Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
File: hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer (raw, json)
Hash identifier: QzOjC1+McouG1GOy4bFdv1X9AcKIMz39Uscas5bqiP4=
Subject key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: E087
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 23 Oct 2025 03:04:49 +0000
Certificate not after: Fri 23 Oct 2026 03:01:03 +0000
Subordinate resources: AS: 24429
AS: 38369
IP: 103.212.44.0/22
IP: 106.11.0.0/16
IP: 110.75.0.0/17
IP: 110.173.192.0/19
IP: 115.124.16.0/20
IP: 116.251.64.0/18
IP: 139.5.160.0/22
IP: 2406:1880::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57479 (0xe087)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Oct 23 03:04:49 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2b:2f:fd:f6:64:11:bd:c6:18:f5:09:18:f8:
20:f0:4e:2b:af:c1:1e:ba:7a:a1:9a:27:00:a3:61:
c3:3a:08:79:10:a8:5a:29:5f:13:9e:f1:2e:c4:83:
8b:63:06:68:3a:4e:51:7e:49:47:aa:b4:b2:b2:68:
80:2a:66:68:04:19:77:55:0d:ba:7b:1c:57:3a:c7:
39:20:27:51:02:68:75:b8:a9:40:6f:fe:75:d8:2e:
b7:4a:7a:97:91:02:04:f1:d8:18:f1:8b:75:e1:07:
25:92:89:65:99:ae:c6:3e:e2:49:a5:0b:2b:f3:6c:
e9:98:c6:9b:26:41:3f:37:1c:3a:da:04:2d:1d:a4:
85:48:36:d1:69:c8:97:b3:2b:26:8c:04:90:c4:7a:
9d:ad:aa:90:45:3e:9b:36:00:08:da:04:20:5a:5b:
23:bd:f7:15:1d:9c:a4:e5:4b:ff:8e:ca:a6:ac:cb:
e2:d1:37:20:d8:1f:fe:3f:0b:58:30:0a:66:50:01:
5e:51:6b:46:a9:35:f5:a1:0f:43:68:c3:e9:07:88:
ec:3e:83:2f:fe:3e:8f:be:49:24:fd:3a:f6:97:b0:
fe:dd:f5:cd:3f:12:06:c8:2a:cf:af:01:48:4a:4b:
0a:f0:4a:71:e2:c8:fc:c6:eb:7c:58:1f:d2:8a:a8:
2a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24429
38369
sbgp-ipAddrBlock: critical
IPv4:
103.212.44.0/22
106.11.0.0/16
110.75.0.0/17
110.173.192.0/19
115.124.16.0/20
116.251.64.0/18
139.5.160.0/22
IPv6:
2406:1880::/32
Signature Algorithm: sha256WithRSAEncryption
6b:d4:64:2f:6e:d3:77:3f:b6:90:2b:22:3a:02:56:75:05:03:
16:7e:be:97:70:f5:9d:a3:1a:93:0e:fc:16:69:aa:7b:64:e0:
bd:e8:dd:11:01:a6:5b:06:3f:23:67:f0:08:85:c5:b2:eb:83:
f7:87:e9:94:c4:2e:1b:15:30:8e:25:48:ca:9b:c6:ff:83:d2:
8e:75:d6:87:bb:62:77:49:e0:aa:93:c0:67:f9:dc:6b:fc:ca:
71:5c:2c:af:95:36:74:38:06:25:d3:5b:97:bb:a2:9d:6e:43:
96:52:4b:34:d6:9a:13:5a:05:e6:2a:20:b3:79:5b:97:2a:fe:
a0:a7:b3:c2:29:61:60:7d:a7:65:8e:cc:1b:4c:b5:98:15:e4:
f7:c0:01:db:d4:ea:80:62:a0:b0:7f:0f:a1:92:29:e1:d1:24:
9a:80:f5:3c:0a:31:b8:8d:d2:db:20:bd:09:88:e2:02:6d:54:
a5:b6:11:fe:8d:2d:f0:81:a1:c8:9b:ae:88:92:2f:83:21:72:
f9:94:ab:99:c4:d4:94:1f:e4:cf:cc:11:8d:98:05:21:db:93:
de:1d:80:9c:4e:5a:98:96:7f:d6:ba:55:1a:97:cc:94:4e:5d:
4e:be:60:55:01:4e:b2:b1:f0:51:8a:54:07:da:ba:48:5e:18:
15:01:46:e4
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAOCHMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA0NDlaFw0yNjEwMjMwMzAxMDNaMDMx
MTAvBgNVBAMTKDg1NkRBODVGOUE4QTI4NkI2NTI4NzBENEU0NzYzNUZGM0QwRTky
QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKy/99mQRvcYY9QkY
+CDwTiuvwR66eqGaJwCjYcM6CHkQqFopXxOe8S7Eg4tjBmg6TlF+SUeqtLKyaIAq
ZmgEGXdVDbp7HFc6xzkgJ1ECaHW4qUBv/nXYLrdKepeRAgTx2Bjxi3XhByWSiWWZ
rsY+4kmlCyvzbOmYxpsmQT83HDraBC0dpIVINtFpyJezKyaMBJDEep2tqpBFPps2
AAjaBCBaWyO99xUdnKTlS/+Oyqasy+LRNyDYH/4/C1gwCmZQAV5Ra0apNfWhD0No
w+kHiOw+gy/+Po++SST9OvaXsP7d9c0/EgbIKs+vAUhKSwrwSnHiyPzG63xYH9KK
qCqRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhW2oX5qKKGtlKHDU5HY1/z0Okq4w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0
MS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC8zNDEvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0Lm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAe
BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJfbQIDAJXhMFEGCCsGAQUFBwEHAQH/BEIw
QDAvBAIAATApAwQCZ9QsAwMAagsDBAduSwADBAVurcADBARzfBADBAZ0+0ADBAKL
BaAwDQQCAAIwBwMFACQGGIAwDQYJKoZIhvcNAQELBQADggEBAGvUZC9u03c/tpAr
IjoCVnUFAxZ+vpdw9Z2jGpMO/BZpqntk4L3o3REBplsGPyNn8AiFxbLrg/eH6ZTE
LhsVMI4lSMqbxv+D0o511oe7YndJ4KqTwGf53Gv8ynFcLK+VNnQ4BiXTW5e7op1u
Q5ZSSzTWmhNaBeYqILN5W5cq/qCns8IpYWB9p2WOzBtMtZgV5PfAAdvU6oBioLB/
D6GSKeHRJJqA9TwKMbiN0tsgvQmI4gJtVKW2Ef6NLfCBocibroiSL4MhcvmUq5nE
1JQf5M/MEY2YBSHbk94dgJxOWpiWf9a6VRqXzJROXU6+YFUBTrKx8FGKVAfaukhe
GBUBRuQ=
-----END CERTIFICATE-----
Generated at Sun Oct 26 07:18:44 2025 by rpki-client