This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft File: vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft (raw, json) Hash identifier: 95ULWvfhsfhPvV9SaMSJu3EGoN6Rt0Gq5Ano0xmIwhk= Subject key identifier: 56:CA:4C:99:B6:C7:E8:0B:5F:09:94:1B:6E:F6:A3:5C:59:76:15:A1 Authority key identifier: BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 Certificate issuer: /CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Certificate serial: 2210 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft Manifest number: 220A Signing time: Sat 06 Dec 2025 21:16:21 +0000 Manifest this update: Sat 06 Dec 2025 21:16:21 +0000 Manifest next update: Sun 07 Dec 2025 03:16:21 +0000 Files and hashes: 1: 5O780YytFp2aIZUy2ebH7T6RP3k.roa (hash: dZYfjDP7WydvmeUNL1iHjp+9Hb7wVZPSu7zNq9EkS4c=) 2: vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl (hash: 7B6AfPoNih2gvYTj5n/fxS4uk0nK2gc6L921qC+WFQQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:16:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8720 (0x2210) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Validity Not Before: Dec 6 21:16:21 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=56CA4C99B6C7E80B5F09941B6EF6A35C597615A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:95:98:3c:86:db:0c:4f:fa:c0:9b:3b:6f:00: 11:c2:b7:65:ce:dd:c6:4e:0d:fb:7c:f3:5a:2f:f0: 10:6b:e5:75:0e:99:a2:e9:d3:4c:eb:83:fb:a4:66: 0c:ad:ec:f6:aa:26:ab:30:fc:08:e2:52:64:ec:74: d7:61:93:6e:29:a2:f2:11:6b:42:3c:a3:99:15:72: 97:8c:33:37:9a:43:88:4b:33:b6:d5:96:8d:91:99: f3:92:5f:ae:e4:ea:42:3b:7d:19:fb:b5:f4:42:ea: 80:f4:f9:50:8d:82:d0:69:cd:e3:11:a2:63:16:df: 60:c2:43:45:45:3f:27:11:e4:74:86:09:05:7f:fd: bb:6a:9f:c7:09:67:25:1d:b5:fc:86:51:6a:c8:38: 2d:a3:ed:17:8b:d1:e3:ca:9b:65:c3:4d:15:73:e5: 68:ae:5c:45:d4:8f:33:47:f3:2f:13:99:55:cd:40: ff:0f:b6:3b:91:43:7d:a6:a1:08:2a:e6:66:b9:05: 59:78:d5:a3:47:9e:87:f7:b5:55:5c:2a:5d:2e:5f: 8e:b7:b2:c9:6b:77:ea:73:50:b5:be:56:84:77:09: 23:2c:a4:ce:cd:01:12:32:24:37:97:08:a5:7d:48: 37:77:94:28:35:f7:4d:5f:51:6e:a0:a0:51:45:56: 3e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:CA:4C:99:B6:C7:E8:0B:5F:09:94:1B:6E:F6:A3:5C:59:76:15:A1 X509v3 Authority Key Identifier: keyid:BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:34:88:82:8d:52:07:e4:1d:fe:83:51:f6:b3:c1:ab:ae:46: 56:4d:42:86:87:13:8d:80:bd:26:9b:32:69:71:49:84:bb:48: 6c:a4:eb:6e:b6:a1:18:34:2a:63:55:08:5e:f0:4c:fc:cf:4f: 3a:ea:38:76:f8:ec:2b:6c:fe:0a:a2:97:cd:49:fa:39:1f:4a: a2:bb:0b:f9:66:65:9a:42:69:ae:93:c8:04:22:18:1f:08:89: 30:bb:0d:62:70:ae:0f:32:be:b9:51:12:db:45:08:b1:6a:53: 73:fb:64:44:31:94:c3:a9:16:73:56:f9:66:25:43:e1:1f:ac: ea:c6:64:02:68:0f:70:d6:a7:33:b1:7c:98:21:53:45:9a:e8: 89:66:82:01:47:40:32:66:a1:f3:dc:32:8b:17:d8:df:2d:50: 67:24:34:1f:19:49:13:69:15:a8:54:59:21:5d:77:73:5c:15: 5d:68:bc:ea:85:ff:cd:0b:e6:41:d6:b0:bf:49:9a:18:69:a9: dd:61:64:a2:dd:9f:d8:ec:a5:fd:3a:87:07:fa:89:be:86:df: d6:60:fe:9a:bc:b8:66:43:0a:4f:df:1c:cf:92:79:7c:15:dc: a7:c4:9f:15:f1:a8:33:7a:4b:cc:71:64:dc:a0:29:c7:1f:d4: ec:a7:2d:fa -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIhAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkNG NDAxN0E2RTI5MTVGMjYxNDdENDE5RTVGN0E3RDE2NEQwNDk4NDAeFw0yNTEyMDYy MTE2MjFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDU2Q0E0Qzk5QjZDN0U4 MEI1RjA5OTQxQjZFRjZBMzVDNTk3NjE1QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTlZg8htsMT/rAmztvABHCt2XO3cZODft881ov8BBr5XUOmaLp 00zrg/ukZgyt7PaqJqsw/AjiUmTsdNdhk24povIRa0I8o5kVcpeMMzeaQ4hLM7bV lo2RmfOSX67k6kI7fRn7tfRC6oD0+VCNgtBpzeMRomMW32DCQ0VFPycR5HSGCQV/ /btqn8cJZyUdtfyGUWrIOC2j7ReL0ePKm2XDTRVz5WiuXEXUjzNH8y8TmVXNQP8P tjuRQ32moQgq5ma5BVl41aNHnof3tVVcKl0uX463sslrd+pzULW+VoR3CSMspM7N ARIyJDeXCKV9SDd3lCg1901fUW6goFFFVj63AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUVspMmbbH6AtfCZQbbvajXFl2FaEwHwYDVR0jBBgwFoAUvPQBem4pFfJhR9QZ 5fen0WTQSYQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3 Mi92UFFCZW00cEZmSmhSOVFaNWZlbjBXVFFTWVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZQUUJlbTRwRmZKaFI5UVo1ZmVuMFdUUVNZUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzIvdlBRQmVtNHBGZkpo UjlRWjVmZW4wV1RRU1lRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADc0iIKNUgfkHf6DUfazwauuRlZNQoaHE42AvSabMmlxSYS7SGyk6262oRg0 KmNVCF7wTPzPTzrqOHb47Cts/gqil81J+jkfSqK7C/lmZZpCaa6TyAQiGB8IiTC7 DWJwrg8yvrlREttFCLFqU3P7ZEQxlMOpFnNW+WYlQ+EfrOrGZAJoD3DWpzOxfJgh U0Wa6IlmggFHQDJmofPcMosX2N8tUGckNB8ZSRNpFahUWSFdd3NcFV1ovOqF/80L 5kHWsL9Jmhhpqd1hZKLdn9jspf06hwf6ib6G39Zg/pq8uGZDCk/fHM+SeXwV3KfE nxXxqDN6S8xxZNygKccf1OynLfo= -----END CERTIFICATE-----Generated at Sun Dec 7 03:11:18 2025 by rpki-client