This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/CZkX2MUTgArhbVggcgZ8KTd8Jik.cer File: CZkX2MUTgArhbVggcgZ8KTd8Jik.cer (raw, json) Hash identifier: VeSk/1cWe9gfuCPrJngQAig+8Buj02vFp9+R2TnM9hY= Subject key identifier: 09:99:17:D8:C5:13:80:0A:E1:6D:58:20:72:06:7C:29:37:7C:26:29 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E64A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3360/CZkX2MUTgArhbVggcgZ8KTd8Jik.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3360/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:26:04 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 137755 IP: 163.227.40.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58954 (0xe64a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:26:04 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=099917D8C513800AE16D582072067C29377C2629 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:98:0b:15:a6:f6:3e:12:79:95:30:c2:ac:b8: ab:08:8b:9d:73:ba:c9:cf:87:30:3c:73:63:ad:ea: 63:89:80:2e:6b:a9:11:a6:9c:3f:14:b6:87:5b:e3: 6e:32:03:a6:a3:f4:25:ab:b8:31:66:15:69:93:bc: 2e:0a:2e:f7:f4:b9:ff:74:79:60:d2:2d:67:62:b6: ce:43:e8:53:e5:76:2a:81:06:be:cd:78:ad:2c:46: 50:74:a4:28:58:3a:1e:c9:73:2a:a6:9c:d4:0a:f6: 86:ba:7d:18:be:8d:c8:1a:82:91:ef:24:49:36:d4: a5:1e:68:06:76:17:72:d9:3e:df:fb:88:2b:d9:51: 4b:5f:f6:8b:85:f9:d3:90:11:1d:4f:e9:5f:2a:07: fc:38:5d:df:08:77:69:c3:bd:a1:3b:95:10:12:c1: 38:9e:37:12:80:6e:b8:f9:e2:93:5a:89:9f:a2:e3: 94:c7:78:4a:68:1b:c8:91:38:4c:cf:cf:09:b2:bc: 7c:fc:05:47:ac:ba:b3:e8:bd:25:9f:db:f7:dc:24: 89:0d:72:6b:57:d3:86:e1:b7:6e:a2:93:92:f3:db: c7:fc:77:3e:fb:c8:b1:11:88:7f:cb:72:bc:4d:ea: 2c:d9:a5:bc:e2:3c:04:62:1e:d3:a0:16:7d:63:66: 2a:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:99:17:D8:C5:13:80:0A:E1:6D:58:20:72:06:7C:29:37:7C:26:29 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3360/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3360/CZkX2MUTgArhbVggcgZ8KTd8Jik.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 137755 sbgp-ipAddrBlock: critical IPv4: 163.227.40.0/23 Signature Algorithm: sha256WithRSAEncryption 39:b9:cc:3c:f9:eb:7d:d3:23:89:89:26:d6:a9:4f:78:f9:c2: 4b:04:83:73:65:a6:72:41:f1:f9:a3:a9:4d:b0:7d:34:93:2f: e5:8a:eb:15:43:7f:1e:dc:e3:84:71:3e:b8:50:43:f8:8f:a4: 00:db:fb:3c:12:36:ec:49:fd:a8:be:c4:90:3d:da:5c:60:10: 72:13:ea:02:c2:a6:42:4c:f0:42:c9:55:3e:ee:34:a4:6a:90: 06:80:c2:47:de:6a:9e:bf:7f:b9:49:d2:fe:3f:c7:27:f2:f0: 57:6a:a9:87:63:9a:3b:99:18:db:bb:11:71:cb:0d:78:5c:be: ef:7f:69:b1:0f:ac:b0:96:36:94:ef:1f:6f:1e:eb:77:62:2b: f7:cb:fc:a7:45:aa:82:2b:47:63:9e:3f:cd:df:60:3a:e7:46: ff:3a:48:c2:81:ac:75:cc:2d:28:e7:b3:9b:f3:2e:c6:92:9c: f7:d0:fc:df:0f:78:dc:96:35:cf:63:53:ba:2a:80:44:80:ac: 2e:ac:ca:93:a4:2a:57:c4:11:12:92:a1:1f:b5:75:e5:70:2a: 00:8c:54:d9:51:47:d5:57:93:8d:4d:17:6e:49:b8:63:82:4e: 33:61:71:90:2e:35:2b:4b:56:21:87:f5:50:e2:81:94:7a:9b: 75:cc:cb:61 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgIDAOZKMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODI2MDRaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKDA5OTkxN0Q4QzUxMzgwMEFFMTZENTgyMDcyMDY3QzI5Mzc3QzI2 MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYmAsVpvY+EnmVMMKs uKsIi51zusnPhzA8c2Ot6mOJgC5rqRGmnD8Utodb424yA6aj9CWruDFmFWmTvC4K Lvf0uf90eWDSLWdits5D6FPldiqBBr7NeK0sRlB0pChYOh7JcyqmnNQK9oa6fRi+ jcgagpHvJEk21KUeaAZ2F3LZPt/7iCvZUUtf9ouF+dOQER1P6V8qB/w4Xd8Id2nD vaE7lRASwTieNxKAbrj54pNaiZ+i45THeEpoG8iROEzPzwmyvHz8BUesurPovSWf 2/fcJIkNcmtX04bht26ik5Lz28f8dz77yLERiH/LcrxN6izZpbziPARiHtOgFn1j Ziq1AgMBAAGjggJxMIICbTAdBgNVHQ4EFgQUCZkX2MUTgArhbVggcgZ8KTd8Jikw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz NjAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzM2MC9DWmtYMk1VVGdBcmhiVmdnY2daOEtUZDhKaWsubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIaGzAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaPjKDANBgkqhkiG9w0BAQsFAAOCAQEAObnMPPnrfdMjiYkm1qlP ePnCSwSDc2WmckHx+aOpTbB9NJMv5YrrFUN/HtzjhHE+uFBD+I+kANv7PBI27En9 qL7EkD3aXGAQchPqAsKmQkzwQslVPu40pGqQBoDCR95qnr9/uUnS/j/HJ/LwV2qp h2OaO5kY27sRccsNeFy+739psQ+ssJY2lO8fbx7rd2Ir98v8p0WqgitHY54/zd9g OudG/zpIwoGsdcwtKOezm/MuxpKc99D83w943JY1z2NTuiqARICsLqzKk6QqV8QR EpKhH7V15XAqAIxU2VFH1VeTjU0Xbkm4Y4JOM2FxkC41K0tWIYf1UOKBlHqbdczL YQ== -----END CERTIFICATE-----Generated at Mon Jan 19 12:19:28 2026 by rpki-client