Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
File: lIG05AkBXY630D82A4gw7BCYq8A.cer (raw, json)
Hash identifier: EWhMTsVVDbNwlnVi1KR+KPuZneRGWpspcwpqnFv1B7E=
Subject key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: E1E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Thu 23 Oct 2025 03:09:03 +0000
Certificate not after: Fri 23 Oct 2026 03:01:03 +0000
Subordinate resources: AS: 23852
IP: 58.66.0.0/15
IP: 59.107.0.0/16
IP: 124.172.0.0/15
IP: 203.88.192.0/19
IP: 211.147.224.0/19
IP: 211.155.16.0/20
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 05 Nov 2025 18:43:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57833 (0xe1e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000, serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Oct 23 03:09:03 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:12:b5:d5:0f:09:cf:53:c1:eb:72:7a:74:e4:
fc:bf:f2:70:a0:e4:95:02:fd:4b:f8:41:db:cd:3d:
1d:e3:24:a9:1d:10:87:35:81:56:1a:dd:ab:d1:93:
20:62:7a:b7:ed:03:e9:73:bd:ad:93:3e:01:e7:6c:
44:0e:23:a3:88:76:e8:ed:c9:62:6b:dd:f8:53:4b:
be:f5:5c:5c:f9:20:d2:85:d2:c1:52:52:eb:ab:ca:
8c:2e:b5:ba:06:86:e6:30:ab:a3:16:2d:1f:68:89:
cb:e8:db:84:24:7a:cc:48:dc:ce:ee:6c:40:4e:95:
a8:47:42:35:09:b8:1a:a3:a9:5e:5c:96:a3:6e:06:
64:95:49:e3:3a:c1:44:dd:00:50:fa:27:7d:52:e3:
c2:ea:ac:2d:f4:31:96:7a:2a:62:48:e9:e3:b5:8c:
63:4a:6a:5d:f2:d9:63:a8:ba:b5:97:68:60:d4:60:
43:a9:4a:16:cf:74:43:af:54:65:2b:6e:8a:56:3d:
fe:5f:c4:3e:73:2f:38:6e:03:4c:30:32:15:64:1e:
09:42:01:6c:9c:e9:b8:ad:2d:bc:e0:ba:f7:d9:2e:
31:ad:00:02:30:47:2f:f2:b0:01:84:94:e3:e0:b6:
27:3a:d6:92:09:e1:a7:c0:a0:41:2a:f7:d8:4b:d9:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
23852
sbgp-ipAddrBlock: critical
IPv4:
58.66.0.0/15
59.107.0.0/16
124.172.0.0/15
203.88.192.0/19
211.147.224.0/19
211.155.16.0/20
Signature Algorithm: sha256WithRSAEncryption
16:04:d8:50:7b:45:57:0e:bf:30:a6:0c:0f:d1:42:a4:4c:cd:
2c:1e:55:c4:81:c9:4f:17:9d:cd:b3:59:df:f1:6a:14:cf:6b:
16:8c:97:5c:6f:27:88:7b:e6:7d:68:3a:4b:93:7b:34:9a:c5:
dc:94:61:03:3f:cf:c6:e8:be:db:4a:74:9b:a6:d5:1f:2c:97:
c5:0e:8a:77:d0:9b:68:21:74:9c:d9:64:fe:43:9f:48:76:45:
e5:2e:34:11:dd:36:8c:01:1e:bc:e2:33:66:3a:8f:1b:6d:5a:
ea:c6:53:48:14:a7:08:af:5f:0d:6f:c2:6d:23:1d:da:2a:8c:
dc:81:ed:c9:3a:4a:1f:04:ca:25:21:c3:d6:a7:77:35:fe:24:
c2:63:61:bf:0c:6b:a5:84:5f:6d:62:f2:01:42:88:e6:05:a0:
ac:40:d8:9b:28:d7:d2:73:62:8f:44:48:fc:e8:a8:0c:cd:79:
b3:ed:4e:e5:ba:4c:7b:3a:94:8e:2d:7e:c5:dc:b4:79:3e:aa:
f1:cd:bd:e2:29:33:7f:46:38:c6:61:e0:0c:12:ec:b0:23:7a:
72:7d:e4:fe:61:4d:3c:ce:e0:e9:c4:16:cf:db:0e:7f:86:52:
36:de:84:10:18:db:94:f7:21:1d:a9:92:92:3a:de:ee:58:10:
1a:31:f6:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOHpMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNTEwMjMwMzA5MDNaFw0yNjEwMjMwMzAxMDNaMDMx
MTAvBgNVBAMTKDk0ODFCNEU0MDkwMTVEOEVCN0QwM0YzNjAzODgzMEVDMTA5OEFC
QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjErXVDwnPU8Hrcnp0
5Py/8nCg5JUC/Uv4QdvNPR3jJKkdEIc1gVYa3avRkyBierftA+lzva2TPgHnbEQO
I6OIdujtyWJr3fhTS771XFz5INKF0sFSUuuryowutboGhuYwq6MWLR9oicvo24Qk
esxI3M7ubEBOlahHQjUJuBqjqV5clqNuBmSVSeM6wUTdAFD6J31S48LqrC30MZZ6
KmJI6eO1jGNKal3y2WOourWXaGDUYEOpShbPdEOvVGUrbopWPf5fxD5zLzhuA0ww
MhVkHglCAWyc6bitLbzguvfZLjGtAAIwRy/ysAGElOPgtic61pIJ4afAoEEq99hL
2TVzAgMBAAGjggKFMIICgTAdBgNVHQ4EFgQUlIG05AkBXY630D82A4gw7BCYq8Aw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHSBggrBgEFBQcBCwSBxTCBwjA2BggrBgEF
BQcwBYYqcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYv
MFUGCCsGAQUFBzAKhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNi9sSUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEubWZ0MDEGCCsGAQUF
BzANhiVodHRwczovL3Jwa2kuY25uaWMuY24vcnJkcC9ub3RpZnkueG1sMBkGCCsG
AQUFBwEIAQH/BAowCKAGMAQCAl0sMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAh
AwMBOkIDAwA7awMDAXysAwQFy1jAAwQF05PgAwQE05sQMA0GCSqGSIb3DQEBCwUA
A4IBAQAWBNhQe0VXDr8wpgwP0UKkTM0sHlXEgclPF53Ns1nf8WoUz2sWjJdcbyeI
e+Z9aDpLk3s0msXclGEDP8/G6L7bSnSbptUfLJfFDop30JtoIXSc2WT+Q59IdkXl
LjQR3TaMAR684jNmOo8bbVrqxlNIFKcIr18Nb8JtIx3aKozcge3JOkofBMolIcPW
p3c1/iTCY2G/DGulhF9tYvIBQojmBaCsQNibKNfSc2KPREj86KgMzXmz7U7lukx7
OpSOLX7F3LR5Pqrxzb3iKTN/RjjGYeAMEuywI3pyfeT+YU08zuDpxBbP2w5/hlI2
3oQQGNuU9yEdqZKSOt7uWBAaMfaI
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:25:11 2025 by rpki-client