Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer
File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer (raw, json)
Hash identifier: 3S3DPBUlOYQQh3E9mRJPBx5ONp+VWfGDmozT+3o3zR8=
Subject key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: E2AD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 23 Oct 2025 03:12:08 +0000
Certificate not after: Fri 23 Oct 2026 03:01:03 +0000
Subordinate resources: IP: 103.20.44.0/22
IP: 114.112.0.0/22
IP: 114.112.14.0/23
IP: 116.196.14.0/23
IP: 182.50.4.0/22
IP: 183.81.172.0/22
IP: 202.69.6.0/23
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 30 Oct 2025 08:14:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58029 (0xe2ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Oct 23 03:12:08 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ea:b6:94:1c:a1:e5:de:d5:55:4e:4b:43:05:
db:c1:7d:a1:6f:87:85:a6:d0:e2:72:10:05:b9:01:
e1:f4:1b:be:98:b8:1e:23:54:61:6a:f9:1f:db:90:
89:cf:e6:1f:81:6c:be:a0:53:de:43:c4:65:30:70:
f2:0e:3d:f3:fa:bd:fe:27:7f:a6:a0:fd:2c:39:c6:
b0:10:62:b0:51:d0:0a:f7:c4:2f:ac:f3:b6:94:0d:
13:93:9e:2e:aa:01:f7:ca:b5:be:5c:a1:a3:9a:4b:
b9:b7:bd:ba:01:67:60:a8:e2:4b:bc:14:04:1c:48:
40:65:58:fb:b6:29:e1:69:eb:2f:62:a4:28:0f:39:
2a:70:0b:88:ad:7d:4e:fa:83:82:67:61:76:a5:ee:
b2:cc:d1:f7:07:d8:f8:5a:d6:b8:e5:0e:bf:88:a5:
77:47:44:f5:77:02:c5:61:f8:2f:c1:9b:54:8c:98:
c4:59:f2:d1:2e:f5:41:99:41:0b:e0:44:a1:25:c5:
82:ee:a9:e2:0d:69:18:42:78:09:18:dd:98:84:a9:
a1:22:83:33:e3:b4:af:90:fb:e8:4d:8b:81:4b:0a:
55:56:9b:99:74:8a:b4:26:f1:a6:20:05:3c:75:f8:
46:c1:fe:6f:21:b5:42:12:54:58:c0:e3:14:d3:c6:
3d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.44.0/22
114.112.0.0/22
114.112.14.0/23
116.196.14.0/23
182.50.4.0/22
183.81.172.0/22
202.69.6.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:68:c1:7d:de:71:ad:25:c3:8b:c5:32:a3:2d:dd:2b:bb:10:
57:11:11:b6:b8:b1:a8:82:50:52:28:cf:6a:ac:a7:6f:56:c4:
0e:3f:a2:d4:5a:a7:78:f3:00:90:c1:0b:6e:3d:4d:28:36:06:
65:09:ab:19:4a:55:ad:fb:65:15:57:bb:1c:4e:20:d2:8f:f2:
56:7d:30:65:fb:6f:38:89:22:35:31:65:e8:78:e4:91:1e:90:
4d:5b:7e:b5:24:95:33:11:6f:31:e6:de:3f:99:51:94:2f:eb:
76:4c:18:94:4b:de:01:59:75:39:bb:15:14:89:3e:44:ea:ab:
5b:5d:20:6f:50:a8:a3:d5:f8:2b:58:1d:cf:f1:f6:e0:c7:13:
68:5d:1e:fa:4b:66:37:fd:0d:98:f8:70:1c:22:67:5c:1f:f5:
64:ab:08:2e:f3:e6:a4:d0:eb:3a:56:1d:23:72:20:08:b9:19:
eb:98:94:9a:c1:33:61:33:72:b1:59:2a:7e:99:47:ff:e4:70:
84:14:05:94:87:64:99:19:9f:c8:23:01:44:70:58:dc:63:26:
a6:dc:78:d5:82:a7:81:5d:72:ef:e8:52:96:82:36:f7:2b:cd:
85:53:0a:76:28:ba:3c:ec:76:90:b0:df:71:88:91:12:0d:08:
b0:f9:0d:eb
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDAOKtMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzEyMDhaFw0yNjEwMjMwMzAxMDNaMDMx
MTAvBgNVBAMTKDVEQTBBNUVDQzIxODJEQjAwRUI4NUM2MjMxM0Q1N0I5NkI3RkQ2
OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC6raUHKHl3tVVTktD
BdvBfaFvh4Wm0OJyEAW5AeH0G76YuB4jVGFq+R/bkInP5h+BbL6gU95DxGUwcPIO
PfP6vf4nf6ag/Sw5xrAQYrBR0Ar3xC+s87aUDROTni6qAffKtb5coaOaS7m3vboB
Z2Co4ku8FAQcSEBlWPu2KeFp6y9ipCgPOSpwC4itfU76g4JnYXal7rLM0fcH2Pha
1rjlDr+IpXdHRPV3AsVh+C/Bm1SMmMRZ8tEu9UGZQQvgRKElxYLuqeINaRhCeAkY
3ZiEqaEigzPjtK+Q++hNi4FLClVWm5l0irQm8aYgBTx1+EbB/m8htUISVFjA4xTT
xj1BAgMBAAGjggJ5MIICdTAdBgNVHQ4EFgQUXaCl7MIYLbAOuFxiMT1XuWt/1o4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF
BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0
MDcvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2
MkUzRDAwMDAvMTQwNy9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCZxQsAwQCcnAAAwQBcnAOAwQB
dMQOAwQCtjIEAwQCt1GsAwQBykUGMA0GCSqGSIb3DQEBCwUAA4IBAQB+aMF93nGt
JcOLxTKjLd0ruxBXERG2uLGoglBSKM9qrKdvVsQOP6LUWqd48wCQwQtuPU0oNgZl
CasZSlWt+2UVV7scTiDSj/JWfTBl+284iSI1MWXoeOSRHpBNW361JJUzEW8x5t4/
mVGUL+t2TBiUS94BWXU5uxUUiT5E6qtbXSBvUKij1fgrWB3P8fbgxxNoXR76S2Y3
/Q2Y+HAcImdcH/Vkqwgu8+ak0Os6Vh0jciAIuRnrmJSawTNhM3KxWSp+mUf/5HCE
FAWUh2SZGZ/IIwFEcFjcYyam3HjVgqeBXXLv6FKWgjb3K82FUwp2KLo87HaQsN9x
iJESDQiw+Q3r
-----END CERTIFICATE-----
Generated at Thu Oct 30 04:32:25 2025 by rpki-client