Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/WEWiGKzSkgohXNUjz5m9fdFBmd8.cer
File: WEWiGKzSkgohXNUjz5m9fdFBmd8.cer (raw, json)
Hash identifier: gOUtsKJPSREmJ3CNUkY7g9jCReQNbk/+I+GAG1ONBI8=
Subject key identifier: 58:45:A2:18:AC:D2:92:0A:21:5C:D5:23:CF:99:BD:7D:D1:41:99:DF
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: E209
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/WEWiGKzSkgohXNUjz5m9fdFBmd8.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 23 Oct 2025 03:09:25 +0000
Certificate not after: Fri 23 Oct 2026 03:01:03 +0000
Subordinate resources: AS: 38356
AS: 45058
IP: 103.235.56.0/22
IP: 117.79.64.0 -- 117.79.255.255
IP: 180.188.48.0 -- 180.188.127.255
IP: 218.240.0.0/18
IP: 2400:c200::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 05 Nov 2025 23:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57865 (0xe209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Oct 23 03:09:25 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=5845A218ACD2920A215CD523CF99BD7DD14199DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:fc:63:d0:50:2b:d8:2c:15:36:ab:7d:80:
7c:25:18:17:6a:14:73:2a:eb:61:7a:a7:b8:d9:46:
63:3b:99:94:0e:cd:56:12:39:e8:6f:e4:5c:01:18:
99:06:09:f8:9e:2b:08:14:1e:e6:70:5c:59:a3:bf:
6c:2c:8b:8e:66:8d:a6:57:4f:c6:8d:dc:05:e1:fc:
c3:58:a4:45:d4:ce:55:26:b7:26:f6:7e:4d:e3:c1:
0d:18:a8:1f:6b:98:b9:76:5d:5d:23:49:64:e0:1e:
f6:34:30:a2:93:85:76:a6:bc:9a:a1:a6:74:dc:f8:
e1:45:5e:88:17:e9:f8:f9:0c:d9:19:ca:90:47:b9:
2a:6b:88:e7:35:45:fd:a4:24:9c:87:b8:7a:44:d1:
6e:1e:d6:41:a6:62:00:ed:fc:5c:21:14:16:15:51:
d4:67:93:25:a5:90:31:da:b3:b6:8a:64:04:a0:94:
8f:7c:4e:f4:a4:76:24:61:c2:98:a8:ff:af:bc:61:
fd:a8:03:b8:ef:b7:b3:96:5a:99:77:3d:7f:17:be:
9e:6f:f5:24:4b:73:52:ed:d1:ef:0a:13:ba:67:54:
f6:6f:2f:08:30:d3:dd:76:31:cf:df:63:2b:b3:e5:
c6:9d:f3:c1:48:ca:b2:78:71:9b:2b:0c:5b:4c:91:
1d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:45:A2:18:AC:D2:92:0A:21:5C:D5:23:CF:99:BD:7D:D1:41:99:DF
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/46/WEWiGKzSkgohXNUjz5m9fdFBmd8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38356
45058
sbgp-ipAddrBlock: critical
IPv4:
103.235.56.0/22
117.79.64.0-117.79.255.255
180.188.48.0-180.188.127.255
218.240.0.0/18
IPv6:
2400:c200::/32
Signature Algorithm: sha256WithRSAEncryption
21:c6:ff:3f:de:de:c1:5b:19:68:10:1b:bb:a8:dc:f9:1c:b5:
2c:80:25:98:6b:75:8d:11:d1:20:72:c7:e3:5a:23:0b:a6:98:
9c:f1:d3:7d:42:79:f5:01:db:b8:ce:d4:ec:b3:a0:7a:46:1d:
e7:23:3e:0c:19:e3:9f:fb:ab:4c:4f:62:b2:e7:a8:c2:6d:e1:
bf:3d:00:09:59:ab:61:de:d1:f1:b2:00:77:a9:84:72:96:8a:
0f:ad:a1:20:ba:59:92:b5:bd:10:1b:c9:3e:e5:32:82:a5:c2:
b5:ff:48:90:34:59:18:7a:e7:4a:3f:dd:a6:93:25:18:c1:7d:
9f:20:6e:c4:9b:a4:73:a0:cc:69:af:96:c8:ce:2f:bb:c9:5b:
38:10:47:45:bc:cf:a3:dd:b3:74:e0:5b:8c:6b:00:5c:a1:b6:
d6:d1:8e:fc:64:c7:59:eb:6f:7e:05:49:0b:36:23:cb:11:c9:
19:0d:5c:39:c9:83:40:66:94:b6:ba:20:de:3b:06:bd:5e:e4:
9b:97:51:3f:41:68:f3:0b:c7:cd:e1:17:54:d5:6d:de:6c:81:
56:60:ee:40:b7:98:3f:a2:4b:93:4c:5c:eb:a7:fc:32:f5:27:
ff:b8:bb:42:f0:a9:9c:cd:e1:7f:db:74:da:6f:4b:9d:30:f7:
71:83:f0:c7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAOIJMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA5MjVaFw0yNjEwMjMwMzAxMDNaMDMx
MTAvBgNVBAMTKDU4NDVBMjE4QUNEMjkyMEEyMTVDRDUyM0NGOTlCRDdERDE0MTk5
REYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQf/xj0FAr2CwVNqt9
gHwlGBdqFHMq62F6p7jZRmM7mZQOzVYSOehv5FwBGJkGCfieKwgUHuZwXFmjv2ws
i45mjaZXT8aN3AXh/MNYpEXUzlUmtyb2fk3jwQ0YqB9rmLl2XV0jSWTgHvY0MKKT
hXamvJqhpnTc+OFFXogX6fj5DNkZypBHuSpriOc1Rf2kJJyHuHpE0W4e1kGmYgDt
/FwhFBYVUdRnkyWlkDHas7aKZASglI98TvSkdiRhwpio/6+8Yf2oA7jvt7OWWpl3
PX8Xvp5v9SRLc1Lt0e8KE7pnVPZvLwgw0912Mc/fYyuz5cad88FIyrJ4cZsrDFtM
kR3bAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWEWiGKzSkgohXNUjz5m9fdFBmd8w
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF
BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzQ2
LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzQ2L1dFV2lHS3pTa2dvaFhOVWp6NW05ZmRGQm1kOC5tZnQwMQYIKwYB
BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwHwYI
KwYBBQUHAQgBAf8EEDAOoAwwCgIDAJXUAgMAsAIwTwYIKwYBBQUHAQcBAf8EQDA+
MC0EAgABMCcDBAJn6zgwCwMEBnVPQAMDBHVAMAwDBAS0vDADBAe0vAADBAba8AAw
DQQCAAIwBwMFACQAwgAwDQYJKoZIhvcNAQELBQADggEBACHG/z/e3sFbGWgQG7uo
3PkctSyAJZhrdY0R0SByx+NaIwummJzx031CefUB27jO1OyzoHpGHecjPgwZ45/7
q0xPYrLnqMJt4b89AAlZq2He0fGyAHephHKWig+toSC6WZK1vRAbyT7lMoKlwrX/
SJA0WRh650o/3aaTJRjBfZ8gbsSbpHOgzGmvlsjOL7vJWzgQR0W8z6Pds3TgW4xr
AFyhttbRjvxkx1nrb34FSQs2I8sRyRkNXDnJg0BmlLa6IN47Br1e5JuXUT9BaPML
x83hF1TVbd5sgVZg7kC3mD+iS5NMXOun/DL1J/+4u0LwqZzN4X/bdNpvS50w93GD
8Mc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:17:24 2025 by rpki-client