This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer File: XrjFfXL3lG3XskIFmSiOyhU8twk.cer (raw, json) Hash identifier: VnqDpXsFluxU8jOoLZQ6QtF+33ZTKF0M6VkW1HM1tXM= Subject key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Certificate serial: E59C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 17 Dec 2025 04:14:32 +0000 Certificate not after: Fri 23 Oct 2026 03:01:03 +0000 Subordinate resources: AS: 9803 AS: 17963 AS: 23849 Validation: Failed, certificate revoked on Wed 17 Dec 2025 04:17:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58780 (0xe59c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540 Validity Not Before: Dec 17 04:14:32 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a5:4d:68:56:74:1a:71:f5:bc:63:94:9d:a5: e1:59:7b:2f:cb:d1:d7:16:07:62:3c:8f:2c:2a:ba: db:3b:cf:6d:36:8a:cd:a0:79:fb:73:94:8a:e8:45: d2:9f:e6:bb:df:bb:9d:cb:b8:74:f4:c6:de:77:94: 6f:e9:94:85:11:22:1a:0e:03:60:d7:f7:37:46:c4: e1:05:46:e7:ce:ad:37:11:78:fa:d8:b1:46:9f:60: 06:25:f5:b5:82:c1:c6:1c:f4:78:4e:41:a8:98:93: b9:6a:3b:38:e1:c9:95:f2:77:d9:69:fe:a6:40:ae: d7:9e:3c:38:fc:4a:b9:ac:87:b1:b6:ce:df:20:07: 24:88:73:02:39:44:6b:87:3a:50:a7:aa:35:20:e2: 57:6c:6f:09:73:cf:65:67:46:70:ca:ff:e0:61:83: 77:75:46:bb:5b:40:a9:b1:42:bd:f1:59:a3:64:b9: 2b:73:9d:4b:9f:ea:70:04:70:74:c2:00:49:1c:46: 61:5c:cc:a7:6a:dd:44:a3:b3:6a:29:d8:14:08:e0: 6f:a1:4e:d4:12:bb:7b:f4:89:95:4a:5f:f5:be:50: b0:de:0f:c7:13:23:a0:32:3e:e7:16:fd:6d:2b:bd: 9a:fe:c8:a9:bd:07:6e:7b:74:c1:c2:d4:37:51:23: 56:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 X509v3 Authority Key Identifier: keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 9803 17963 23849 Signature Algorithm: sha256WithRSAEncryption 59:52:c4:ad:1e:cb:72:31:3e:96:9d:b1:8c:b8:ae:7b:da:a2: c9:b0:5d:33:a4:ad:04:8b:1b:7e:e4:2c:cc:2b:b4:7d:84:42: 7a:d0:60:32:ff:e3:a4:40:2d:6c:b8:57:af:a1:7f:0c:7b:1c: 66:bc:06:69:4d:32:49:b9:ac:2d:6b:90:a5:c9:62:d2:f5:78: cf:68:f6:d3:10:c8:a8:69:cb:87:7c:ab:41:62:4e:e1:a8:b4: 22:1c:b8:ec:5f:a6:f4:68:a0:c5:fe:4a:36:27:ab:49:6a:74: 9e:44:aa:07:3f:01:fb:79:a0:90:e9:d2:6f:53:cc:02:49:67: 95:c9:4b:02:6c:ee:bf:6e:8d:bc:31:b7:f5:d7:6f:6b:b2:ab: 87:ef:a9:36:6d:fa:9c:c9:2e:a6:4a:64:76:69:96:0b:8f:c0: 40:f8:9e:7d:d5:83:ea:0a:28:7b:ed:b5:8e:1c:cb:94:73:e2: 93:7b:1f:f9:6a:5f:bb:34:0b:dc:e1:5c:9d:a1:c2:c2:00:87: 08:cc:e3:50:63:a4:59:32:6b:6b:b4:a6:e2:6f:3d:7b:75:59: 82:74:53:2e:90:1b:5e:b4:ca:42:ce:03:e2:8e:b4:d6:88:f1: 40:52:11:19:b3:ee:ec:33:39:3b:80:95:f7:66:44:a1:78:ac: 99:0c:6c:f4 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgIDAOWcMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5 MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG MDM3OTZGODg5QjU0MDAeFw0yNTEyMTcwNDE0MzJaFw0yNjEwMjMwMzAxMDNaMDMx MTAvBgNVBAMTKDVFQjhDNTdENzJGNzk0NkREN0IyNDIwNTk5Mjg4RUNBMTUzQ0I3 MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMpU1oVnQacfW8Y5Sd peFZey/L0dcWB2I8jywquts7z202is2geftzlIroRdKf5rvfu53LuHT0xt53lG/p lIURIhoOA2DX9zdGxOEFRufOrTcRePrYsUafYAYl9bWCwcYc9HhOQaiYk7lqOzjh yZXyd9lp/qZArteePDj8Srmsh7G2zt8gBySIcwI5RGuHOlCnqjUg4ldsbwlzz2Vn RnDK/+Bhg3d1RrtbQKmxQr3xWaNkuStznUuf6nAEcHTCAEkcRmFczKdq3USjs2op 2BQI4G+hTtQSu3v0iZVKX/W+ULDeD8cTI6AyPucW/W0rvZr+yKm9B257dMHC1DdR I1a7AgMBAAGjggJTMIICTzAdBgNVHQ4EFgQUXrjFfXL3lG3XskIFmSiOyhU8twkw HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHUBggrBgEFBQcBCwSBxzCBxDA3BggrBgEF BQcwBYYrcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0 LzBWBggrBgEFBQcwCoZKcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzY0L1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5tZnQwMQYIKwYB BQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWwwIQYI KwYBBQUHAQgBAf8EEjAQoA4wDAICJksCAkYrAgJdKTANBgkqhkiG9w0BAQsFAAOC AQEAWVLErR7LcjE+lp2xjLiue9qiybBdM6StBIsbfuQszCu0fYRCetBgMv/jpEAt bLhXr6F/DHscZrwGaU0ySbmsLWuQpcli0vV4z2j20xDIqGnLh3yrQWJO4ai0Ihy4 7F+m9Gigxf5KNierSWp0nkSqBz8B+3mgkOnSb1PMAklnlclLAmzuv26NvDG39ddv a7Krh++pNm36nMkupkpkdmmWC4/AQPiefdWD6gooe+21jhzLlHPik3sf+WpfuzQL 3OFcnaHCwgCHCMzjUGOkWTJra7Sm4m89e3VZgnRTLpAbXrTKQs4D4o601ojxQFIR GbPu7DM5O4CV92ZEoXismQxs9A== -----END CERTIFICATE-----Generated at Mon Jan 12 09:22:17 2026 by rpki-client