This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/ORZcru1PFFhR0mI9_l6jpZ2sur0.cer File: ORZcru1PFFhR0mI9_l6jpZ2sur0.cer (raw, json) Hash identifier: Q5sWn1MC4P0WukHFLKDn1OEl+WT1/gjerGuOtk/sEE8= Subject key identifier: 39:16:5C:AE:ED:4F:14:58:51:D2:62:3D:FE:5E:A3:A5:9D:AC:BA:BD Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E682 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3393/ORZcru1PFFhR0mI9_l6jpZ2sur0.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3393/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:26:55 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 63570 IP: 36.255.128.0/22 IP: 103.209.136.0/22 IP: 2404:4dc0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59010 (0xe682) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:26:55 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=39165CAEED4F145851D2623DFE5EA3A59DACBABD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:b7:60:51:a2:b7:0c:ed:6c:b0:ed:b9:c8:0f: d1:ba:d3:b3:a4:b9:69:a5:0c:ab:45:b0:96:c1:8a: 3f:d7:c9:45:d6:7c:ae:7d:27:fe:9c:e8:a5:44:1a: c1:d3:0a:98:45:a7:f3:5d:2e:ed:bf:7c:91:9b:24: 55:89:4a:10:37:cf:85:15:17:41:9c:21:1f:a9:f0: 0f:7c:e6:1d:ca:73:07:ed:cc:a5:86:c3:49:72:78: 76:36:c6:74:85:9a:ec:48:1e:d4:f1:4d:47:7c:6d: 35:63:bf:c4:c3:3f:1a:b8:e6:d1:ef:11:1d:31:c1: 7e:e2:2f:3d:65:4c:fa:e5:b2:d1:9d:8b:4b:0d:78: 36:76:dc:66:52:e1:5d:24:f4:67:45:17:e5:1a:e8: 47:4e:4b:cc:ee:05:15:90:04:a1:bd:16:cb:f3:29: cf:d0:30:6d:c3:d4:3f:0b:f2:45:1f:ca:7c:27:f7: f8:7c:54:9b:19:47:c4:a2:8a:c8:63:5f:b8:55:7a: 20:c6:5d:cc:b6:9b:23:b1:7d:72:b0:e3:87:0b:f4: 25:e7:15:10:4c:f1:f4:72:65:2e:33:99:df:e6:7d: 14:ec:7e:64:c8:22:5e:19:4d:11:f0:6c:67:c6:54: 8e:7e:df:36:2f:e2:f9:66:f5:92:83:4a:fa:27:82: 1a:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:16:5C:AE:ED:4F:14:58:51:D2:62:3D:FE:5E:A3:A5:9D:AC:BA:BD X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3393/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3393/ORZcru1PFFhR0mI9_l6jpZ2sur0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 63570 sbgp-ipAddrBlock: critical IPv4: 36.255.128.0/22 103.209.136.0/22 IPv6: 2404:4dc0::/32 Signature Algorithm: sha256WithRSAEncryption a0:ba:17:99:ef:6d:0c:6b:a3:d1:e7:53:d7:c0:dd:2c:2c:3b: de:44:cc:d6:1c:14:3a:88:f6:7e:5a:48:b7:85:84:4f:e6:31: 31:cb:4b:67:50:2d:9a:c9:78:f9:10:14:d5:2e:ef:e2:10:49: e4:bd:60:c3:dd:a6:41:ec:45:58:96:ce:84:cd:5f:e8:74:64: d3:74:b3:b6:31:b4:8d:20:0e:e2:d4:a5:d3:a9:1b:6d:d7:c0: 2a:3d:a2:bb:c4:6e:c0:1b:37:d1:97:c3:9a:97:b1:5b:4f:1b: 32:7b:39:7f:bd:eb:b9:93:7b:dc:9c:83:85:e9:ee:af:83:f0: b6:e0:62:90:91:4a:50:ac:f9:8e:d1:95:b2:44:48:35:a2:cf: 86:eb:58:10:18:e4:3c:53:b2:0f:0e:6e:77:bc:d1:30:95:2c: cc:74:12:26:22:42:61:f9:ec:1d:65:a6:09:d3:1a:a9:9a:fe: 3f:38:ab:49:bf:1c:58:60:f6:7b:af:1c:75:3f:ff:be:d0:0b: 63:f7:82:f2:5c:b4:1b:80:bf:d9:9a:f2:0d:bb:fb:7a:8d:fa: f4:50:e8:00:b5:2a:e5:fd:7a:38:1b:9c:c5:89:c8:81:3a:e6: 5e:14:47:4b:72:39:47:8e:65:a1:cb:59:70:d4:3e:49:6f:a8: 90:e2:23:7c -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgIDAOaCMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODI2NTVaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKDM5MTY1Q0FFRUQ0RjE0NTg1MUQyNjIzREZFNUVBM0E1OURBQ0JB QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1t2BRorcM7Wyw7bnI D9G607OkuWmlDKtFsJbBij/XyUXWfK59J/6c6KVEGsHTCphFp/NdLu2/fJGbJFWJ ShA3z4UVF0GcIR+p8A985h3KcwftzKWGw0lyeHY2xnSFmuxIHtTxTUd8bTVjv8TD Pxq45tHvER0xwX7iLz1lTPrlstGdi0sNeDZ23GZS4V0k9GdFF+Ua6EdOS8zuBRWQ BKG9FsvzKc/QMG3D1D8L8kUfynwn9/h8VJsZR8SiishjX7hVeiDGXcy2myOxfXKw 44cL9CXnFRBM8fRyZS4zmd/mfRTsfmTIIl4ZTRHwbGfGVI5+3zYv4vlm9ZKDSvon ghpzAgMBAAGjggKGMIICgjAdBgNVHQ4EFgQUORZcru1PFFhR0mI9/l6jpZ2sur0w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMz OTMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzM5My9PUlpjcnUxUEZGaFIwbUk5X2w2anBaMnN1cjAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwD4UjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAiT/gAMEAmfRiDANBAIAAjAHAwUAJARNwDANBgkqhkiG9w0BAQsF AAOCAQEAoLoXme9tDGuj0edT18DdLCw73kTM1hwUOoj2flpIt4WET+YxMctLZ1At msl4+RAU1S7v4hBJ5L1gw92mQexFWJbOhM1f6HRk03SztjG0jSAO4tSl06kbbdfA Kj2iu8RuwBs30ZfDmpexW08bMns5f73ruZN73JyDhenur4PwtuBikJFKUKz5jtGV skRINaLPhutYEBjkPFOyDw5ud7zRMJUszHQSJiJCYfnsHWWmCdMaqZr+PzirSb8c WGD2e68cdT//vtALY/eC8ly0G4C/2ZryDbv7eo369FDoALUq5f16OBucxYnIgTrm XhRHS3I5R45loctZcNQ+SW+okOIjfA== -----END CERTIFICATE-----Generated at Mon Jan 19 12:18:27 2026 by rpki-client