This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer File: _63I3WE2bNhNmVIbY4OA6LUC5uQ.cer (raw, json) Hash identifier: z+GVqfYy7I3R7h4De5MmDsfzqk5ILF/gqVAyBmqsBEE= Subject key identifier: FF:AD:C8:DD:61:36:6C:D8:4D:99:52:1B:63:83:80:E8:B5:02:E6:E4 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 44B3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Mon 12 Jan 2026 19:57:48 +0000 Certificate not after: Sat 09 Jan 2027 08:23:18 +0000 Subordinate resources: IP: 139.159.0.0 -- 139.159.95.255 IP: 139.159.116.0 -- 139.159.127.255 IP: 140.210.64.0/18 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 15:57:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17587 (0x44b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Jan 12 19:57:48 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=FFADC8DD61366CD84D99521B638380E8B502E6E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ab:da:2b:f0:9b:a2:64:a4:88:cf:92:d2:cf: e7:d0:2b:7d:e6:59:a4:ba:2c:77:32:e8:08:27:a0: 9e:09:b0:5e:d5:ee:08:93:25:62:08:78:9a:2e:9c: 37:8e:b4:66:1a:fb:b7:6a:00:ee:bb:cf:71:63:ba: 50:33:0c:79:0c:fa:69:25:8d:5b:e1:4c:b5:69:d9: a5:66:59:11:ce:c5:80:b3:ae:d3:62:9c:75:f3:81: ca:64:16:64:b2:42:21:5e:14:4d:f2:93:a9:3c:ed: ad:a5:1c:76:cb:5f:77:29:19:35:c1:86:a9:3e:c5: df:53:04:85:c1:34:2f:5c:8e:b0:b7:b3:76:78:eb: ba:03:4c:35:c7:a1:c8:f3:b6:d8:c4:4b:17:1e:cb: bb:0d:50:54:5a:c4:ae:7d:f2:08:9d:67:d6:73:a4: 3c:28:ee:00:c2:63:e0:73:c7:b3:8c:5b:bc:c7:01: 4e:e9:00:cd:b2:f1:05:a3:9b:f9:99:e3:a2:6b:16: 11:50:5b:86:80:08:61:51:06:a0:80:88:d0:9e:f6: 7d:d4:d5:6f:60:bb:8a:97:46:54:0c:0f:f4:f3:a8: eb:9e:6a:61:f3:75:68:74:c2:1b:b6:86:c8:c5:6e: 1d:92:0b:12:c9:86:d4:5b:89:38:27:82:93:2a:e5: 9f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:AD:C8:DD:61:36:6C:D8:4D:99:52:1B:63:83:80:E8:B5:02:E6:E4 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.159.0.0-139.159.95.255 139.159.116.0-139.159.127.255 140.210.64.0/18 Signature Algorithm: sha256WithRSAEncryption 8f:af:b3:d5:95:2b:f0:e5:c3:27:b9:df:98:50:fe:18:cf:6c: 44:5d:57:41:51:1f:4d:97:71:f7:de:00:03:a4:a2:51:d2:d6: 1b:39:34:6b:5e:ae:3d:bc:b9:bc:1c:b0:e6:10:ff:48:c2:fc: c8:fb:22:cc:42:8c:24:75:7c:a2:d2:54:8e:32:54:d4:a7:66: ff:08:d3:bd:86:2e:89:20:2d:ac:0b:ec:15:cd:b8:96:b9:e2: c3:f2:dc:88:16:bd:0e:20:e6:16:31:3a:93:ad:97:3f:a6:09: c2:48:70:7c:9d:6b:17:ba:78:7e:79:7b:f3:ea:b3:ba:04:74: 95:98:38:b5:71:89:64:85:a6:e7:28:0b:fa:b3:91:e7:aa:d5: bb:c9:b4:08:1e:54:1e:bd:7b:65:8b:37:d0:4a:83:f8:82:16: 19:bf:2f:ba:26:4b:40:85:d7:70:b4:c3:be:30:32:d4:56:80: 64:24:98:85:5d:fc:d5:49:e3:fc:d2:84:dd:f6:59:1f:42:b3: 35:40:0b:21:4c:61:85:bf:b8:3b:a4:be:d9:3b:ba:89:7c:c5: 18:07:ee:87:d7:d3:98:c6:e8:03:04:04:62:5b:70:6f:b9:9c: b6:43:75:53:08:3f:89:aa:7f:3f:b6:bf:b4:29:f4:06:96:7e: ff:9d:39:bd -----BEGIN CERTIFICATE----- MIIFaTCCBFGgAwIBAgICRLMwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI2MDExMjE5NTc0OFoXDTI3MDEwOTA4MjMxOFowMzEx MC8GA1UEAxMoRkZBREM4REQ2MTM2NkNEODREOTk1MjFCNjM4MzgwRThCNTAyRTZF NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6r2ivwm6JkpIjPktLP 59ArfeZZpLosdzLoCCegngmwXtXuCJMlYgh4mi6cN460Zhr7t2oA7rvPcWO6UDMM eQz6aSWNW+FMtWnZpWZZEc7FgLOu02KcdfOBymQWZLJCIV4UTfKTqTztraUcdstf dykZNcGGqT7F31MEhcE0L1yOsLezdnjrugNMNcehyPO22MRLFx7Luw1QVFrErn3y CJ1n1nOkPCjuAMJj4HPHs4xbvMcBTukAzbLxBaOb+ZnjomsWEVBbhoAIYVEGoICI 0J72fdTVb2C7ipdGVAwP9POo655qYfN1aHTCG7aGyMVuHZILEsmG1FuJOCeCkyrl nzMCAwEAAaOCAm4wggJqMB0GA1UdDgQWBBT/rcjdYTZs2E2ZUhtjg4DotQLm5DAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUF BzAFhixyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzBXBggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzY1NC9fNjNJM1dFMmJOaE5tVkliWTRPQTZMVUM1dVEubWZ0MDEGCCsG AQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMDoG CCsGAQUFBwEHAQH/BCswKTAnBAIAATAhMAsDAwCLnwMEBYufQDAMAwQCi590AwQH i58AAwQGjNJAMA0GCSqGSIb3DQEBCwUAA4IBAQCPr7PVlSvw5cMnud+YUP4Yz2xE XVdBUR9Nl3H33gADpKJR0tYbOTRrXq49vLm8HLDmEP9IwvzI+yLMQowkdXyi0lSO MlTUp2b/CNO9hi6JIC2sC+wVzbiWueLD8tyIFr0OIOYWMTqTrZc/pgnCSHB8nWsX unh+eXvz6rO6BHSVmDi1cYlkhabnKAv6s5HnqtW7ybQIHlQevXtlizfQSoP4ghYZ vy+6JktAhddwtMO+MDLUVoBkJJiFXfzVSeP80oTd9lkfQrM1QAshTGGFv7g7pL7Z O7qJfMUYB+6H19OYxugDBARiW3BvuZy2Q3VTCD+Jqn8/tr+0KfQGln7/nTm9 -----END CERTIFICATE-----Generated at Sun Jan 25 13:50:09 2026 by rpki-client