This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft (raw, json) Hash identifier: Wxc+MwcVG2l3pxiptlAv1XdhGZA4H3riEmDaQqW7o/s= Subject key identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 221F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft Manifest number: 2213 Signing time: Sat 06 Dec 2025 21:19:37 +0000 Manifest this update: Sat 06 Dec 2025 21:19:37 +0000 Manifest next update: Sun 07 Dec 2025 03:19:37 +0000 Files and hashes: 1: DZ9goMqh1tbZJtmWmEe55G3UPM8.roa (hash: UB5MHBmQqSFhvXeEyjlx1wflR5Gqg2Tx9OCUubTS/H8=) 2: XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl (hash: sLZpd5ShXdZgx+MCg6MB8b2sLIMqkuGpoIKPd0EEqmo=) 3: v77HvQ8JDbuFO6M8TtpWDePh1QU.roa (hash: mBShptqUxFMYNN76UxyduwjMIWjbI3OnoZJA06+Uy70=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8735 (0x221f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: Dec 6 21:19:37 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=287752BEC0FDA7B793BFEC2A92AF3F53F95AC430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f8:ef:96:ea:9c:43:2a:bf:98:64:05:ae:64: 1e:c6:6c:65:ad:d5:f8:e3:52:f4:94:f2:1a:da:83: 0a:2c:1d:b9:60:41:ff:38:8d:68:a3:92:ba:1b:a0: d0:9e:35:9c:66:1b:94:26:ad:7d:c6:77:03:d7:50: a9:7b:ce:83:b7:b6:d9:19:69:5d:3e:48:90:b0:e9: fc:cb:fd:94:5d:70:d7:dd:c6:4c:0b:0d:2d:59:d3: 4a:0e:c4:fa:00:47:0f:97:93:3b:4d:7b:31:f5:70: b4:f8:59:f1:84:fb:65:10:5b:2f:c4:cd:55:94:84: b6:a2:ae:3f:95:ab:66:3f:3e:77:c3:38:91:d8:ab: 00:c4:cf:73:33:7e:e4:47:16:f9:f2:ad:07:61:f3: 20:20:17:33:02:07:4a:fb:d5:cc:3c:e4:d9:ec:ca: 3c:0d:e0:30:da:fc:a2:26:e2:8d:bb:5e:61:5a:5b: c8:e3:56:9e:73:0a:72:a6:9d:f8:18:8b:f8:f7:92: 94:5a:54:98:53:56:bc:a9:81:4d:56:db:12:ae:19: 3d:11:1e:7d:b3:fb:70:08:9e:26:60:74:26:f2:72: 4a:cc:47:bc:f0:93:07:91:cf:f8:69:fe:ec:f7:3d: 09:64:0a:69:49:2e:98:94:b2:cc:72:e9:b4:62:a9: 93:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:0d:c6:3e:95:da:a3:2a:95:8a:95:6c:2c:3e:25:f7:88:f9: 80:fc:72:f9:23:84:11:89:5b:8d:87:ee:b2:cc:2d:f0:e9:23: 06:2a:a4:1c:1e:e7:cc:64:85:e7:d8:74:50:f2:6d:c6:f9:18: 94:a9:b0:1d:d2:c6:82:8c:56:ea:b8:ce:c7:81:8c:97:57:ce: 11:9b:fc:84:e9:5a:6b:bd:60:b8:4d:e9:24:a4:f4:02:70:3e: 06:e9:14:75:2c:03:8f:d9:16:6b:f8:eb:db:9a:02:ca:6c:1b: 3a:a8:28:a4:09:38:00:92:af:2a:0c:bc:5b:2e:45:0a:29:6e: a9:03:5b:6e:50:c2:f0:16:c9:37:9d:4f:83:34:0d:dd:66:7d: 0b:5b:10:ec:81:18:45:02:ee:dc:cb:8f:c2:2d:b5:e3:88:54: 9c:64:0a:61:cb:db:74:c0:af:3c:92:a9:bc:35:b4:2b:5e:b1: 76:7d:5a:39:d2:cb:ee:7d:b4:53:64:b5:77:fa:ea:33:ff:53: 3d:5b:b2:56:a6:d7:b3:38:47:0b:b7:f5:39:a9:dd:75:ee:98: d1:c0:cf:be:55:03:03:2a:de:c9:d6:33:34:83:33:3d:9b:cf: ac:0e:d9:ec:49:82:18:ae:1f:1f:0f:e6:c6:55:9a:e6:92:4b: 2b:60:57:75 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIh8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNTEyMDYy MTE5MzdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDI4Nzc1MkJFQzBGREE3 Qjc5M0JGRUMyQTkyQUYzRjUzRjk1QUM0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6+O+W6pxDKr+YZAWuZB7GbGWt1fjjUvSU8hragwosHblgQf84 jWijkroboNCeNZxmG5QmrX3GdwPXUKl7zoO3ttkZaV0+SJCw6fzL/ZRdcNfdxkwL DS1Z00oOxPoARw+XkztNezH1cLT4WfGE+2UQWy/EzVWUhLairj+Vq2Y/PnfDOJHY qwDEz3MzfuRHFvnyrQdh8yAgFzMCB0r71cw85NnsyjwN4DDa/KIm4o27XmFaW8jj Vp5zCnKmnfgYi/j3kpRaVJhTVrypgU1W2xKuGT0RHn2z+3AIniZgdCbyckrMR7zw kweRz/hp/uz3PQlkCmlJLpiUssxy6bRiqZN3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKHdSvsD9p7eTv+wqkq8/U/laxDAwHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvWGFDbDdNSVlMYkFP dUZ4aU1UMVh1V3RfMW80Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAcNxj6V2qMqlYqVbCw+JfeI+YD8cvkjhBGJW42H7rLMLfDpIwYqpBwe58xk hefYdFDybcb5GJSpsB3SxoKMVuq4zseBjJdXzhGb/ITpWmu9YLhN6SSk9AJwPgbp FHUsA4/ZFmv469uaAspsGzqoKKQJOACSryoMvFsuRQopbqkDW25QwvAWyTedT4M0 Dd1mfQtbEOyBGEUC7tzLj8ItteOIVJxkCmHL23TArzySqbw1tCtesXZ9WjnSy+59 tFNktXf66jP/Uz1bslam17M4Rwu39Tmp3XXumNHAz75VAwMq3snWMzSDMz2bz6wO 2exJghiuHx8P5sZVmuaSSytgV3U= -----END CERTIFICATE-----Generated at Sun Dec 7 03:08:54 2025 by rpki-client