Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer
File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer (raw, json)
Hash identifier: NyolYRUmCWkK9WPay2w11hQVe213r5CBcJ8R9TMeEY8=
Subject key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: EB0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Sat 07 Feb 2026 19:59:55 +0000
Certificate not after: Sat 09 Jan 2027 08:23:18 +0000
Subordinate resources: IP: 103.20.44.0/22
IP: 114.112.0.0/22
IP: 114.112.14.0/23
IP: 116.196.14.0/23
IP: 182.50.4.0/22
IP: 183.81.172.0/22
IP: 202.69.6.0/23
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 20 Feb 2026 01:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60175 (0xeb0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Feb 7 19:59:55 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:b6:94:1c:a1:e5:de:d5:55:4e:4b:43:05:
db:c1:7d:a1:6f:87:85:a6:d0:e2:72:10:05:b9:01:
e1:f4:1b:be:98:b8:1e:23:54:61:6a:f9:1f:db:90:
89:cf:e6:1f:81:6c:be:a0:53:de:43:c4:65:30:70:
f2:0e:3d:f3:fa:bd:fe:27:7f:a6:a0:fd:2c:39:c6:
b0:10:62:b0:51:d0:0a:f7:c4:2f:ac:f3:b6:94:0d:
13:93:9e:2e:aa:01:f7:ca:b5:be:5c:a1:a3:9a:4b:
b9:b7:bd:ba:01:67:60:a8:e2:4b:bc:14:04:1c:48:
40:65:58:fb:b6:29:e1:69:eb:2f:62:a4:28:0f:39:
2a:70:0b:88:ad:7d:4e:fa:83:82:67:61:76:a5:ee:
b2:cc:d1:f7:07:d8:f8:5a:d6:b8:e5:0e:bf:88:a5:
77:47:44:f5:77:02:c5:61:f8:2f:c1:9b:54:8c:98:
c4:59:f2:d1:2e:f5:41:99:41:0b:e0:44:a1:25:c5:
82:ee:a9:e2:0d:69:18:42:78:09:18:dd:98:84:a9:
a1:22:83:33:e3:b4:af:90:fb:e8:4d:8b:81:4b:0a:
55:56:9b:99:74:8a:b4:26:f1:a6:20:05:3c:75:f8:
46:c1:fe:6f:21:b5:42:12:54:58:c0:e3:14:d3:c6:
3d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.44.0/22
114.112.0.0/22
114.112.14.0/23
116.196.14.0/23
182.50.4.0/22
183.81.172.0/22
202.69.6.0/23
Signature Algorithm: sha256WithRSAEncryption
23:f3:62:aa:39:c2:70:df:e9:cd:7e:ed:1d:5f:c8:9c:8e:45:
5c:53:25:cb:c3:f4:c3:a3:a3:69:b8:b5:6a:a5:d4:28:73:79:
d6:4b:0d:32:14:a3:70:ef:02:83:32:2b:c1:63:25:66:93:1a:
6e:6d:99:28:0f:b3:2e:f2:f0:07:5f:0d:9c:91:0e:d2:b8:33:
b3:9c:e2:27:f8:10:5a:7a:ff:ff:35:d5:c5:e6:86:1e:39:d1:
92:ab:36:5c:5f:0a:a8:f4:30:cf:c0:5a:5b:ee:08:ff:d6:fb:
fc:70:67:f2:f6:b8:4e:2c:12:24:81:41:cf:f0:12:07:57:24:
53:68:91:59:60:8e:c1:74:bd:68:01:db:5e:ba:2c:c9:ad:6c:
ca:a5:04:c3:e7:95:6a:b8:bd:99:b8:65:c4:b2:6d:a4:47:69:
6a:60:84:b1:8c:6b:79:bf:90:52:1c:bb:c6:0d:b8:56:5f:8d:
f0:81:43:d8:87:cf:b0:45:97:5d:54:04:67:df:41:18:e5:75:
1b:de:2a:97:5f:9d:93:0d:3c:b8:80:78:f1:b0:12:f7:6a:cf:
a6:78:d1:13:45:40:34:32:0d:f4:d6:3e:13:0c:61:d0:66:55:
ea:c4:e6:c5:66:0e:a1:4d:b5:f5:97:86:9e:73:2a:1b:9c:c9:
7b:46:92:9d
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDAOsPMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNjAyMDcxOTU5NTVaFw0yNzAxMDkwODIzMThaMDMx
MTAvBgNVBAMTKDVEQTBBNUVDQzIxODJEQjAwRUI4NUM2MjMxM0Q1N0I5NkI3RkQ2
OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6raUHKHl3tVVTktD
BdvBfaFvh4Wm0OJyEAW5AeH0G76YuB4jVGFq+R/bkInP5h+BbL6gU95DxGUwcPIO
PfP6vf4nf6ag/Sw5xrAQYrBR0Ar3xC+s87aUDROTni6qAffKtb5coaOaS7m3vboB
Z2Co4ku8FAQcSEBlWPu2KeFp6y9ipCgPOSpwC4itfU76g4JnYXal7rLM0fcH2Pha
1rjlDr+IpXdHRPV3AsVh+C/Bm1SMmMRZ8tEu9UGZQQvgRKElxYLuqeINaRhCeAkY
3ZiEqaEigzPjtK+Q++hNi4FLClVWm5l0irQm8aYgBTx1+EbB/m8htUISVFjA4xTT
xj1BAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUXaCl7MIYLbAOuFxiMT1XuWt/1o4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0
MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTQwNy9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCZxQsAwQCcnAAAwQBcnAOAwQB
dMQOAwQCtjIEAwQCt1GsAwQBykUGMA0GCSqGSIb3DQEBCwUAA4IBAQAj82KqOcJw
3+nNfu0dX8icjkVcUyXLw/TDo6NpuLVqpdQoc3nWSw0yFKNw7wKDMivBYyVmkxpu
bZkoD7Mu8vAHXw2ckQ7SuDOznOIn+BBaev//NdXF5oYeOdGSqzZcXwqo9DDPwFpb
7gj/1vv8cGfy9rhOLBIkgUHP8BIHVyRTaJFZYI7BdL1oAdteuizJrWzKpQTD55Vq
uL2ZuGXEsm2kR2lqYISxjGt5v5BSHLvGDbhWX43wgUPYh8+wRZddVARn30EY5XUb
3iqXX52TDTy4gHjxsBL3as+meNETRUA0Mg301j4TDGHQZlXqxObFZg6hTbX1l4ae
cyobnMl7RpKd
-----END CERTIFICATE-----
Generated at Thu Feb 19 22:17:53 2026 by rpki-client