5:2E:E2:CA:DD:0A:FB X509v3 Authority Key Identifier: keyid:A5:6E:87:2A:40:3E:7B:9C:EB:94:31:A0:8F:54:04:01:D2:FB:D7:10 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer Subject Information Access: CA Repository - URI:rsync://rpki-rps.cnnic.cn/repo/A1106398388187824147/0/ RPKI Manifest - URI:rsync://rpki-rps.cnnic.cn/repo/A1106398388187824147/0/4AF5DD9398EBC33EA0CAE041D7F52EE2CADD0AFB.mft RPKI Notify - URI:https://rrdp-rps.cnnic.cn/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.66.32.0/22 103.228.136.0/22 202.123.107.0/24 202.123.110.0/24 203.192.1.0-203.192.2.255 203.192.4.0/24 203.192.6.0-203.192.10.255 IPv6: 2402:afc0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 4611 Signature Algorithm: sha256WithRSAEncryption 69:98:ae:b9:bd:97:b2:85:dd:bb:af:43:a4:2b:85:ec:a4:a0: 10:24:8c:60:ec:ba:1d:18:be:dd:2f:d6:77:30:c6:99:eb:96: 9f:5b:f3:60:ea:c9:6e:48:e2:41:9e:5a:5a:ca:26:1e:77:d6: 7d:d0:86:b1:62:ce:36:5b:87:4a:30:09:fa:ea:c3:ed:8e:73: 22:d7:81:4b:22:00:04:96:91:6e:9d:cf:6a:0f:10:04:35:4d: b1:a0:4d:a5:e2:90:d6:ff:97:25:c4:42:ea:bb:16:be:53:b5: ae:14:3d:5f:bc:57:73:9a:33:d5:3e:a3:85:57:1b:6a:dd:6d: 1c:7b:a7:b7:7b:e2:c6:a8:ec:31:6a:fc:4a:ba:98:32:99:b9: 4f:a2:f9:67:87:5a:8b:25:8a:ca:db:52:8c:6a:e1:3b:1b:08: 0e:5e:7f:2d:b2:67:de:4b:1a:82:36:6b:97:46:b1:0d:c4:98: 84:04:78:08:0e:c9:76:89:9a:3c:20:64:12:1c:82:d4:cc:9d: 8c:1e:6b:25:a3:0a:5d:38:89:6c:43:d8:19:77:73:c7:ee:bc: 1c:8c:35:a9:4e:57:af:ee:4a:15:74:4c:7a:c1:e4:3b:68:23: bf:7f:4a:93:4d:b6:76:69:60:40:72:89:70:d6:d1:58:1a:96: f3:e6:b6:ab -----BEGIN CERTIFICATE----- MIIGBTCCBO2gAwIBAgIULTSWUZhhU7Sgg8fZ4qrpPnPEe8cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjJFM0QwMDAxMTEwLwYDVQQFEyhBNTZFODcyQTQw M0U3QjlDRUI5NDMxQTA4RjU0MDQwMUQyRkJENzEwMB4XDTI2MDUxMjAxNDcxM1oX DTI3MDUxMTAxNTIxM1owMzExMC8GA1UEAxMoNEFGNUREOTM5OEVCQzMzRUEwQ0FF MDQxRDdGNTJFRTJDQUREMEFGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQOdXaSS4IzJprLc10pwIISChPNJlxEGVPxrB/PeW+b672dChyuAWdn6/+P miw4x7lvWGVVrMCsmnZqRE2XvF+wD6gF4+zLvSfw9keOgTPXDkIo4DBYjPbmGYpc 1V53aB5PQfA627yz2D4+V5L6B5T51Y6ZtfGJ/uapVQLKg+I2C1C0rkS53zOQFmFn jlXXXde+yAmLTGkHMZEJES1cp0BocEpDiehSi+KHk4WHm2cj0+/NtV7FmN/lNO5V iqo27S4oadKp+icdj1lRsoCYxSnwfIv/IBGuMmaHX6Y8QhL9kDxiOd6NfrJQE93e XViVBer0BFvJ2KIBruQmNWfQxocCAwEAAaOCAvgwggL0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEr13ZOY68M+oMrgQdf1LuLK3Qr7MB8GA1UdIwQYMBaAFKVu hypAPnuc65QxoI9UBAHS+9cQMA4GA1UdDwEB/wQEAwIBBjBzBgNVHR8EbDBqMGig ZqBkhmJyc3luYzovL3Jwa2ktcnBzLmNubmljLmNuL3JlcG8vQTEwNTUzOTA3NzUw OTA2NzU3MTUvMS9BNTZFODcyQTQwM0U3QjlDRUI5NDMxQTA4RjU0MDQwMUQyRkJE NzEwLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3 MkZEMUZGMi9wVzZIS2tBLWU1enJsREdnajFRRUFkTDcxeEEuY2VyMIIBAQYIKwYB BQUHAQsEgfQwgfEwQgYIKwYBBQUHMAWGNnJzeW5jOi8vcnBraS1ycHMuY25uaWMu Y24vcmVwby9BMTEwNjM5ODM4ODE4NzgyNDE0Ny8wLzBuBggrBgEFBQcwCoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMTA2Mzk4Mzg4MTg3ODI0MTQ3 LzAvNEFGNUREOTM5OEVCQzMzRUEwQ0FFMDQxRDdGNTJFRTJDQUREMEFGQi5tZnQw OwYIKwYBBQUHMA2GL2h0dHBzOi8vcnJkcC1ycHMuY25uaWMuY24vcnJkcC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwYgYIKwYBBQUH AQcBAf8EUzBRMEAEAgABMDoDBAJnQiADBAJn5IgDBADKe2sDBADKe24wDAMEAMvA AQMEAMvAAgMEAMvABDAMAwQBy8AGAwQAy8AKMA0EAgACMAcDBQAkAq/AMBkGCCsG AQUFBwEIAQH/BAowCKAGMAQCAhIDMA0GCSqGSIb3DQEBCwUAA4IBAQBpmK65vZey hd27r0OkK4XspKAQJIxg7LodGL7dL9Z3MMaZ65afW/Ng6sluSOJBnlpayiYed9Z9 0IaxYs42W4dKMAn66sPtjnMi14FLIgAElpFunc9qDxAENU2xoE2l4pDW/5clxELq uxa+U7WuFD1fvFdzmjPVPqOFVxtq3W0ce6e3e+LGqOwxavxKupgymblPovlnh1qL JYrK21KMauE7GwgOXn8tsmfeSxqCNmuXRrENxJiEBHgIDsl2iZo8IGQSHILUzJ2M HmslowpdOIlsQ9gZd3PH7rwcjDWpTlev7koVdEx6weQ7aCO/f0qTTbZ2aWBAcolw 1tFYGpbz5rar -----END CERTIFICATE-----Generated at Wed May 13 20:17:18 2026 by rpki-client