This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer File: G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer (raw, json) Hash identifier: HUvgBAnwUC+L8iy2xu4e9ohfyQ8mroR3YkFEqbWIhDc= Subject key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E732 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:30:20 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 146761 -- 146762 IP: 103.2.156.0/22 IP: 103.183.26.0/23 IP: 114.111.176.0/20 IP: 2400:5f60::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59186 (0xe732) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:30:20 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:3b:3e:10:c0:ec:e9:b6:91:61:ce:8d:06:8e: 0c:b2:ed:a6:ee:51:70:11:26:f8:57:0f:8c:53:58: c8:8b:14:30:1d:d6:58:eb:ff:49:e7:e4:02:0c:b3: a5:5d:79:d8:bf:a1:f7:32:49:61:a3:f2:c5:d9:a1: 27:13:e7:5b:e0:a4:b1:fc:87:fe:f3:29:d1:35:a8: 5e:01:fa:a2:b3:19:89:87:2a:eb:b6:e4:60:2a:ca: 83:e9:2f:82:a6:38:3c:97:45:53:08:7a:78:bb:13: 1c:fa:81:e0:6a:a9:95:15:6e:a3:de:8e:8b:1b:3a: 2d:bd:88:b5:21:c3:be:17:9f:b3:40:24:df:53:c2: 92:e6:4e:9d:93:f1:bc:20:e4:c8:9b:a3:1c:7d:15: e3:31:f3:12:83:a9:02:04:da:42:51:71:ed:b5:08: be:f3:e9:90:aa:5f:6e:0d:64:2f:3c:fd:97:b8:b5: 02:d5:3f:e3:5f:ad:0b:86:5e:4a:1b:67:e5:0c:ff: 81:8b:2c:bd:44:67:87:8b:2c:74:1e:f8:0d:a5:5e: a1:f2:b0:93:52:1c:74:87:1c:fe:dd:56:7a:4f:1b: bc:95:77:ed:cb:ce:f0:ea:04:4f:79:e9:5f:4b:8d: 74:20:52:91:87:07:8b:61:0e:5e:6f:9b:73:e6:1d: 97:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 146761-146762 sbgp-ipAddrBlock: critical IPv4: 103.2.156.0/22 103.183.26.0/23 114.111.176.0/20 IPv6: 2400:5f60::/32 Signature Algorithm: sha256WithRSAEncryption 50:3a:02:74:94:8d:c1:c9:d5:63:66:08:3a:e9:70:8e:a4:9e: 8a:c8:6e:d7:7b:50:dd:42:7f:5e:58:da:ac:c8:58:76:03:74: 30:cd:e8:ea:f2:22:d7:ad:65:b5:58:e5:37:6a:b0:6f:0c:2b: 2c:fb:f4:73:ce:93:08:e3:22:63:4b:bf:6c:75:fe:4f:fe:f0: 16:94:94:f3:62:7e:50:70:8b:53:14:33:14:19:40:da:0a:68: d1:5c:4b:6b:86:de:d3:35:b6:99:65:da:a2:d4:25:fd:57:e6: 5c:9b:88:e3:d7:b1:f7:61:17:4d:87:69:ba:e9:26:00:bb:9e: 81:8d:aa:12:99:57:99:fb:5f:54:65:13:dd:ad:b4:d2:57:80: e0:00:aa:ee:8c:ab:79:b9:30:08:05:42:99:fb:48:c7:9d:e9: 2d:d8:1c:f1:65:92:99:d1:62:3f:dd:4f:84:33:df:88:39:24: 85:24:b3:8d:72:37:92:38:fb:58:ff:00:06:4a:63:15:9f:5e: 2d:f8:f7:a1:5a:02:42:f7:f7:5e:0b:da:8f:f2:d1:15:ed:b0: 5a:58:c4:7e:a7:38:93:a2:fa:d8:9f:29:25:3e:ca:89:1d:f7: 4a:44:83:64:43:be:47:a9:6e:42:b5:99:2d:1a:8d:0a:07:43: 55:84:75:0b -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgIDAOcyMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODMwMjBaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKDFCQzZEOUE5RjRBMjI2QTYxRjVGQTFBOTE2Mzk0MUQ0QjM1QkEz NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnOz4QwOzptpFhzo0G jgyy7abuUXARJvhXD4xTWMiLFDAd1ljr/0nn5AIMs6Vdedi/ofcySWGj8sXZoScT 51vgpLH8h/7zKdE1qF4B+qKzGYmHKuu25GAqyoPpL4KmODyXRVMIeni7Exz6geBq qZUVbqPejosbOi29iLUhw74Xn7NAJN9TwpLmTp2T8bwg5Miboxx9FeMx8xKDqQIE 2kJRce21CL7z6ZCqX24NZC88/Ze4tQLVP+NfrQuGXkobZ+UM/4GLLL1EZ4eLLHQe +A2lXqHysJNSHHSHHP7dVnpPG7yVd+3LzvDqBE956V9LjXQgUpGHB4thDl5vm3Pm HZedAgMBAAGjggKTMIICjzAdBgNVHQ4EFgQUG8bZqfSiJqYfX6GpFjlB1LNbo1sw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMx MzQvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzEzNC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MCEGCCsGAQUFBwEIAQH/BBIwEKAOMAwwCgIDAj1JAgMCPUowOgYIKwYBBQUHAQcB Af8EKzApMBgEAgABMBIDBAJnApwDBAFntxoDBARyb7AwDQQCAAIwBwMFACQAX2Aw DQYJKoZIhvcNAQELBQADggEBAFA6AnSUjcHJ1WNmCDrpcI6knorIbtd7UN1Cf15Y 2qzIWHYDdDDN6OryItetZbVY5TdqsG8MKyz79HPOkwjjImNLv2x1/k/+8BaUlPNi flBwi1MUMxQZQNoKaNFcS2uG3tM1tpll2qLUJf1X5lybiOPXsfdhF02HabrpJgC7 noGNqhKZV5n7X1RlE92ttNJXgOAAqu6Mq3m5MAgFQpn7SMed6S3YHPFlkpnRYj/d T4Qz34g5JIUks41yN5I4+1j/AAZKYxWfXi3496FaAkL3914L2o/y0RXtsFpYxH6n OJOi+tifKSU+yokd90pEg2RDvkepbkK1mS0ajQoHQ1WEdQs= -----END CERTIFICATE-----Generated at Mon Jan 19 12:21:17 2026 by rpki-client