This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft File: gL0CjXa7PVXmZBaamvDfKpjHUFU.mft (raw, json) Hash identifier: pegOO4Z3QG6Mu7TAuDGmK7b+ybvqJ3W0IBXz+4rWPpI= Subject key identifier: FA:3F:BB:B8:7E:5C:7B:29:FA:21:7F:39:55:03:60:5A:00:1E:68:CC Authority key identifier: 80:BD:02:8D:76:BB:3D:55:E6:64:16:9A:9A:F0:DF:2A:98:C7:50:55 Certificate issuer: /CN=80BD028D76BB3D55E664169A9AF0DF2A98C75055 Certificate serial: 03CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gL0CjXa7PVXmZBaamvDfKpjHUFU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft Manifest number: 03C7 Signing time: Sun 07 Dec 2025 01:46:34 +0000 Manifest this update: Sun 07 Dec 2025 01:46:34 +0000 Manifest next update: Sun 07 Dec 2025 07:46:34 +0000 Files and hashes: 1: 8C2_C6gmSDmgalrvcm8Ft5YQ9fc.roa (hash: cFvjS3C7Ni9jMGlyzmgHeGCnydk3CR0hQkqEtMnTBtQ=) 2: gL0CjXa7PVXmZBaamvDfKpjHUFU.crl (hash: PGUjdMZugmzGSJyFm5zJCoKFXTvctNEoGsrebluvttA=) 3: rG9SJlY2VCyvJqAzoBsnhQ0xcBM.roa (hash: JIOcK/4hBjG98Ni9c37B+JALVOIlIpEiHyXVV83dZhY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gL0CjXa7PVXmZBaamvDfKpjHUFU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 07:46:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 971 (0x3cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80BD028D76BB3D55E664169A9AF0DF2A98C75055 Validity Not Before: Dec 7 01:46:34 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=FA3FBBB87E5C7B29FA217F395503605A001E68CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:27:e1:84:0a:83:ff:ec:79:a2:9d:4a:97:a8: 69:00:14:a3:9d:11:75:70:8d:a7:1c:d4:66:d5:51: c7:10:fc:49:8f:34:62:61:f7:b2:61:e1:51:ba:51: 71:61:35:9c:f3:16:0c:cf:41:80:40:e8:c4:6a:d1: 20:dc:80:0a:bf:c2:a1:46:db:20:68:d8:d5:6b:66: 92:8d:36:f5:cd:8e:c0:00:fe:a8:f1:35:64:13:00: 34:65:0d:4d:03:67:2e:da:ca:1c:41:6b:cd:dd:cb: f2:af:be:43:b0:4d:6c:98:a2:6d:ef:89:00:a9:03: df:11:50:c2:95:21:9c:db:3d:a8:cc:4c:81:ed:be: 06:06:44:63:60:67:89:d9:fb:83:49:94:c9:fd:26: 62:c4:20:29:28:a2:b2:c3:cf:0e:dd:21:41:f5:3f: 5a:ed:c9:7c:62:4a:dd:44:9f:c7:be:9d:a0:e8:86: 48:5c:dc:de:a5:4e:cf:0a:c7:9d:e3:d8:59:82:62: 12:94:a9:5b:fe:cc:a4:f2:54:05:32:7d:07:7c:7a: ba:1a:e9:08:a8:c0:6a:cb:fa:db:f5:f1:69:54:d5: 74:72:4d:71:a3:6c:02:7e:b0:81:d8:de:46:19:32: ad:37:ae:d1:f1:87:43:36:c8:8b:6a:25:cd:3d:82: 78:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:3F:BB:B8:7E:5C:7B:29:FA:21:7F:39:55:03:60:5A:00:1E:68:CC X509v3 Authority Key Identifier: keyid:80:BD:02:8D:76:BB:3D:55:E6:64:16:9A:9A:F0:DF:2A:98:C7:50:55 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gL0CjXa7PVXmZBaamvDfKpjHUFU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:22:87:18:cd:08:99:de:6a:7f:f7:d3:73:9e:05:14:83:c5: 85:af:d9:51:9b:05:f4:48:7e:0c:3f:86:c2:99:37:76:a3:e4: f4:bf:20:40:4b:21:02:8c:20:26:2c:de:2b:5a:f6:33:e8:78: bf:67:b1:57:40:ad:85:7d:62:e8:b1:5b:86:a4:4e:79:e6:33: 4f:de:94:d2:36:f5:bd:84:48:51:1b:64:02:70:a6:85:c2:85: c3:86:11:8c:95:87:7a:6b:ef:88:ce:ef:34:c1:4c:aa:32:ec: 9f:ef:1d:0d:d4:db:55:51:2d:03:57:fa:9a:56:4d:86:ec:66: ec:29:99:92:19:2d:cd:15:44:9a:41:80:4c:85:92:3c:bc:1b: 10:de:cd:df:b6:eb:8e:ed:3a:7a:9f:77:94:5b:1b:24:c4:82: c5:1a:70:9b:5b:74:79:41:34:09:73:36:c2:1f:0f:be:a9:50: 77:03:46:ce:c2:2e:10:00:e8:2f:28:fd:42:88:2d:e2:b2:a7: 4b:e2:1a:1d:5d:8d:f5:9f:e8:0d:71:4e:9e:46:1e:bd:5f:b7: 70:35:dd:6e:76:ce:a5:4e:0a:d2:d4:17:b7:d3:64:70:95:40: 4d:f5:ba:0f:eb:a2:ea:07:ba:3f:30:c3:60:9a:65:73:cf:c4: 8d:7d:2e:95 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICA8swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODBC RDAyOEQ3NkJCM0Q1NUU2NjQxNjlBOUFGMERGMkE5OEM3NTA1NTAeFw0yNTEyMDcw MTQ2MzRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEZBM0ZCQkI4N0U1QzdC MjlGQTIxN0YzOTU1MDM2MDVBMDAxRTY4Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaJ+GECoP/7HminUqXqGkAFKOdEXVwjacc1GbVUccQ/EmPNGJh 97Jh4VG6UXFhNZzzFgzPQYBA6MRq0SDcgAq/wqFG2yBo2NVrZpKNNvXNjsAA/qjx NWQTADRlDU0DZy7ayhxBa83dy/KvvkOwTWyYom3viQCpA98RUMKVIZzbPajMTIHt vgYGRGNgZ4nZ+4NJlMn9JmLEICkoorLDzw7dIUH1P1rtyXxiSt1En8e+naDohkhc 3N6lTs8Kx53j2FmCYhKUqVv+zKTyVAUyfQd8eroa6QiowGrL+tv18WlU1XRyTXGj bAJ+sIHY3kYZMq03rtHxh0M2yItqJc09gnghAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU+j+7uH5ceyn6IX85VQNgWgAeaMwwHwYDVR0jBBgwFoAUgL0CjXa7PVXmZBaa mvDfKpjHUFUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 NC9nTDBDalhhN1BWWG1aQmFhbXZEZktwakhVRlUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2dMMENqWGE3UFZYbVpCYWFtdkRmS3BqSFVGVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjQvZ0wwQ2pYYTdQVlht WkJhYW12RGZLcGpIVUZVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAD0ihxjNCJnean/303OeBRSDxYWv2VGbBfRIfgw/hsKZN3aj5PS/IEBLIQKM ICYs3ita9jPoeL9nsVdArYV9YuixW4akTnnmM0/elNI29b2ESFEbZAJwpoXChcOG EYyVh3pr74jO7zTBTKoy7J/vHQ3U21VRLQNX+ppWTYbsZuwpmZIZLc0VRJpBgEyF kjy8GxDezd+2647tOnqfd5RbGyTEgsUacJtbdHlBNAlzNsIfD76pUHcDRs7CLhAA 6C8o/UKILeKyp0viGh1djfWf6A1xTp5GHr1ft3A13W52zqVOCtLUF7fTZHCVQE31 ug/rouoHuj8ww2CaZXPPxI19LpU= -----END CERTIFICATE-----Generated at Sun Dec 7 06:43:21 2025 by rpki-client