This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/TdNpVbTnoAyh-m7c2oSqBzD9Jq4.cer File: TdNpVbTnoAyh-m7c2oSqBzD9Jq4.cer (raw, json) Hash identifier: cxC7AWmiBBH0rWCSc8Hn2eRGTpulDQjcvccHV2tuRI8= Subject key identifier: 4D:D3:69:55:B4:E7:A0:0C:A1:FA:6E:DC:DA:84:AA:07:30:FD:26:AE Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E670 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/TdNpVbTnoAyh-m7c2oSqBzD9Jq4.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:26:40 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 59039 IP: 61.8.160.0/20 IP: 103.13.196.0/22 IP: 124.108.8.0/21 IP: 2405:7d40::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58992 (0xe670) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:26:40 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=4DD36955B4E7A00CA1FA6EDCDA84AA0730FD26AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ba:ed:ac:d8:09:8a:57:eb:28:b8:87:12:20: 50:60:ac:1e:a6:8b:75:27:9f:be:88:18:90:22:38: e1:0f:e6:8d:ff:81:d3:b2:da:87:85:45:52:73:7e: ad:bc:6e:22:d0:eb:cb:04:60:38:df:24:38:d2:be: 40:34:6f:81:67:e1:34:a9:4a:5b:60:72:b6:d9:20: 12:f6:28:c6:6b:e2:3c:18:5e:c4:4c:ab:9b:af:5a: a3:a6:3c:59:df:11:00:3f:84:f2:1a:8d:af:b8:39: 95:22:34:99:db:a3:82:00:21:63:4f:92:36:ae:35: 1c:1b:1b:09:55:40:80:a7:bc:c5:4e:a8:08:8a:44: 34:88:32:92:3c:26:a1:a7:d4:9f:75:81:e4:2a:96: cc:0b:e7:90:d2:fb:d3:4e:50:82:55:6c:8d:6d:20: 41:41:a3:8d:87:b2:21:f7:1e:9d:be:63:01:83:f4: 77:7d:fc:ce:7a:db:b3:24:c2:ef:f3:01:e8:0b:ee: 69:ea:ba:3b:a8:e5:3e:e1:dc:f9:4e:92:e7:d7:57: 6a:89:1a:7c:fb:84:98:20:3f:3f:79:2c:80:4e:31: 02:8b:d1:43:34:d8:b5:fc:cc:c0:ac:ef:28:2a:fc: e2:44:b0:0b:88:6e:3b:da:84:eb:9c:c7:0e:7b:c0: 0c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:D3:69:55:B4:E7:A0:0C:A1:FA:6E:DC:DA:84:AA:07:30:FD:26:AE X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2203/TdNpVbTnoAyh-m7c2oSqBzD9Jq4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 59039 sbgp-ipAddrBlock: critical IPv4: 61.8.160.0/20 103.13.196.0/22 124.108.8.0/21 IPv6: 2405:7d40::/32 Signature Algorithm: sha256WithRSAEncryption 10:8b:27:10:be:19:2b:38:d9:81:9e:64:8a:8c:ea:de:46:24: e8:79:0d:1d:8c:14:e5:c8:27:21:0f:2e:83:ef:df:95:da:3d: 77:b0:d1:c0:69:6a:61:13:db:e7:b1:0a:d3:7a:bb:23:e2:11: 4c:9a:06:12:d4:ab:30:a9:2e:2b:77:5e:3d:74:8c:dd:1e:f4: 9e:81:30:12:2b:64:47:85:b0:f7:4c:20:ca:0e:63:ec:b2:12: 2f:c5:01:5a:39:a3:57:a7:c2:9b:75:67:c2:6a:51:b5:ff:d2: 25:1b:79:3f:52:28:50:42:ae:6f:fb:19:5f:93:ea:1f:88:b6: 07:c7:dd:ac:ee:e5:7e:8d:c3:17:82:ec:07:43:55:db:99:ed: 37:a1:93:70:71:eb:3d:1d:3d:85:b3:c1:47:e5:23:72:e0:80: 32:da:a8:fa:9b:85:38:8e:19:b7:ff:a5:26:46:89:49:d2:c7: 82:29:a3:93:77:77:01:ff:27:d9:c8:b5:37:f8:f5:52:49:4e: 70:38:ba:6b:20:c5:e3:e2:3a:55:99:15:c1:37:f9:31:9f:74: 09:cf:16:1d:ed:bb:16:01:52:17:49:31:3d:14:f7:8a:72:69: a2:0c:45:ea:6a:90:0f:dc:0f:48:52:43:09:9a:09:ef:c6:b9: 37:57:64:5e -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgIDAOZwMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODI2NDBaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKDRERDM2OTU1QjRFN0EwMENBMUZBNkVEQ0RBODRBQTA3MzBGRDI2 QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEuu2s2AmKV+souIcS IFBgrB6mi3Unn76IGJAiOOEP5o3/gdOy2oeFRVJzfq28biLQ68sEYDjfJDjSvkA0 b4Fn4TSpSltgcrbZIBL2KMZr4jwYXsRMq5uvWqOmPFnfEQA/hPIaja+4OZUiNJnb o4IAIWNPkjauNRwbGwlVQICnvMVOqAiKRDSIMpI8JqGn1J91geQqlswL55DS+9NO UIJVbI1tIEFBo42HsiH3Hp2+YwGD9Hd9/M5627Mkwu/zAegL7mnqujuo5T7h3PlO kufXV2qJGnz7hJggPz95LIBOMQKL0UM02LX8zMCs7ygq/OJEsAuIbjvahOucxw57 wAyRAgMBAAGjggKMMIICiDAdBgNVHQ4EFgQUTdNpVbTnoAyh+m7c2oSqBzD9Jq4w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIy MDMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMjIwMy9UZE5wVmJUbm9BeWgtbTdjMm9TcUJ6RDlKcTQubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDmnzA6BggrBgEFBQcBBwEB/wQrMCkw GAQCAAEwEgMEBD0IoAMEAmcNxAMEA3xsCDANBAIAAjAHAwUAJAV9QDANBgkqhkiG 9w0BAQsFAAOCAQEAEIsnEL4ZKzjZgZ5kiozq3kYk6HkNHYwU5cgnIQ8ug+/fldo9 d7DRwGlqYRPb57EK03q7I+IRTJoGEtSrMKkuK3dePXSM3R70noEwEitkR4Ww90wg yg5j7LISL8UBWjmjV6fCm3VnwmpRtf/SJRt5P1IoUEKub/sZX5PqH4i2B8fdrO7l fo3DF4LsB0NV25ntN6GTcHHrPR09hbPBR+UjcuCAMtqo+puFOI4Zt/+lJkaJSdLH gimjk3d3Af8n2ci1N/j1UklOcDi6ayDF4+I6VZkVwTf5MZ90Cc8WHe27FgFSF0kx PRT3inJpogxF6mqQD9wPSFJDCZoJ78a5N1dkXg== -----END CERTIFICATE-----Generated at Mon Jan 19 12:19:03 2026 by rpki-client