This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft File: OrqLQlIyvliWg5beMqjrWgXuplg.mft (raw, json) Hash identifier: jeB85pJtGqWghN1AymcJk+Ix3XuSLkB8eu8E/SJ/Tz4= Subject key identifier: EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58 Certificate issuer: /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658 Certificate serial: 220C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft Manifest number: 2200 Signing time: Sat 06 Dec 2025 16:18:38 +0000 Manifest this update: Sat 06 Dec 2025 16:18:38 +0000 Manifest next update: Sat 06 Dec 2025 22:18:38 +0000 Files and hashes: 1: 7rjrvR7t1kwDsuU6ql7O_RYJUpg.roa (hash: PRS/WaIeY/npttmGhULQ+aQehhZu64V2nmOYOUJzpnc=) 2: OrqLQlIyvliWg5beMqjrWgXuplg.crl (hash: q0rcT9GsLJ7I1lB56ouvPgP10W7mr3uupMK5xEFXaq0=) 3: VF1HNjXn8rRBPrqRvcoiMdFDyQ0.roa (hash: HBjMB9aQvQdCkQlD8eVlEFwJpz/H7S9+mAlqlZbs4+s=) Validation: Failed, CRL has expired Certificate: Data: Version: 3 (0x2) Serial Number: 8716 (0x220c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658 Validity Not Before: Dec 6 16:18:38 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=EE3D61325FA4158F6DD8753251AAA0A434319DAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4a:bf:c1:b3:f6:44:ba:99:72:56:cb:1f:b3: 33:33:73:4e:03:34:6d:68:51:d4:2e:d3:f3:99:db: a5:47:b5:52:24:59:1f:31:c9:99:f2:42:a3:78:6b: 29:d6:70:26:97:8c:3d:d1:bf:0c:04:01:6e:72:9f: 9b:41:14:eb:2d:bc:db:b6:ab:ed:2b:5f:1b:a6:f1: 56:0b:6e:15:69:89:4b:3e:1f:d3:ce:ae:90:48:ab: fd:07:de:04:40:7a:ef:52:20:c2:c1:bd:b8:2e:19: 11:71:82:24:72:ad:09:42:84:cf:0a:ac:7e:6a:f4: 93:5e:20:86:65:82:6a:7a:15:fd:29:8e:59:74:0d: 0f:73:3f:78:d7:3b:11:e6:7c:af:e1:75:1b:58:82: 89:37:b1:c9:6a:b8:11:00:35:25:51:ff:81:2d:9b: 80:d6:88:03:10:90:f7:49:06:81:1f:ca:b1:fc:4c: 29:f1:db:4c:ca:e2:47:0d:52:28:cb:a5:9c:a0:09: 2d:ea:c8:95:1a:a0:bd:2e:93:af:0c:f6:c2:d2:89: 66:bc:0a:82:9d:2b:6d:40:29:8c:68:8b:06:85:7f: b7:85:1e:05:92:30:d7:7c:86:66:cb:9a:41:a4:52: 7b:e7:f9:ab:be:06:f1:8a:48:85:23:b5:45:f7:6f: ea:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF X509v3 Authority Key Identifier: keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:6b:71:b0:5c:cf:14:f2:6c:b9:ee:e4:10:18:11:fe:07:f0: 54:a1:cd:c8:ff:32:8d:1c:86:2f:3f:e2:90:45:6f:ba:b7:c4: d1:a9:ce:04:7e:4d:a2:98:fa:f5:e3:1c:d8:ba:f8:b0:b8:0d: 6d:70:19:e7:77:84:3a:5b:5e:30:a6:c9:96:69:e8:16:c8:8f: ca:5f:b0:b6:98:8a:c0:76:81:c3:d7:03:44:7d:5d:6f:94:fc: aa:50:1b:8f:1a:8d:62:5c:72:57:1c:66:32:07:c7:7d:4a:b1: 11:23:68:62:89:15:c4:35:67:a1:34:0c:d4:26:5a:c0:fe:64: b7:81:2b:7a:fa:d2:e1:24:56:19:ba:6a:8d:c2:fb:e7:b6:d9: ae:54:f2:f6:3b:4d:dd:89:1a:bf:fe:04:fb:52:f7:05:cd:f9: 70:5c:d5:5b:03:54:76:04:fe:8c:d2:95:fe:9a:13:68:60:75: 23:28:25:ef:68:97:c0:3e:c4:20:73:dd:1a:3a:42:91:8d:e6: 63:eb:a0:b7:1c:ab:f2:e3:2e:b9:46:70:35:3c:d8:47:75:db: c8:83:43:a2:b1:04:46:77:41:96:00:8c:ac:3c:fe:be:c0:0d: f8:eb:19:77:50:3d:3e:17:f1:a3:63:8e:0f:80:f2:ec:bc:3e: 0b:48:6c:ae -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yNTEyMDYx NjE4MzhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEVFM0Q2MTMyNUZBNDE1 OEY2REQ4NzUzMjUxQUFBMEE0MzQzMTlEQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8Sr/Bs/ZEuplyVssfszMzc04DNG1oUdQu0/OZ26VHtVIkWR8x yZnyQqN4aynWcCaXjD3RvwwEAW5yn5tBFOstvNu2q+0rXxum8VYLbhVpiUs+H9PO rpBIq/0H3gRAeu9SIMLBvbguGRFxgiRyrQlChM8KrH5q9JNeIIZlgmp6Ff0pjll0 DQ9zP3jXOxHmfK/hdRtYgok3sclquBEANSVR/4Etm4DWiAMQkPdJBoEfyrH8TCnx 20zK4kcNUijLpZygCS3qyJUaoL0uk68M9sLSiWa8CoKdK21AKYxoiwaFf7eFHgWS MNd8hmbLmkGkUnvn+au+BvGKSIUjtUX3b+o3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU7j1hMl+kFY9t2HUyUaqgpDQxna8wHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvT3JxTFFsSXl2bGlX ZzViZU1xanJXZ1h1cGxnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAKdrcbBczxTybLnu5BAYEf4H8FShzcj/Mo0chi8/4pBFb7q3xNGpzgR+TaKY +vXjHNi6+LC4DW1wGed3hDpbXjCmyZZp6BbIj8pfsLaYisB2gcPXA0R9XW+U/KpQ G48ajWJcclccZjIHx31KsREjaGKJFcQ1Z6E0DNQmWsD+ZLeBK3r60uEkVhm6ao3C ++e22a5U8vY7Td2JGr/+BPtS9wXN+XBc1VsDVHYE/ozSlf6aE2hgdSMoJe9ol8A+ xCBz3Ro6QpGN5mProLccq/LjLrlGcDU82Ed128iDQ6KxBEZ3QZYAjKw8/r7ADfjr GXdQPT4X8aNjjg+A8uy8PgtIbK4= -----END CERTIFICATE-----Generated at Sat Dec 6 23:05:54 2025 by rpki-client