This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft File: rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft (raw, json) Hash identifier: eCwiqOnAmAe1nc9lRWO2Q0I0Lx8uf0y69Gtufj3DORA= Subject key identifier: 21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Certificate serial: 042D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft Manifest number: 0410 Signing time: Sat 06 Dec 2025 20:16:04 +0000 Manifest this update: Sat 06 Dec 2025 20:16:04 +0000 Manifest next update: Sun 07 Dec 2025 02:16:04 +0000 Files and hashes: 1: --5p3HNP_npcM9WwQGiJmHx5u0U.roa (hash: Rl9Es6qphuLb/+2nbxNbdm0tzkYUplAdlWLJexuDZlE=) 2: 22EffpS7GnnifhXrI4tAbrDDc-g.roa (hash: 4E/yKu43inQAr1L9cp/ACPCiEVmbOTFL687c79yRLyA=) 3: 5phZxr5Uhb3NSuw3CQS7G12n8Ms.roa (hash: TiBiBqmX2u+8+lnUT723Nkj/vXcdxQpMq2cHfeG1nv8=) 4: 8GxBtEjdWLiRUsEQxe8VKmjAxXM.roa (hash: 0tZPdUKxLUPOpljwCfdgtZKJbSyJ2wrfzcl03BIcSWI=) 5: PrzOu3HLgb_fDfFfMV2C3u7dgAY.roa (hash: nQaZQEHGizfw2JArT6RRleWiUXqFqGuwPW1JdBlvgps=) 6: hTYglcTaggz46zo2uGojdNR6CiA.roa (hash: oxjLkgxJ/ScFrDTY2HsVJ3eQj12roDmJFBgsJUYTwQE=) 7: p8dPCz1-DM8oZAbLKQI9W1S52aI.roa (hash: YlDx1ECxWXJtCx373KSdly7XOBerHvXGr5nQka2FgVk=) 8: rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl (hash: MdnBC76K3SzpitSySb9Rd1vJNvjTbBKtQqaXh3f2t/g=) 9: yGBgQ_Is6mtpS4o_kSNsUFhygtE.roa (hash: R7h8Ue7gUr/+0YK1fEjPAlu/UJh1hg66VPEfvazJVHs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 02:16:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1069 (0x42d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Validity Not Before: Dec 6 20:16:04 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=21819E1E535962B163A6CC1063F191C7F6C5BE0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:eb:55:37:25:4e:0d:99:c8:9f:f1:4c:70:36: 38:4c:9b:db:3c:e2:67:20:93:f7:68:8a:51:f2:86: 5f:49:1e:6b:cb:3a:a7:5e:fb:da:ac:fe:da:a4:6a: 79:79:90:f0:36:73:2b:f2:98:b2:43:46:28:ae:67: b2:17:6a:8e:81:9e:27:95:97:e2:a5:9e:83:1d:0c: e9:24:52:c4:ea:bb:32:f8:5f:8c:13:74:c4:63:05: 9f:4e:15:96:cb:c8:e0:42:69:7e:b1:e7:9a:ed:11: ff:85:8e:96:c4:09:99:10:70:b0:29:71:51:71:30: 35:79:ce:c1:d8:7e:4f:a2:fa:02:b9:99:e4:a5:87: 21:e7:f4:7a:ab:c0:f2:07:02:06:20:8c:18:1b:4d: e2:4c:fc:16:6b:ae:33:96:5d:1f:6e:dd:1d:5a:fa: 2d:52:44:e8:81:8b:5f:41:01:c0:21:fc:e5:d8:8f: d9:53:81:3b:e2:2c:77:05:43:41:7c:ba:94:0b:1c: 67:f1:3c:b4:f7:06:20:0f:e8:9a:5e:92:b9:fc:47: f4:4b:5f:ae:08:dd:8c:b4:e9:1e:e6:de:ce:d1:a5: b0:e4:3c:84:5a:b1:3b:cc:c1:0c:98:db:a0:85:c8: 66:56:60:fa:dc:fe:64:46:5f:e0:f8:45:cf:e9:55: b4:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F X509v3 Authority Key Identifier: keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:9c:00:a1:1e:25:5f:4d:2e:4e:b8:bb:82:9c:91:2d:e6:67: 35:66:14:2f:a8:20:50:7c:81:a9:4e:14:56:75:7b:10:10:6c: 50:db:bf:f4:a2:b7:2f:33:b8:c0:7f:ae:6b:c8:a8:01:71:cc: b2:13:8c:7b:41:0f:c4:49:0c:19:65:07:b0:c1:37:b2:4d:f5: 5c:b0:53:01:ff:dc:06:c0:91:3c:1a:ba:6f:b2:8f:be:d0:0c: 1b:25:83:56:09:84:15:59:17:db:93:b0:3e:ce:77:8e:dd:53: 1f:47:74:39:7e:7a:1d:86:75:d9:71:88:61:a4:0b:33:87:14: 89:dd:a1:d0:3b:c4:5b:b9:3e:32:b7:44:86:1f:d4:e6:0d:f9: bc:8c:b9:31:cc:9d:52:4f:18:e2:00:a8:29:05:1c:48:ba:25: 48:4c:90:2a:3a:2b:ce:88:bc:2f:7c:14:a4:e8:b7:aa:e0:c7: 24:cc:29:0a:6d:e1:b3:96:23:50:0a:f5:c2:3d:48:2f:aa:fa: c5:0e:5e:6e:82:a3:78:9b:37:28:5c:1a:5e:f3:fb:22:7c:92: 54:ef:9f:53:38:df:f5:a7:6b:85:28:7b:44:37:fa:00:a9:a0: dd:ed:0e:1b:3a:63:48:34:3f:79:ba:b1:c5:67:5a:85:c4:e1: 5b:ae:b0:92 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURE MjcyNkRENkZGOUY1QTQ1OUFFNUIwQTlFRThFN0RERkM3RjA3QzAeFw0yNTEyMDYy MDE2MDRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDIxODE5RTFFNTM1OTYy QjE2M0E2Q0MxMDYzRjE5MUM3RjZDNUJFMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/61U3JU4Nmcif8UxwNjhMm9s84mcgk/doilHyhl9JHmvLOqde +9qs/tqkanl5kPA2cyvymLJDRiiuZ7IXao6BnieVl+KlnoMdDOkkUsTquzL4X4wT dMRjBZ9OFZbLyOBCaX6x55rtEf+FjpbECZkQcLApcVFxMDV5zsHYfk+i+gK5meSl hyHn9HqrwPIHAgYgjBgbTeJM/BZrrjOWXR9u3R1a+i1SROiBi19BAcAh/OXYj9lT gTviLHcFQ0F8upQLHGfxPLT3BiAP6Jpekrn8R/RLX64I3Yy06R7m3s7RpbDkPIRa sTvMwQyY26CFyGZWYPrc/mRGX+D4Rc/pVbSZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUIYGeHlNZYrFjpswQY/GRx/bFvg8wHwYDVR0jBBgwFoAUrdJybdb/n1pFmuWw qe6Ofd/H8HwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIy OC9yZEp5YmRiX24xcEZtdVd3cWU2T2ZkX0g4SHcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMjgvcmRKeWJkYl9uMXBG bXVXd3FlNk9mZF9IOEh3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADicAKEeJV9NLk64u4KckS3mZzVmFC+oIFB8galOFFZ1exAQbFDbv/Sity8z uMB/rmvIqAFxzLITjHtBD8RJDBllB7DBN7JN9VywUwH/3AbAkTwaum+yj77QDBsl g1YJhBVZF9uTsD7Od47dUx9HdDl+eh2GddlxiGGkCzOHFIndodA7xFu5PjK3RIYf 1OYN+byMuTHMnVJPGOIAqCkFHEi6JUhMkCo6K86IvC98FKTot6rgxyTMKQpt4bOW I1AK9cI9SC+q+sUOXm6Co3ibNyhcGl7z+yJ8klTvn1M43/Wna4Uoe0Q3+gCpoN3t Dhs6Y0g0P3m6scVnWoXE4VuusJI= -----END CERTIFICATE-----Generated at Sat Dec 6 22:07:02 2025 by rpki-client