This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/rZijfVO8zGpfKR_5GhAPrnNsSr0.cer File: rZijfVO8zGpfKR_5GhAPrnNsSr0.cer (raw, json) Hash identifier: d4j5JKwfc1ZsmSwucV03jqHP13Jjotu8sZwNbTwRu1U= Subject key identifier: AD:98:A3:7D:53:BC:CC:6A:5F:29:1F:F9:1A:10:0F:AE:73:6C:4A:BD Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E640 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3163/rZijfVO8zGpfKR_5GhAPrnNsSr0.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3163/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:25:57 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 146771 IP: 103.191.102.0/23 IP: 2400:95e0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58944 (0xe640) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:25:57 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=AD98A37D53BCCC6A5F291FF91A100FAE736C4ABD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2d:78:b9:02:fd:19:2b:cf:2c:a7:63:87:ae: ce:89:88:4b:51:44:95:aa:53:62:d5:c1:5a:7f:bc: 37:5c:f5:9b:07:55:bd:15:58:20:80:70:b4:b5:ef: 6c:7f:0c:67:4e:3a:8e:25:0d:31:09:2a:9f:6f:1b: c8:84:77:00:cc:9c:fc:33:c1:4c:97:2d:0d:09:88: 04:1f:8d:bd:87:ff:e4:f6:fb:ad:cc:4e:36:1e:ec: 6a:c5:e6:6e:26:4b:ba:c1:e5:17:da:70:b5:0e:ed: 90:f4:89:e5:5e:ae:d2:c8:05:ab:73:11:d9:e0:df: 9a:6c:91:ea:5d:8e:fd:c2:0f:9b:dd:14:23:32:31: 7b:13:22:ee:a0:81:2c:f5:28:82:42:1a:25:1d:1f: 7d:36:59:91:8a:4b:ba:c7:0a:e7:05:90:ff:99:46: 95:c1:01:7b:f0:64:9a:7e:e3:6f:5e:5f:ad:b3:02: c3:2e:50:2f:5c:76:44:fb:a8:83:89:35:01:51:39: 05:ed:d7:dd:8c:7d:a3:c7:6d:94:48:27:ff:fd:46: a2:67:1d:2b:1c:3b:1f:c3:ea:34:47:d0:34:09:28: 50:80:ff:f7:0f:f9:34:89:e9:9f:b4:ea:21:4f:a5: b5:cd:ab:43:64:47:b5:e6:eb:55:a9:80:4e:ee:ea: 64:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:98:A3:7D:53:BC:CC:6A:5F:29:1F:F9:1A:10:0F:AE:73:6C:4A:BD X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3163/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3163/rZijfVO8zGpfKR_5GhAPrnNsSr0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 146771 sbgp-ipAddrBlock: critical IPv4: 103.191.102.0/23 IPv6: 2400:95e0::/32 Signature Algorithm: sha256WithRSAEncryption ae:85:23:5b:84:27:85:38:b3:d3:22:df:48:cc:77:f2:32:67: 46:3b:45:ce:f9:d6:9c:ba:8f:6b:78:1c:70:fa:83:34:50:a2: 7e:2c:72:d3:2d:06:ed:f2:09:b5:07:a9:ac:6d:c0:1e:ca:98: c4:87:d3:68:09:1d:dc:22:94:3b:79:69:6a:e8:d6:af:9b:fa: 20:da:c9:84:63:7b:3a:6a:13:14:56:7e:e3:db:6a:a0:e5:6c: c6:6f:45:8a:f3:40:8a:26:73:be:5d:b4:fe:cb:67:2f:75:ae: 49:9a:26:45:68:83:3c:0b:7b:05:7a:f7:22:c5:16:6a:7f:4d: 78:97:6c:9f:c4:4e:8a:be:93:ac:27:ab:c5:b7:48:a0:88:ef: ba:0f:c9:e4:e6:2a:3e:60:5d:43:f4:02:c3:a0:f6:e6:87:83: b0:ab:49:10:3a:f9:a4:27:a0:22:e2:71:ac:25:52:b1:b3:22: e2:5e:82:cf:cb:bc:5d:42:11:aa:98:7b:2b:27:07:6a:8b:9e: 87:1e:30:16:fb:94:02:cb:bc:c1:43:96:de:3f:aa:71:76:26: eb:2d:81:16:3e:9f:cd:85:bd:ca:08:e2:cf:59:e3:e7:17:0a: fd:95:4a:16:2d:35:f5:36:57:6f:bd:40:ca:d6:a0:d2:45:6d: 32:9b:75:7f -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIDAOZAMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODI1NTdaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKEFEOThBMzdENTNCQ0NDNkE1RjI5MUZGOTFBMTAwRkFFNzM2QzRB QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzLXi5Av0ZK88sp2OH rs6JiEtRRJWqU2LVwVp/vDdc9ZsHVb0VWCCAcLS172x/DGdOOo4lDTEJKp9vG8iE dwDMnPwzwUyXLQ0JiAQfjb2H/+T2+63MTjYe7GrF5m4mS7rB5RfacLUO7ZD0ieVe rtLIBatzEdng35pskepdjv3CD5vdFCMyMXsTIu6ggSz1KIJCGiUdH302WZGKS7rH CucFkP+ZRpXBAXvwZJp+429eX62zAsMuUC9cdkT7qIOJNQFROQXt192MfaPHbZRI J//9RqJnHSscOx/D6jRH0DQJKFCA//cP+TSJ6Z+06iFPpbXNq0NkR7Xm61WpgE7u 6mR9AgMBAAGjggKAMIICfDAdBgNVHQ4EFgQUrZijfVO8zGpfKR/5GhAPrnNsSr0w HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMx NjMvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzE2My9yWmlqZlZPOHpHcGZLUl81R2hBUHJuTnNTcjAubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwI9UzAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAWe/ZjANBAIAAjAHAwUAJACV4DANBgkqhkiG9w0BAQsFAAOCAQEA roUjW4QnhTiz0yLfSMx38jJnRjtFzvnWnLqPa3gccPqDNFCifixy0y0G7fIJtQep rG3AHsqYxIfTaAkd3CKUO3lpaujWr5v6INrJhGN7OmoTFFZ+49tqoOVsxm9FivNA iiZzvl20/stnL3WuSZomRWiDPAt7BXr3IsUWan9NeJdsn8ROir6TrCerxbdIoIjv ug/J5OYqPmBdQ/QCw6D25oeDsKtJEDr5pCegIuJxrCVSsbMi4l6Cz8u8XUIRqph7 KycHaouehx4wFvuUAsu8wUOW3j+qcXYm6y2BFj6fzYW9ygjiz1nj5xcK/ZVKFi01 9TZXb71Aytag0kVtMpt1fw== -----END CERTIFICATE-----Generated at Mon Jan 19 12:15:45 2026 by rpki-client