Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ywIUpcQE1vhAQzsSDKy7W4xZ5hM.cer
File: ywIUpcQE1vhAQzsSDKy7W4xZ5hM.cer (raw, json)
Hash identifier: FOXe/SM2AMX0oJns5RKaKwW2TRY9pM98YRzRzcBuYUQ=
Subject key identifier: CB:02:14:A5:C4:04:D6:F8:40:43:3B:12:0C:AC:BB:5B:8C:59:E6:13
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer: /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial: 77A4
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.mft
caRepository: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/
Notify URL: https://rrdp-rps.cnnic.cn/rrdp/notification.xml
Certificate not before: Fri 27 Feb 2026 04:38:27 +0000
Certificate not after: Thu 30 Sep 2027 00:00:00 +0000
Subordinate resources: IP: 40.72.0.0/15
IP: 40.125.128.0/17
IP: 40.126.64.0/18
IP: 40.162.0.0/16
IP: 47.92.0.0 -- 47.127.255.255
IP: 52.80.0.0/14
IP: 52.130.0.0/15
IP: 54.222.0.0/15
IP: 68.79.0.0/18
IP: 69.230.192.0/18
IP: 69.231.128.0/18
IP: 69.234.192.0/18
IP: 69.235.128.0/18
IP: 71.131.192.0 -- 71.132.63.255
IP: 71.136.64.0/18
IP: 71.137.0.0/18
IP: 138.252.72.0/23
IP: 138.252.78.0/23
IP: 138.252.118.0/23
IP: 138.252.162.0/23
IP: 139.9.0.0/16
IP: 139.129.0.0/16
IP: 139.148.0.0/16
IP: 139.155.0.0/16
IP: 139.159.0.0/16
IP: 139.176.0.0/16
IP: 139.183.0.0/16
IP: 139.186.0.0/16
IP: 139.196.0.0/14
IP: 139.217.0.0/16
IP: 139.219.0.0 -- 139.221.255.255
IP: 139.224.0.0/16
IP: 140.143.0.0/16
IP: 140.179.0.0/16
IP: 140.205.0.0/16
IP: 140.210.0.0/16
IP: 143.64.0.0/16
IP: 144.79.4.0/23
IP: 144.79.10.0/23
IP: 144.79.28.0/23
IP: 144.79.42.0/23
IP: 144.79.54.0/23
IP: 144.79.84.0/23
IP: 144.79.118.0/23
IP: 144.79.148.0/23
IP: 152.104.128.0/17
IP: 157.10.34.0 -- 157.10.37.255
IP: 157.10.112.0/23
IP: 157.10.130.0/23
IP: 157.10.218.0 -- 157.10.221.255
IP: 157.10.246.0/23
IP: 157.15.74.0/23
IP: 157.15.94.0/23
IP: 157.15.100.0 -- 157.15.105.255
IP: 157.20.136.0/23
IP: 157.20.194.0/23
IP: 157.20.246.0/23
IP: 157.66.42.0/23
IP: 157.66.70.0/23
IP: 157.66.88.0/21
IP: 157.66.164.0/23
IP: 157.66.244.0/23
IP: 158.60.0.0/16
IP: 158.140.252.0/22
IP: 159.27.0.0/16
IP: 160.19.76.0/23
IP: 160.19.82.0/23
IP: 160.20.16.0/22
IP: 160.20.130.0/23
IP: 160.22.58.0/23
IP: 160.22.82.0/23
IP: 160.22.148.0/23
IP: 160.22.188.0/23
IP: 160.22.224.0/23
IP: 160.22.230.0/23
IP: 160.22.244.0/22
IP: 160.25.10.0 -- 160.25.13.255
IP: 160.25.194.0/23
IP: 160.30.40.0/23
IP: 160.30.150.0/23
IP: 160.30.194.0 -- 160.30.199.255
IP: 160.30.230.0/23
IP: 160.187.223.0/24
IP: 160.187.252.0/22
IP: 160.191.0.0/23
IP: 160.191.104.0/23
IP: 160.191.110.0/23
IP: 160.250.14.0 -- 160.250.19.255
IP: 160.250.84.0/23
IP: 160.250.90.0/23
IP: 160.250.102.0 -- 160.250.105.255
IP: 160.250.160.0/23
IP: 160.250.170.0/23
IP: 160.250.214.0/23
IP: 160.250.252.0/23
IP: 161.189.0.0/16
IP: 161.207.0.0/16
IP: 161.248.20.0/23
IP: 161.248.42.0/23
IP: 161.248.84.0/23
IP: 161.248.92.0/23
IP: 161.248.108.0 -- 161.248.113.255
IP: 165.101.4.0/23
IP: 165.101.66.0/23
IP: 165.101.70.0/23
IP: 165.101.144.0/23
IP: 165.101.170.0/23
IP: 165.101.208.0/23
IP: 165.101.244.0/23
IP: 167.189.0.0/16
IP: 167.220.244.0/22
IP: 168.160.0.0/16
IP: 170.179.0.0/16
IP: 192.51.172.0/23
IP: 192.55.46.0/23
IP: 192.55.68.0/22
IP: 192.102.204.0/22
IP: 192.232.34.0/23
IP: 192.232.44.0/22
IP: 198.175.100.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30628 (0x77a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Validity
Not Before: Feb 27 04:38:27 2026 GMT
Not After : Sep 30 00:00:00 2027 GMT
Subject: CN=A9162E3D0001, serialNumber=CB0214A5C404D6F840433B120CACBB5B8C59E613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8b:d1:c9:63:8a:d2:86:8f:8f:f4:38:68:a7:
f0:04:05:f6:8d:b0:72:a6:d9:3f:07:ba:1c:bb:56:
8f:7c:06:c3:af:f7:09:fb:61:01:e1:8b:3f:27:d2:
6e:f7:53:6c:f5:46:0b:95:a2:4d:61:f9:b7:00:d7:
f6:89:64:40:b1:7a:49:37:2d:e6:a6:04:a6:57:2e:
03:0b:6c:3e:d0:b4:f6:6e:75:b9:1b:50:63:11:41:
ea:f2:81:0c:8c:66:34:de:02:eb:a7:17:22:73:87:
ba:26:93:60:99:ba:07:81:57:2a:d4:32:80:da:a3:
db:c7:80:8c:34:9e:c3:dc:2b:9d:9a:90:28:8c:ea:
29:15:02:c8:9f:dc:1f:4d:98:98:aa:59:1d:08:35:
de:d7:40:d6:df:c6:83:e9:9f:c8:c9:f1:87:04:3f:
e1:87:fb:4b:78:51:cb:ba:58:77:43:02:32:a1:a9:
48:ad:ba:30:f2:9a:14:06:a1:ce:d2:4f:f5:7b:61:
17:9d:90:25:ac:c3:06:06:64:7e:57:82:21:c7:ae:
fa:37:37:e9:1a:1a:08:6b:24:5a:14:b4:06:40:44:
60:8b:9e:e1:bd:3e:bf:24:7c:35:fa:19:6d:6e:df:
59:52:98:e8:31:1c:3a:75:24:79:d0:a1:03:f8:48:
32:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:02:14:A5:C4:04:D6:F8:40:43:3B:12:0C:AC:BB:5B:8C:59:E6:13
X509v3 Authority Key Identifier:
keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/
RPKI Manifest - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.mft
RPKI Notify - URI:https://rrdp-rps.cnnic.cn/rrdp/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
40.162.0.0/16
47.92.0.0-47.127.255.255
52.80.0.0/14
52.130.0.0/15
54.222.0.0/15
68.79.0.0/18
69.230.192.0/18
69.231.128.0/18
69.234.192.0/18
69.235.128.0/18
71.131.192.0-71.132.63.255
71.136.64.0/18
71.137.0.0/18
138.252.72.0/23
138.252.78.0/23
138.252.118.0/23
138.252.162.0/23
139.9.0.0/16
139.129.0.0/16
139.148.0.0/16
139.155.0.0/16
139.159.0.0/16
139.176.0.0/16
139.183.0.0/16
139.186.0.0/16
139.196.0.0/14
139.217.0.0/16
139.219.0.0-139.221.255.255
139.224.0.0/16
140.143.0.0/16
140.179.0.0/16
140.205.0.0/16
140.210.0.0/16
143.64.0.0/16
144.79.4.0/23
144.79.10.0/23
144.79.28.0/23
144.79.42.0/23
144.79.54.0/23
144.79.84.0/23
144.79.118.0/23
144.79.148.0/23
152.104.128.0/17
157.10.34.0-157.10.37.255
157.10.112.0/23
157.10.130.0/23
157.10.218.0-157.10.221.255
157.10.246.0/23
157.15.74.0/23
157.15.94.0/23
157.15.100.0-157.15.105.255
157.20.136.0/23
157.20.194.0/23
157.20.246.0/23
157.66.42.0/23
157.66.70.0/23
157.66.88.0/21
157.66.164.0/23
157.66.244.0/23
158.60.0.0/16
158.140.252.0/22
159.27.0.0/16
160.19.76.0/23
160.19.82.0/23
160.20.16.0/22
160.20.130.0/23
160.22.58.0/23
160.22.82.0/23
160.22.148.0/23
160.22.188.0/23
160.22.224.0/23
160.22.230.0/23
160.22.244.0/22
160.25.10.0-160.25.13.255
160.25.194.0/23
160.30.40.0/23
160.30.150.0/23
160.30.194.0-160.30.199.255
160.30.230.0/23
160.187.223.0/24
160.187.252.0/22
160.191.0.0/23
160.191.104.0/23
160.191.110.0/23
160.250.14.0-160.250.19.255
160.250.84.0/23
160.250.90.0/23
160.250.102.0-160.250.105.255
160.250.160.0/23
160.250.170.0/23
160.250.214.0/23
160.250.252.0/23
161.189.0.0/16
161.207.0.0/16
161.248.20.0/23
161.248.42.0/23
161.248.84.0/23
161.248.92.0/23
161.248.108.0-161.248.113.255
165.101.4.0/23
165.101.66.0/23
165.101.70.0/23
165.101.144.0/23
165.101.170.0/23
165.101.208.0/23
165.101.244.0/23
167.189.0.0/16
167.220.244.0/22
168.160.0.0/16
170.179.0.0/16
192.51.172.0/23
192.55.46.0/23
192.55.68.0/22
192.102.204.0/22
192.232.34.0/23
192.232.44.0/22
198.175.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:8f:a3:c2:9f:ae:88:ac:16:8c:d3:93:24:96:de:9c:91:cc:
94:fd:c5:a9:fd:37:08:62:ce:28:8e:6b:05:02:96:3d:1a:ce:
74:24:88:bc:fa:18:8e:bf:3b:d8:bc:e2:54:20:5a:ff:e0:d6:
bb:3a:37:4d:0e:2d:ca:4d:c4:c2:27:c4:4d:4d:bd:9e:ed:e8:
4c:c9:00:3c:0c:ee:32:0e:1f:09:00:a2:e9:28:e0:e5:d2:77:
9c:8d:84:e6:28:c0:41:17:e0:f4:37:f2:38:e1:3c:e3:71:5c:
0b:14:72:87:68:51:c5:20:50:06:cd:83:43:7a:a8:46:04:13:
b4:d2:76:a6:ab:9d:73:3f:e6:36:04:89:9f:9e:e4:94:26:ee:
65:53:6d:8a:f2:48:61:71:e5:3d:04:ff:a3:94:20:59:de:86:
11:10:09:7c:c1:bd:53:70:55:3d:e2:cd:ab:f7:26:6c:85:48:
3d:82:3e:82:90:3f:ba:15:99:b0:2f:10:70:05:cb:56:14:eb:
2d:b0:8d:83:16:50:7b:75:73:3c:67:86:d7:1a:70:67:a3:53:
62:07:9b:28:e6:58:45:d3:61:e9:61:50:1a:3d:8f:8b:ce:63:
0e:2a:22:b9:7a:f0:83:c0:35:83:9d:99:43:44:6a:9f:77:46:
ab:84:a9:45
-----BEGIN CERTIFICATE-----
MIII5jCCB86gAwIBAgICd6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjYwMjI3MDQzODI3WhcNMjcwOTMwMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTE2MkUzRDAwMDExMTAvBgNVBAUTKENCMDIxNEE1QzQwNEQ2Rjg0MDQz
M0IxMjBDQUNCQjVCOEM1OUU2MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIi9HJY4rSho+P9Dhop/AEBfaNsHKm2T8Huhy7Vo98BsOv9wn7YQHhiz8n
0m73U2z1RguVok1h+bcA1/aJZECxekk3LeamBKZXLgMLbD7QtPZudbkbUGMRQery
gQyMZjTeAuunFyJzh7omk2CZugeBVyrUMoDao9vHgIw0nsPcK52akCiM6ikVAsif
3B9NmJiqWR0INd7XQNbfxoPpn8jJ8YcEP+GH+0t4Ucu6WHdDAjKhqUitujDymhQG
oc7ST/V7YRedkCWswwYGZH5XgiHHrvo3N+kaGghrJFoUtAZARGCLnuG9Pr8kfDX6
GW1u31lSmOgxHDp1JHnQoQP4SDIVAgMBAAGjggXYMIIF1DAdBgNVHQ4EFgQUywIU
pcQE1vhAQzsSDKy7W4xZ5hMwHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwggEBBggrBgEFBQcBCwSB9DCB8TBCBggrBgEF
BQcwBYY2cnN5bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1
MDkwNjc1NzE1LzAvMG4GCCsGAQUFBzAKhmJyc3luYzovL3Jwa2ktcnBzLmNubmlj
LmNuL3JlcG8vQTEwNTUzOTA3NzUwOTA2NzU3MTUvMC9DQjAyMTRBNUM0MDRENkY4
NDA0MzNCMTIwQ0FDQkI1QjhDNTlFNjEzLm1mdDA7BggrBgEFBQcwDYYvaHR0cHM6
Ly9ycmRwLXJwcy5jbm5pYy5jbi9ycmRwL25vdGlmaWNhdGlvbi54bWwwggMpBggr
BgEFBQcBBwEB/wSCAxgwggMUMIIDEAQCAAEwggMIAwMBKEgDBAcofYADBAYofkAD
AwAoojAKAwMCL1wDAwcvAAMDAjRQAwMBNIIDAwE23gMEBkRPAAMEBkXmwAMEBkXn
gAMEBkXqwAMEBkXrgDAMAwQGR4PAAwQGR4QAAwQGR4hAAwQGR4kAAwQBivxIAwQB
ivxOAwQBivx2AwQBivyiAwMAiwkDAwCLgQMDAIuUAwMAi5sDAwCLnwMDAIuwAwMA
i7cDAwCLugMDAovEAwMAi9kwCgMDAIvbAwMBi9wDAwCL4AMDAIyPAwMAjLMDAwCM
zQMDAIzSAwMAj0ADBAGQTwQDBAGQTwoDBAGQTxwDBAGQTyoDBAGQTzYDBAGQT1QD
BAGQT3YDBAGQT5QDBAeYaIAwDAMEAZ0KIgMEAZ0KJAMEAZ0KcAMEAZ0KgjAMAwQB
nQraAwQBnQrcAwQBnQr2AwQBnQ9KAwQBnQ9eMAwDBAKdD2QDBAGdD2gDBAGdFIgD
BAGdFMIDBAGdFPYDBAGdQioDBAGdQkYDBAOdQlgDBAGdQqQDBAGdQvQDAwCePAME
Ap6M/AMDAJ8bAwQBoBNMAwQBoBNSAwQCoBQQAwQBoBSCAwQBoBY6AwQBoBZSAwQB
oBaUAwQBoBa8AwQBoBbgAwQBoBbmAwQCoBb0MAwDBAGgGQoDBAGgGQwDBAGgGcID
BAGgHigDBAGgHpYwDAMEAaAewgMEA6AewAMEAaAe5gMEAKC73wMEAqC7/AMEAaC/
AAMEAaC/aAMEAaC/bjAMAwQBoPoOAwQCoPoQAwQBoPpUAwQBoPpaMAwDBAGg+mYD
BAGg+mgDBAGg+qADBAGg+qoDBAGg+tYDBAGg+vwDAwChvQMDAKHPAwQBofgUAwQB
ofgqAwQBofhUAwQBofhcMAwDBAKh+GwDBAGh+HADBAGlZQQDBAGlZUIDBAGlZUYD
BAGlZZADBAGlZaoDBAGlZdADBAGlZfQDAwCnvQMEAqfc9AMDAKigAwMAqrMDBAHA
M6wDBAHANy4DBALAN0QDBALAZswDBAHA6CIDBALA6CwDBALGr2QwDQYJKoZIhvcN
AQELBQADggEBAD2Po8KfroisFozTkySW3pyRzJT9xan9NwhiziiOawUClj0aznQk
iLz6GI6/O9i84lQgWv/g1rs6N00OLcpNxMInxE1NvZ7t6EzJADwM7jIOHwkAouko
4OXSd5yNhOYowEEX4PQ38jjhPONxXAsUcodoUcUgUAbNg0N6qEYEE7TSdqarnXM/
5jYEiZ+e5JQm7mVTbYrySGFx5T0E/6OUIFnehhEQCXzBvVNwVT3izav3JmyFSD2C
PoKQP7oVmbAvEHAFy1YU6y2wjYMWUHt1czxnhtcacGejU2IHmyjmWEXTYelhUBo9
j4vOYw4qIrl68IPANYOdmUNEap93RquEqUU=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:22:54 2026 by rpki-client