Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
File: IdyHWWXCumHR2su0je4UBVSqWu8.cer (raw, json)
Hash identifier: YvwlgEZ2WyNoiNc/ZzeqIDStz8/CMnNyWojf4bQifyo=
Subject key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Certificate serial: 41F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 23 Oct 2025 03:06:19 +0000
Certificate not after: Fri 23 Oct 2026 03:01:03 +0000
Subordinate resources: IP: 40.72.0.0/15
IP: 40.125.128.0/17
IP: 40.126.64.0/18
IP: 40.162.0.0/16
IP: 52.130.0.0/15
IP: 139.217.0.0/16
IP: 139.219.0.0/16
IP: 143.64.0.0/16
IP: 159.27.0.0/16
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Oct 2025 10:36:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16889 (0x41f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11
Validity
Not Before: Oct 23 03:06:19 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:bd:75:04:de:8c:74:55:cf:68:f6:2c:77:
c2:b2:b6:7f:25:6d:60:73:47:42:58:e8:e6:24:b6:
66:c1:9d:fe:94:d7:63:b8:c0:48:15:2e:e7:01:81:
45:e5:ca:09:3e:1d:60:79:3f:23:38:57:77:a8:76:
b6:a0:e0:14:31:2f:ab:cc:eb:a9:33:84:4a:03:ee:
81:29:7e:66:5b:26:60:f7:00:dc:d5:fb:96:12:93:
dc:78:47:5b:a6:8f:7d:9c:98:a4:01:13:d0:de:70:
f4:29:ac:e7:65:dd:40:19:72:eb:ab:be:bd:d4:f4:
fb:5c:26:62:d5:fb:9d:20:3a:9a:a6:23:5e:f5:b6:
49:6a:48:f4:24:05:d5:a1:de:35:d6:88:77:cc:d9:
45:50:cd:ac:5d:b8:9f:fe:b8:94:46:b5:d2:26:9a:
3d:65:6d:b8:2b:ce:9d:a3:12:8d:67:92:a1:f5:4c:
1b:0b:b3:77:bb:8c:e8:12:9b:e7:1f:bb:e3:ba:2e:
32:01:5a:74:a5:bc:f7:9e:b4:9a:74:41:7e:15:ff:
35:91:8b:33:03:b1:8c:ba:74:97:2d:62:71:5c:ce:
3f:27:5e:9d:9f:47:f2:21:b2:74:4f:71:4a:87:17:
7d:89:81:bd:ce:74:6f:0b:61:8c:b4:63:b9:f6:84:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Authority Key Identifier:
keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
40.162.0.0/16
52.130.0.0/15
139.217.0.0/16
139.219.0.0/16
143.64.0.0/16
159.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:d0:b2:ef:2c:7b:5f:e2:4b:59:4b:6e:70:18:88:f2:a9:88:
4b:32:b5:c4:ab:d0:5b:68:ea:91:c5:e9:af:38:ee:84:51:c6:
e6:85:21:ee:a8:f8:fa:b6:d5:74:a2:95:62:ff:00:a1:be:47:
bb:69:b3:1f:f7:a6:a8:a0:51:3c:39:c6:73:91:93:f4:cc:2f:
19:42:57:22:5f:e5:a4:8d:8f:a5:7d:2b:fd:8d:fa:60:92:18:
95:8f:e5:2a:f5:82:09:b0:51:0d:fe:65:86:8c:76:1c:7c:a4:
d0:6f:56:f4:ea:88:54:8a:39:d6:88:8c:48:3e:c2:cb:d0:21:
37:fa:de:e5:60:47:7b:7d:87:0f:fd:b1:1b:9f:85:45:5d:ba:
e3:31:cf:87:e5:4c:fe:c8:93:02:97:52:41:3f:68:94:7c:d5:
77:2f:08:b3:3e:95:94:2c:fb:1b:80:26:37:e5:6d:16:e4:46:
af:0e:48:ad:2f:f4:f0:c4:7b:b6:b1:1b:44:5d:00:27:aa:61:
67:e7:5b:f6:73:4f:cc:5f:09:1b:05:67:1c:09:a8:28:06:87:
76:d1:4b:83:77:b9:b1:7a:d6:83:2f:82:17:74:44:4e:03:b1:
77:01:c8:f8:0b:a5:32:63:07:6c:e3:ab:7c:ea:d1:1c:51:e2:
2a:68:00:21
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICQfkwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw
QTU0QTk1MTk1QTExMB4XDTI1MTAyMzAzMDYxOVoXDTI2MTAyMzAzMDEwM1owMzEx
MC8GA1UEAxMoMjFEQzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFF
RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7IvXUE3ox0Vc9o9ix3
wrK2fyVtYHNHQljo5iS2ZsGd/pTXY7jASBUu5wGBReXKCT4dYHk/IzhXd6h2tqDg
FDEvq8zrqTOESgPugSl+ZlsmYPcA3NX7lhKT3HhHW6aPfZyYpAET0N5w9Cms52Xd
QBly66u+vdT0+1wmYtX7nSA6mqYjXvW2SWpI9CQF1aHeNdaId8zZRVDNrF24n/64
lEa10iaaPWVtuCvOnaMSjWeSofVMGwuzd7uM6BKb5x+747ouMgFadKW89560mnRB
fhX/NZGLMwOxjLp0ly1icVzOPydenZ9H8iGydE9xSocXfYmBvc50bwthjLRjufaE
HV8CAwEAAaOCAn4wggJ6MB0GA1UdDgQWBBQh3IdZZcK6YdHay7SN7hQFVKpa7zAf
BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j
bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu
Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw
bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx
RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw
AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF
BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8yNjIwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5tZnQwMQYI
KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww
SAYIKwYBBQUHAQcBAf8EOTA3MDUEAgABMC8DAwEoSAMEByh9gAMEBih+QAMDACii
AwMBNIIDAwCL2QMDAIvbAwMAj0ADAwCfGzANBgkqhkiG9w0BAQsFAAOCAQEAEdCy
7yx7X+JLWUtucBiI8qmISzK1xKvQW2jqkcXprzjuhFHG5oUh7qj4+rbVdKKVYv8A
ob5Hu2mzH/emqKBRPDnGc5GT9MwvGUJXIl/lpI2PpX0r/Y36YJIYlY/lKvWCCbBR
Df5lhox2HHyk0G9W9OqIVIo51oiMSD7Cy9AhN/re5WBHe32HD/2xG5+FRV264zHP
h+VM/siTApdSQT9olHzVdy8Isz6VlCz7G4AmN+VtFuRGrw5IrS/08MR7trEbRF0A
J6phZ+db9nNPzF8JGwVnHAmoKAaHdtFLg3e5sXrWgy+CF3RETgOxdwHI+AulMmMH
bOOrfOrRHFHiKmgAIQ==
-----END CERTIFICATE-----
Generated at Fri Oct 24 08:56:13 2025 by rpki-client