This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer File: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer (raw, json) Hash identifier: LLiSz43I0/Ppo5hENUDQv8TD54kuevvvnmP4fEdPYF0= Subject key identifier: 0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E6FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:29:25 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 151218 IP: 2401:a9a0::/32 Validation: Failed, CRL has expired Certificate: Data: Version: 3 (0x2) Serial Number: 59130 (0xe6fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:29:25 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0F28658359C977322171F402332342C31DD7C56E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d5:05:82:25:72:fd:6c:78:7a:43:a5:cc:e3: 08:c7:87:d5:fb:6d:16:03:af:8c:1b:db:31:95:d1: fa:14:dc:dd:3e:51:fb:d5:0a:46:13:9c:42:12:51: a2:81:9b:60:ae:51:45:c8:34:7b:fc:62:c9:6a:6b: 83:63:60:21:75:9b:82:63:7d:f4:53:e7:dd:e3:c3: 09:6a:d2:35:2c:10:29:af:30:84:c4:c3:cb:20:3b: 1f:6d:49:1d:f5:40:61:5e:88:3a:11:70:b7:97:e9: bb:80:ac:51:bb:3a:71:d9:a6:55:e3:09:4d:80:92: 7a:f3:61:fd:29:ed:ca:36:0c:04:86:1c:19:71:06: 4d:eb:1e:ae:7d:40:1a:5a:c4:74:ff:76:fc:e4:96: f4:15:65:20:22:61:bc:dc:82:05:88:44:60:6c:19: f9:79:71:b4:0b:c9:e1:6c:ed:8c:28:8a:98:0d:97: f7:79:e2:c4:1a:66:19:74:3f:16:73:22:00:81:ce: ba:8d:e9:50:2c:43:ed:2b:d6:34:9e:11:f3:45:4e: 04:cb:28:3f:04:5c:62:38:35:af:a0:92:e3:1d:81: 76:7f:8d:69:03:76:09:09:af:16:3f:b6:11:ca:8f: a4:de:1e:85:82:d5:12:2d:3f:5e:96:26:57:4a:d6: 4a:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 151218 sbgp-ipAddrBlock: critical IPv6: 2401:a9a0::/32 Signature Algorithm: sha256WithRSAEncryption 49:8c:85:17:45:41:a9:c8:71:6d:4e:e4:c5:13:6e:68:7c:bd: 70:88:b5:87:3a:40:5d:67:27:7a:61:0e:88:3c:64:f9:37:be: 14:62:09:c8:1c:bc:96:f4:b2:bf:d3:19:88:08:04:ef:b4:0d: a4:c3:81:14:cc:00:3e:44:85:c0:1c:cb:bc:0b:46:dd:a3:91: 7a:3c:7b:58:2b:b7:77:f9:4f:83:ce:bb:e1:dc:35:56:8b:fa: ec:67:d0:35:b7:28:f7:bc:25:63:fe:3b:c8:16:9a:88:7f:50: a4:dc:cc:02:2a:9c:5a:89:a5:4d:3b:01:95:c6:75:ab:34:9c: bd:34:a0:6f:5a:83:f1:54:d1:7b:6f:5b:31:c3:19:74:29:b1: c5:44:81:c9:d6:11:8a:51:8d:c8:7c:d6:43:48:a3:7c:2f:7b: 52:e4:6e:0c:7f:fd:3d:00:62:23:2e:97:6c:42:fe:01:8f:63: ea:6a:75:de:01:6f:cb:6b:eb:cb:89:40:25:73:67:e4:f4:fc: 42:5f:9a:30:c1:f5:c5:2a:bd:a0:b2:df:e1:3b:65:e4:a6:37: 39:9d:62:da:7c:b9:87:42:84:db:ff:30:e2:2d:7f:ce:1b:d7: d7:1d:91:23:ff:db:8a:63:65:8f:9e:d0:cf:84:8b:ee:47:d9: f5:e4:f2:c0 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIDAOb6MA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODI5MjVaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKDBGMjg2NTgzNTlDOTc3MzIyMTcxRjQwMjMzMjM0MkMzMUREN0M1 NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC21QWCJXL9bHh6Q6XM 4wjHh9X7bRYDr4wb2zGV0foU3N0+UfvVCkYTnEISUaKBm2CuUUXINHv8Yslqa4Nj YCF1m4JjffRT593jwwlq0jUsECmvMITEw8sgOx9tSR31QGFeiDoRcLeX6buArFG7 OnHZplXjCU2AknrzYf0p7co2DASGHBlxBk3rHq59QBpaxHT/dvzklvQVZSAiYbzc ggWIRGBsGfl5cbQLyeFs7YwoipgNl/d54sQaZhl0PxZzIgCBzrqN6VAsQ+0r1jSe EfNFTgTLKD8EXGI4Na+gkuMdgXZ/jWkDdgkJrxY/thHKj6TeHoWC1RItP16WJldK 1kojAgMBAAGjggJyMIICbjAdBgNVHQ4EFgQUDyhlg1nJdzIhcfQCMyNCwx3XxW4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMy OTYvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzI5Ni9EeWhsZzFuSmR6SWhjZlFDTXlOQ3d4M1h4VzQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwJOsjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBqaAwDQYJKoZIhvcNAQELBQADggEBAEmMhRdFQanIcW1O5MUT bmh8vXCItYc6QF1nJ3phDog8ZPk3vhRiCcgcvJb0sr/TGYgIBO+0DaTDgRTMAD5E hcAcy7wLRt2jkXo8e1grt3f5T4POu+HcNVaL+uxn0DW3KPe8JWP+O8gWmoh/UKTc zAIqnFqJpU07AZXGdas0nL00oG9ag/FU0XtvWzHDGXQpscVEgcnWEYpRjch81kNI o3wve1Lkbgx//T0AYiMul2xC/gGPY+pqdd4Bb8tr68uJQCVzZ+T0/EJfmjDB9cUq vaCy3+E7ZeSmNzmdYtp8uYdChNv/MOItf84b19cdkSP/24pjZY+e0M+Ei+5H2fXk 8sA= -----END CERTIFICATE-----Generated at Mon Jan 19 12:21:47 2026 by rpki-client