Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/DCU6cZ6KRPwY4QW5WqI0i13O1ZU.cer
File: DCU6cZ6KRPwY4QW5WqI0i13O1ZU.cer (raw, json)
Hash identifier: xKuIWO7xDMRchk/xjVCQIdE1pm+Zu+FhN8R9w5hj9KY=
Subject key identifier: 0C:25:3A:71:9E:8A:44:FC:18:E1:05:B9:5A:A2:34:8B:5D:CE:D5:95
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: EBEA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/DCU6cZ6KRPwY4QW5WqI0i13O1ZU.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Mon 09 Mar 2026 20:00:02 +0000
Certificate not after: Sat 09 Jan 2027 08:23:18 +0000
Subordinate resources: IP: 103.41.140.0/22
IP: 103.49.76.0/22
IP: 103.52.72.0 -- 103.52.87.255
IP: 2403:28c0::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60394 (0xebea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Mar 9 20:00:02 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=0C253A719E8A44FC18E105B95AA2348B5DCED595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:e7:31:36:4d:a2:1c:d3:10:8e:53:51:eb:
1f:ce:f7:db:aa:2a:2c:44:b7:8c:1a:04:44:76:f6:
17:6d:27:39:f9:34:6c:94:21:b7:a5:33:2e:51:9a:
78:3f:89:7b:44:ae:68:6a:16:29:b9:23:2f:55:e8:
e6:2e:d5:ff:9c:3a:e1:f8:5f:94:d4:74:7b:9c:7f:
95:7a:cd:cb:e3:7c:26:b3:1e:23:ef:8c:d1:95:f1:
d0:ed:2e:7c:7f:cf:75:4d:9f:99:9f:3c:5a:c5:be:
bb:c1:d6:89:eb:a8:f7:e8:18:31:b1:6a:4b:38:16:
23:9b:c9:4c:7e:10:7d:0b:e7:0c:f8:f1:8c:be:ec:
fd:39:18:6b:95:a7:f7:ae:76:22:9b:aa:29:c2:6c:
8f:1e:e8:ec:b7:2c:ac:27:81:0e:21:94:7c:e4:85:
5c:60:e5:1e:bf:f8:91:00:a0:bc:09:0e:ee:82:73:
8d:d5:b6:51:21:41:a4:2b:10:28:74:ab:0f:72:bf:
fd:16:7b:2e:c5:bd:1c:68:c0:b9:11:fd:83:22:eb:
83:6f:ea:14:9f:dc:f6:4b:4a:60:9c:40:0d:6f:46:
0f:3a:9e:68:57:62:93:32:6a:d4:7e:ca:93:fd:29:
d8:d4:3a:c1:a8:f1:4b:db:60:af:57:ba:f3:98:c4:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:25:3A:71:9E:8A:44:FC:18:E1:05:B9:5A:A2:34:8B:5D:CE:D5:95
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1008/DCU6cZ6KRPwY4QW5WqI0i13O1ZU.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.140.0/22
103.49.76.0/22
103.52.72.0-103.52.87.255
IPv6:
2403:28c0::/32
Signature Algorithm: sha256WithRSAEncryption
b0:48:4b:66:5f:b5:68:b6:61:ba:d8:3d:9c:3a:07:2c:01:cb:
04:ad:d8:e0:2b:e5:ab:e8:76:33:f5:cc:b6:1c:bb:b0:7c:df:
87:c9:8c:69:56:f9:3f:21:4e:3a:c5:98:f2:70:38:5a:77:d6:
20:5a:2e:ca:d0:ba:0a:3d:2d:a5:6d:cc:57:ae:d7:1e:af:54:
6e:1c:7c:f7:b3:32:36:17:4d:44:fa:67:ef:49:87:a3:ce:3d:
61:2b:4e:9e:ea:8b:34:28:15:3b:eb:fe:31:5e:84:46:d9:db:
f9:c0:07:f6:0a:c2:50:ec:81:d2:2c:01:48:53:69:fa:68:28:
5d:75:23:7e:5f:02:b7:18:26:d5:00:bf:84:77:4c:bc:7c:9e:
f8:a3:82:d4:8d:0e:6f:18:b5:35:c7:0f:2a:2b:34:41:f4:22:
e9:b0:6f:61:09:83:d6:96:90:ea:a2:2a:87:51:98:a9:c8:d4:
b0:58:32:b2:c9:be:03:24:0f:52:72:09:df:e5:b2:7e:7a:4c:
c6:c2:2a:d0:74:b7:c5:0a:25:c6:83:00:c5:fd:a9:56:fc:02:
28:72:68:f9:da:49:9d:7d:0e:18:42:3c:4c:37:f6:38:b3:ed:
22:6d:92:d2:c5:a7:76:6a:60:bd:d6:90:e2:64:24:e4:83:62:
5b:44:0a:3d
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIDAOvqMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNjAzMDkyMDAwMDJaFw0yNzAxMDkwODIzMThaMDMx
MTAvBgNVBAMTKDBDMjUzQTcxOUU4QTQ0RkMxOEUxMDVCOTVBQTIzNDhCNURDRUQ1
OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr6ucxNk2iHNMQjlNR
6x/O99uqKixEt4waBER29hdtJzn5NGyUIbelMy5Rmng/iXtErmhqFim5Iy9V6OYu
1f+cOuH4X5TUdHucf5V6zcvjfCazHiPvjNGV8dDtLnx/z3VNn5mfPFrFvrvB1onr
qPfoGDGxaks4FiObyUx+EH0L5wz48Yy+7P05GGuVp/eudiKbqinCbI8e6Oy3LKwn
gQ4hlHzkhVxg5R6/+JEAoLwJDu6Cc43VtlEhQaQrECh0qw9yv/0Wey7FvRxowLkR
/YMi64Nv6hSf3PZLSmCcQA1vRg86nmhXYpMyatR+ypP9KdjUOsGo8UvbYK9XuvOY
xL4FAgMBAAGjggJ4MIICdDAdBgNVHQ4EFgQUDCU6cZ6KRPwY4QW5WqI0i13O1ZUw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEw
MDgvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTAwOC9EQ1U2Y1o2S1JQd1k0UVc1V3FJMGkxM08xWlUubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCZymMAwQCZzFMMAwDBANnNEgD
BANnNFAwDQQCAAIwBwMFACQDKMAwDQYJKoZIhvcNAQELBQADggEBALBIS2ZftWi2
YbrYPZw6BywBywSt2OAr5avodjP1zLYcu7B834fJjGlW+T8hTjrFmPJwOFp31iBa
LsrQugo9LaVtzFeu1x6vVG4cfPezMjYXTUT6Z+9Jh6POPWErTp7qizQoFTvr/jFe
hEbZ2/nAB/YKwlDsgdIsAUhTafpoKF11I35fArcYJtUAv4R3TLx8nvijgtSNDm8Y
tTXHDyorNEH0Iumwb2EJg9aWkOqiKodRmKnI1LBYMrLJvgMkD1JyCd/lsn56TMbC
KtB0t8UKJcaDAMX9qVb8AihyaPnaSZ19DhhCPEw39jiz7SJtktLFp3ZqYL3WkOJk
JOSDYltECj0=
-----END CERTIFICATE-----
Generated at Mon Jun 22 05:24:17 2026 by rpki-client