This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/hNlxQVfe8PgrAE1-qE11yBp4IGQ.cer File: hNlxQVfe8PgrAE1-qE11yBp4IGQ.cer (raw, json) Hash identifier: MWBhNn3NNowFwiOy6wvpNMeUwKhClOW0MTT2lD++sp0= Subject key identifier: 84:D9:71:41:57:DE:F0:F8:2B:00:4D:7E:A8:4D:75:C8:1A:78:20:64 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 43C4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/hNlxQVfe8PgrAE1-qE11yBp4IGQ.mft caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/ Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml Certificate not before: Wed 17 Dec 2025 00:39:32 +0000 Certificate not after: Thu 17 Dec 2026 00:24:24 +0000 Subordinate resources: IP: 144.79.148.0/23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 05:39:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17348 (0x43c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Dec 17 00:39:32 2025 GMT Not After : Dec 17 00:24:24 2026 GMT Subject: CN=84D9714157DEF0F82B004D7EA84D75C81A782064 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d9:91:8d:ef:f2:38:01:e1:03:fb:41:2f:ce: d8:cb:93:cf:e2:0f:d2:63:7e:9b:14:0a:3c:dc:a7: 28:d6:84:33:24:ec:b6:61:8c:4b:0b:ee:02:19:aa: 1f:7d:24:35:15:39:5c:36:aa:d7:4a:a3:84:53:15: c0:33:fa:45:c0:36:61:7a:f7:e1:db:9e:4f:b1:22: 45:bd:aa:83:28:08:2d:41:2f:0e:21:9f:65:67:73: ac:27:30:91:b0:74:1d:7a:c7:e3:0f:3d:59:f2:11: 3d:92:12:cb:06:53:dd:f8:1b:76:65:33:c8:ac:bf: 88:79:a3:25:5f:9e:fb:04:82:ed:b9:75:35:13:4b: 8a:62:6a:2f:c5:4c:89:26:26:c6:3c:60:56:82:85: 9e:c3:d8:8f:ac:1d:d6:95:de:0e:9d:84:a9:9c:9a: b8:f8:93:dc:35:43:d1:28:b8:cf:24:c6:1f:68:a5: 19:8e:22:58:5a:99:c2:b0:f9:2b:f5:e2:43:31:fe: 47:60:ae:43:53:56:78:a8:50:b9:29:e0:98:66:40: ab:1a:87:ce:85:40:39:0e:71:82:83:6b:54:01:b0: e9:be:7b:a1:08:4e:37:9a:06:4c:1a:14:c7:d6:30: cc:e8:8c:6f:ad:ef:49:48:95:06:1e:bd:86:d8:91: fb:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:D9:71:41:57:DE:F0:F8:2B:00:4D:7E:A8:4D:75:C8:1A:78:20:64 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/ RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3418/hNlxQVfe8PgrAE1-qE11yBp4IGQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 144.79.148.0/23 Signature Algorithm: sha256WithRSAEncryption 71:85:6e:3a:d9:8f:93:85:ab:cb:aa:e7:a6:b5:64:dc:b7:77: 4d:e8:44:a2:e4:c8:19:07:70:ec:0b:01:96:64:72:b2:8c:30: cf:94:90:d2:6e:ec:fe:de:1d:2b:0d:25:47:f8:8c:d7:34:ea: c6:b6:08:74:d8:6b:50:5d:ef:9f:3d:b4:8d:4e:3c:3c:3c:2f: 34:99:b3:ce:b8:14:4a:13:02:bb:4d:f4:63:b2:8d:09:a0:da: fc:53:00:80:33:05:96:f5:91:0d:4c:0b:1e:78:2d:c6:e7:fc: ad:fa:55:64:53:18:8f:34:95:c9:eb:80:98:17:f5:00:b0:a0: 85:37:39:77:df:30:22:ec:69:2e:18:0b:91:01:3d:f1:38:f6: eb:19:de:0f:87:28:01:84:02:a6:be:b6:14:e6:42:27:ba:55: 31:4b:d8:57:5f:52:84:ad:95:f9:12:54:a9:7e:c7:97:b4:74: 20:ae:2b:22:52:3c:44:23:a7:fb:57:f4:e0:90:26:f5:ab:50: c6:4b:4c:58:9f:10:8d:bd:cb:2f:5b:a5:c8:70:51:2c:cf:71: fc:d5:40:4d:fe:15:63:cb:d2:ef:d0:5a:64:7d:30:be:91:20: 7a:4d:6c:00:e4:9b:6c:3b:b9:58:94:1d:b5:d5:af:74:45:dd: 6f:2d:3b:8a -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgICQ8QwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI1MTIxNzAwMzkzMloXDTI2MTIxNzAwMjQyNFowMzEx MC8GA1UEAxMoODREOTcxNDE1N0RFRjBGODJCMDA0RDdFQTg0RDc1QzgxQTc4MjA2 NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMXZkY3v8jgB4QP7QS/O 2MuTz+IP0mN+mxQKPNynKNaEMyTstmGMSwvuAhmqH30kNRU5XDaq10qjhFMVwDP6 RcA2YXr34dueT7EiRb2qgygILUEvDiGfZWdzrCcwkbB0HXrH4w89WfIRPZISywZT 3fgbdmUzyKy/iHmjJV+e+wSC7bl1NRNLimJqL8VMiSYmxjxgVoKFnsPYj6wd1pXe Dp2EqZyauPiT3DVD0Si4zyTGH2ilGY4iWFqZwrD5K/XiQzH+R2CuQ1NWeKhQuSng mGZAqxqHzoVAOQ5xgoNrVAGw6b57oQhON5oGTBoUx9YwzOiMb63vSUiVBh69htiR +5UCAwEAAaOCAlUwggJRMB0GA1UdDgQWBBSE2XFBV97w+CsATX6oTXXIGnggZDAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwgdgGCCsGAQUFBwELBIHLMIHIMDkGCCsGAQUF BzAFhi1yc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx OC8wWAYIKwYBBQUHMAqGTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC8zNDE4L2hObHhRVmZlOFBnckFFMS1xRTExeUJwNElHUS5tZnQwMQYI KwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9ycmRwL25vdGlmeS54bWww HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGQT5QwDQYJKoZIhvcNAQELBQAD ggEBAHGFbjrZj5OFq8uq56a1ZNy3d03oRKLkyBkHcOwLAZZkcrKMMM+UkNJu7P7e HSsNJUf4jNc06sa2CHTYa1Bd7589tI1OPDw8LzSZs864FEoTArtN9GOyjQmg2vxT AIAzBZb1kQ1MCx54Lcbn/K36VWRTGI80lcnrgJgX9QCwoIU3OXffMCLsaS4YC5EB PfE49usZ3g+HKAGEAqa+thTmQie6VTFL2FdfUoStlfkSVKl+x5e0dCCuKyJSPEQj p/tX9OCQJvWrUMZLTFifEI29yy9bpchwUSzPcfzVQE3+FWPL0u/QWmR9ML6RIHpN bADkm2w7uViUHbXVr3RF3W8tO4o= -----END CERTIFICATE-----Generated at Sun Dec 21 02:56:06 2025 by rpki-client