This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer File: yGYvK0iswHfpWADlqpLOFtJuHeo.cer (raw, json) Hash identifier: iYzS2rZt4f+NKMLC70bPGr5YMMz9LRaVnMcGz7oQN/Y= Subject key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E75E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Fri 09 Jan 2026 08:31:02 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: AS: 131516 IP: 43.224.176.0/22 IP: 43.255.184.0/22 IP: 103.43.196.0/22 IP: 103.239.184.0/22 IP: 103.248.152.0/22 IP: 116.89.144.0/20 IP: 116.196.128.0 -- 116.196.175.255 IP: 123.176.80.0/20 IP: 150.242.240.0/22 IP: 211.147.96.0/19 IP: 2407:23c0::/32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59230 (0xe75e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Jan 9 08:31:02 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:26:8f:e7:f6:8d:d2:4b:74:fe:d9:4a:54:9c: dd:02:82:7d:e9:6d:6d:bd:06:89:df:80:a1:c3:ca: a0:77:2e:cf:42:37:4b:cb:02:bc:e8:9b:14:a7:c8: aa:a9:b7:76:dc:33:9b:8b:0f:bd:07:49:26:40:f8: c2:9c:54:9b:fe:42:00:c4:b2:5b:4f:f1:58:e5:2b: f6:1b:0f:0a:83:aa:60:43:06:47:37:d9:83:c8:f5: 75:e4:30:65:d4:41:48:59:ae:b0:8e:cf:b3:6a:26: 0e:39:ff:2f:b1:b0:b3:57:6f:97:99:e1:ab:55:a4: 41:65:96:9b:74:8b:66:ce:cf:61:2a:46:60:b2:d6: 11:5a:e7:16:49:67:e3:dd:99:2f:8d:49:21:ec:27: 92:80:e4:f4:a4:36:f5:1d:8d:72:0c:8d:ce:d3:c8: 01:87:64:4c:9f:07:e2:20:79:7a:0a:10:7d:47:e2: 66:de:29:ed:95:5e:6b:16:bc:8f:63:c0:6d:e9:a7: 27:59:58:3d:a9:5c:61:c8:68:3b:dd:20:ea:5d:d4: 25:6b:3b:f5:eb:df:fe:5f:5e:2f:e1:71:c2:59:6d: 84:9a:e3:66:8a:2a:46:2f:20:4b:ee:6f:64:06:33: 44:d8:80:e9:50:f2:28:f5:a1:0f:08:ea:ad:4a:4a: 22:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 131516 sbgp-ipAddrBlock: critical IPv4: 43.224.176.0/22 43.255.184.0/22 103.43.196.0/22 103.239.184.0/22 103.248.152.0/22 116.89.144.0/20 116.196.128.0-116.196.175.255 123.176.80.0/20 150.242.240.0/22 211.147.96.0/19 IPv6: 2407:23c0::/32 Signature Algorithm: sha256WithRSAEncryption 15:9c:ea:88:de:dc:63:9b:a5:41:ba:4e:30:e4:65:38:37:f1: 56:a5:01:73:93:c2:c3:0c:32:66:99:48:f3:d7:82:2b:2a:f2: ec:57:04:ac:fe:3f:08:4b:a1:87:ba:01:cf:da:a3:7c:4e:15: 74:0c:e9:44:20:ca:85:88:e1:83:65:77:df:d6:6e:66:e9:fa: 16:e9:48:1b:a0:3a:35:55:95:71:f4:4f:f9:e8:7f:8b:45:91: 87:e6:eb:22:0e:34:45:13:1e:bb:50:39:f0:3f:9b:f2:2f:cb: 64:51:31:5a:04:e3:d5:f1:b3:08:46:6b:b8:40:64:23:9f:6a: 08:55:99:e0:58:63:45:fb:28:07:5e:15:3f:c8:86:cf:e2:78: f6:86:43:3e:21:d8:af:e6:42:1b:8f:95:2c:b9:c5:6e:92:77: 62:25:87:13:ac:d3:2a:70:bf:12:d8:52:47:2e:13:27:e4:ef: 80:e9:3d:28:ac:e4:2a:f9:3b:b5:e5:a9:30:6f:ca:65:40:73: 9c:7d:bd:8d:a1:c8:3d:6d:8e:82:0c:f4:56:b7:de:a0:f4:d7: 66:bd:a1:f8:b1:9a:27:ce:9c:41:83:74:dd:8b:8c:d9:55:dc: 3f:1d:56:30:b2:fe:67:5d:55:c6:7f:ca:76:24:d6:83:51:85: b4:8e:e9:cc -----BEGIN CERTIFICATE----- MIIFujCCBKKgAwIBAgIDAOdeMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNjAxMDkwODMxMDJaFw0yNzAxMDkwODIzMThaMDMx MTAvBgNVBAMTKEM4NjYyRjJCNDhBQ0MwNzdFOTU4MDBFNUFBOTJDRTE2RDI2RTFE RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVJo/n9o3SS3T+2UpU nN0Cgn3pbW29BonfgKHDyqB3Ls9CN0vLArzomxSnyKqpt3bcM5uLD70HSSZA+MKc VJv+QgDEsltP8VjlK/YbDwqDqmBDBkc32YPI9XXkMGXUQUhZrrCOz7NqJg45/y+x sLNXb5eZ4atVpEFllpt0i2bOz2EqRmCy1hFa5xZJZ+PdmS+NSSHsJ5KA5PSkNvUd jXIMjc7TyAGHZEyfB+IgeXoKEH1H4mbeKe2VXmsWvI9jwG3ppydZWD2pXGHIaDvd IOpd1CVrO/Xr3/5fXi/hccJZbYSa42aKKkYvIEvub2QGM0TYgOlQ8ij1oQ8I6q1K SiJ/AgMBAAGjggK+MIICujAdBgNVHQ4EFgQUyGYvK0iswHfpWADlqpLOFtJuHeow HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHYBggrBgEFBQcBCwSByzCByDA5BggrBgEF BQcwBYYtcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMw NzAvMFgGCCsGAQUFBzAKhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2 MkUzRDAwMDAvMzA3MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8ubWZ0MDEG CCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1s MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwIBvDBsBggrBgEFBQcBBwEB/wRdMFsw SgQCAAEwRAMEAivgsAMEAiv/uAMEAmcrxAMEAmfvuAMEAmf4mAMEBHRZkDAMAwQH dMSAAwQEdMSgAwQEe7BQAwQClvLwAwQF05NgMA0EAgACMAcDBQAkByPAMA0GCSqG SIb3DQEBCwUAA4IBAQAVnOqI3txjm6VBuk4w5GU4N/FWpQFzk8LDDDJmmUjz14Ir KvLsVwSs/j8IS6GHugHP2qN8ThV0DOlEIMqFiOGDZXff1m5m6foW6UgboDo1VZVx 9E/56H+LRZGH5usiDjRFEx67UDnwP5vyL8tkUTFaBOPV8bMIRmu4QGQjn2oIVZng WGNF+ygHXhU/yIbP4nj2hkM+Idiv5kIbj5UsucVukndiJYcTrNMqcL8S2FJHLhMn 5O+A6T0orOQq+Tu15akwb8plQHOcfb2Nocg9bY6CDPRWt96g9NdmvaH4sZonzpxB g3Tdi4zZVdw/HVYwsv5nXVXGf8p2JNaDUYW0junM -----END CERTIFICATE-----Generated at Mon Jan 19 12:19:03 2026 by rpki-client