Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer
File: qP3wu66meVNpOJbHY_Ep2jtBg-s.cer (raw, json)
Hash identifier: rOfgem/sexARs+LykjwjzTmdf0PgRLcH3ASgQx/4xOI=
Subject key identifier: A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: E09F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 23 Oct 2025 03:05:05 +0000
Certificate not after: Fri 23 Oct 2026 03:01:03 +0000
Subordinate resources: IP: 103.24.228.0/22
IP: 103.241.220.0/22
IP: 2403:5b80::/32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57503 (0xe09f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Oct 23 03:05:05 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=A8FDF0BBAEA67953693896C763F129DA3B4183EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ac:63:4c:8f:df:cf:73:b5:01:b9:15:41:ef:
fb:a7:82:ef:64:65:3b:8c:f1:7d:c0:04:b6:e9:cb:
16:a8:bf:ac:10:fd:cb:24:be:52:f5:43:6f:70:71:
f1:fc:44:a8:0c:24:ce:e5:ad:18:47:50:0e:db:f9:
15:93:5f:98:39:d6:4d:e1:b2:36:69:f0:99:8d:06:
ec:06:56:61:05:c7:44:4e:23:c2:6f:6d:0e:bd:59:
94:03:02:fd:88:5e:81:40:bd:41:31:c0:0d:5d:d1:
69:67:0e:7b:b0:b8:b9:51:6f:e5:63:f0:a9:1b:24:
8d:00:fe:ee:98:91:f4:99:d8:00:7e:20:9c:16:b3:
ff:0b:91:2d:a3:28:27:97:b9:70:5c:bf:f5:d5:d7:
5d:15:7c:04:93:cb:7d:1e:5c:cf:c3:e5:43:a6:69:
3d:7f:44:9a:70:c4:6d:38:a0:c4:e7:d0:88:c2:13:
c8:2f:c4:c9:3f:63:1c:bc:02:9b:83:35:72:2c:d2:
7d:3e:03:0d:75:1e:8a:bb:22:3d:ee:08:b1:4a:fc:
99:ae:ed:7a:4a:50:30:ed:1e:13:64:81:54:67:0a:
64:0c:8d:52:5d:fb:93:ef:37:21:41:fb:bd:6b:7d:
fc:5e:7d:b1:34:2a:4c:fa:95:1b:e7:8b:29:d7:98:
3d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.228.0/22
103.241.220.0/22
IPv6:
2403:5b80::/32
Signature Algorithm: sha256WithRSAEncryption
67:9a:22:0b:c6:87:1c:69:2b:0a:8f:b5:09:bc:ab:ef:6f:01:
27:b7:87:fa:21:86:0c:dc:10:29:68:b3:03:eb:92:e2:42:26:
5d:0f:67:94:2d:82:cd:e0:15:a4:eb:bf:c4:40:b1:4b:b0:0a:
81:c1:25:1b:59:3b:99:7b:d7:ed:7b:2b:e6:d7:22:fd:e9:8f:
0c:10:40:93:fe:74:61:d9:e3:a4:12:92:4e:96:51:b5:6c:7e:
88:47:65:fa:87:14:19:e4:88:90:ac:8c:c1:07:fd:b5:98:5d:
3e:77:5d:fc:2e:18:b3:5c:8d:d8:80:29:d1:96:f4:5d:8a:15:
e8:a2:a3:ae:92:87:f3:b6:1a:ca:09:76:76:6f:12:1d:6a:39:
15:cb:12:ca:71:41:99:f2:7c:61:64:2d:33:6b:73:7d:4e:e1:
31:99:aa:8b:4d:f9:68:f7:db:03:58:f5:a9:94:a8:43:43:5b:
c4:80:91:64:e5:7d:82:6f:e9:13:62:84:2f:2f:41:72:19:06:
73:80:76:1e:53:0c:ca:2c:cd:5e:44:14:e5:ea:03:d9:e7:14:
ae:db:d6:31:bc:76:ef:3f:06:1b:d8:2f:58:84:de:65:ea:70:
18:f3:37:5f:e1:10:54:81:3d:b5:27:bf:10:f0:78:45:54:54:
3e:58:a5:fd
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIDAOCfMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA1MDVaFw0yNjEwMjMwMzAxMDNaMDMx
MTAvBgNVBAMTKEE4RkRGMEJCQUVBNjc5NTM2OTM4OTZDNzYzRjEyOURBM0I0MTgz
RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/rGNMj9/Pc7UBuRVB
7/ungu9kZTuM8X3ABLbpyxaov6wQ/cskvlL1Q29wcfH8RKgMJM7lrRhHUA7b+RWT
X5g51k3hsjZp8JmNBuwGVmEFx0ROI8JvbQ69WZQDAv2IXoFAvUExwA1d0WlnDnuw
uLlRb+Vj8KkbJI0A/u6YkfSZ2AB+IJwWs/8LkS2jKCeXuXBcv/XV110VfASTy30e
XM/D5UOmaT1/RJpwxG04oMTn0IjCE8gvxMk/Yxy8ApuDNXIs0n0+Aw11Hoq7Ij3u
CLFK/Jmu7XpKUDDtHhNkgVRnCmQMjVJd+5PvNyFB+71rffxefbE0Kkz6lRvniynX
mD1tAgMBAAGjggJoMIICZDAdBgNVHQ4EFgQUqP3wu66meVNpOJbHY/Ep2jtBg+sw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU4
NS8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81ODUvcVAzd3U2Nm1lVk5wT0piSFlfRXAyanRCZy1zLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmcY5AMEAmfx3DANBAIAAjAHAwUA
JANbgDANBgkqhkiG9w0BAQsFAAOCAQEAZ5oiC8aHHGkrCo+1Cbyr728BJ7eH+iGG
DNwQKWizA+uS4kImXQ9nlC2CzeAVpOu/xECxS7AKgcElG1k7mXvX7Xsr5tci/emP
DBBAk/50YdnjpBKSTpZRtWx+iEdl+ocUGeSIkKyMwQf9tZhdPndd/C4Ys1yN2IAp
0Zb0XYoV6KKjrpKH87Yaygl2dm8SHWo5FcsSynFBmfJ8YWQtM2tzfU7hMZmqi035
aPfbA1j1qZSoQ0NbxICRZOV9gm/pE2KELy9BchkGc4B2HlMMyizNXkQU5eoD2ecU
rtvWMbx27z8GG9gvWITeZepwGPM3X+EQVIE9tSe/EPB4RVRUPlil/Q==
-----END CERTIFICATE-----
Generated at Thu Oct 23 16:20:46 2025 by rpki-client