This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer File: 7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer (raw, json) Hash identifier: wcwIV3zOVOa4PsRYPy3bwlQB7J6iU+vx1GinnNJE9Dk= Subject key identifier: EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E75A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:30:59 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 17969 AS: 38355 IP: 27.144.0.0/16 IP: 42.50.0.0/16 IP: 42.123.128.0/17 IP: 117.59.0.0/16 IP: 125.62.0.0/18 IP: 203.161.192.0/19 IP: 218.244.0.0/19 IP: 2401:7e00::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59226 (0xe75a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:30:59 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ee:9f:fd:da:10:f7:6d:27:21:df:15:34:f2: de:c3:b8:e0:8a:89:52:b1:b3:aa:ba:0b:81:9b:98: c6:2c:62:de:05:67:72:19:48:f1:10:37:0f:7a:ce: 69:62:72:4a:f2:18:7d:b0:f1:f9:39:53:22:59:6f: 31:97:ce:72:e5:7a:36:5c:53:0c:d1:95:f9:0a:f0: dc:b1:d2:d5:b0:43:b1:fb:e2:6f:92:6e:a4:fd:5c: 7b:80:e4:5e:89:d2:b6:a1:93:d1:5b:56:f3:99:ee: 98:2f:f4:db:55:1d:39:f8:10:57:9f:8b:74:a8:e0: 66:45:c3:3a:ff:a4:79:b5:68:77:17:c5:4a:77:8a: 92:69:f3:f5:71:47:c3:88:50:c6:26:66:04:1f:4a: 4a:c0:43:06:3e:f0:73:af:9a:af:39:e0:c2:b4:64: 75:46:db:f5:21:10:a3:62:4a:c1:d3:2b:b1:67:e7: f2:69:da:dd:fd:cf:bf:ec:82:cc:9b:fd:77:1e:0a: 60:ba:7e:ec:c1:5e:52:65:5f:78:67:cb:82:0c:7e: b8:5b:95:10:b3:fa:c8:4f:68:6d:44:da:6e:9c:d3: fe:37:2b:52:05:d4:dc:2d:1b:fd:83:ee:dd:f2:7c: 43:8b:94:87:3b:ca:b1:bd:88:30:2c:35:c3:0e:68: 62:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 17969 38355 sbgp-ipAddrBlock: critical IPv4: 27.144.0.0/16 42.50.0.0/16 42.123.128.0/17 117.59.0.0/16 125.62.0.0/18 203.161.192.0/19 218.244.0.0/19 IPv6: 2401:7e00::/32 Signature Algorithm: sha256WithRSAEncryption 25:fd:6e:04:db:aa:30:e6:f5:a4:2d:b8:58:42:50:f3:e8:da: e5:3a:e0:03:05:81:c9:c0:59:bc:ff:ad:bd:bb:8b:0c:2d:a6: 73:b9:c8:01:a0:ee:c6:c2:ee:5c:57:9f:3e:a5:90:3f:db:00: 9c:50:e5:8f:bd:96:58:30:7d:88:08:cf:48:80:27:a9:fe:1f: 64:38:cc:68:d7:35:43:f8:30:5c:78:38:22:5e:ec:79:3a:30: 5b:86:99:f7:cc:fa:f0:97:56:78:38:25:01:6b:8e:25:42:cc: cf:70:c2:58:06:20:b3:f3:0e:af:81:1a:87:8c:12:0d:64:31: 14:dc:07:3f:a9:ce:c6:eb:d4:47:e8:de:7a:81:45:65:60:6f: e6:fb:47:66:d6:f8:e3:87:18:2f:86:84:27:02:a0:0f:d2:d1: d2:4e:d8:24:bb:00:90:48:19:10:f8:ef:99:ba:a0:7c:a3:48: a2:bd:e1:e6:69:33:8f:a2:c0:4f:b9:0b:0c:7f:ff:f2:9e:2e: 62:70:48:67:10:0d:d6:81:42:be:29:8b:cd:96:9b:10:c4:6f: f2:01:9d:63:5f:c0:cd:f9:59:5c:f1:c6:51:33:5f:a7:eb:b4: bb:54:4f:ba:db:44:8d:bb:87:1f:39:2d:49:6e:3c:fe:e8:d4: 72:11:85:3a -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIDAOdaMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODMwNTlaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKEVDQjI3M0IwOTc5OTdDMDJCNEY1MkU1QzFCQjRGRUZFNjY3OTc4 NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS7p/92hD3bSch3xU0 8t7DuOCKiVKxs6q6C4GbmMYsYt4FZ3IZSPEQNw96zmlickryGH2w8fk5UyJZbzGX znLlejZcUwzRlfkK8Nyx0tWwQ7H74m+SbqT9XHuA5F6J0rahk9FbVvOZ7pgv9NtV HTn4EFefi3So4GZFwzr/pHm1aHcXxUp3ipJp8/VxR8OIUMYmZgQfSkrAQwY+8HOv mq854MK0ZHVG2/UhEKNiSsHTK7Fn5/Jp2t39z7/sgsyb/XceCmC6fuzBXlJlX3hn y4IMfrhblRCz+shPaG1E2m6c0/43K1IF1NwtG/2D7t3yfEOLlIc7yrG9iDAsNcMO aGLxAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQU7LJzsJeZfAK09S5cG7T+/mZ5eFAw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIy LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzIyLzdMSnpzSmVaZkFLMDlTNWNHN1QtX21aNWVGQS5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHgYI KwYBBQUHAQgBAf8EDzANoAswCQICRjECAwCV0zBPBggrBgEFBQcBBwEB/wRAMD4w LQQCAAEwJwMDABuQAwMAKjIDBAcqe4ADAwB1OwMEBn0+AAMEBcuhwAMEBdr0ADAN BAIAAjAHAwUAJAF+ADANBgkqhkiG9w0BAQsFAAOCAQEAJf1uBNuqMOb1pC24WEJQ 8+ja5TrgAwWBycBZvP+tvbuLDC2mc7nIAaDuxsLuXFefPqWQP9sAnFDlj72WWDB9 iAjPSIAnqf4fZDjMaNc1Q/gwXHg4Il7seTowW4aZ98z68JdWeDglAWuOJULMz3DC WAYgs/MOr4Eah4wSDWQxFNwHP6nOxuvUR+jeeoFFZWBv5vtHZtb444cYL4aEJwKg D9LR0k7YJLsAkEgZEPjvmbqgfKNIor3h5mkzj6LAT7kLDH//8p4uYnBIZxAN1oFC vimLzZabEMRv8gGdY1/AzflZXPHGUTNfp+u0u1RPuttEjbuHHzktSW48/ujUchGF Og== -----END CERTIFICATE-----Generated at Mon Jan 19 12:19:28 2026 by rpki-client