This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft File: UgcnAEPag5sInL-JHVe0GrI5rYo.mft (raw, json) Hash identifier: 9233TM7EA9NUAcV8dM/hOlc2GzDR9XVkS0NPjsZSybY= Subject key identifier: 07:6B:FC:AB:6C:1B:91:6D:A2:F5:0F:1A:9F:03:3F:91:66:7C:4A:22 Authority key identifier: 52:07:27:00:43:DA:83:9B:08:9C:BF:89:1D:57:B4:1A:B2:39:AD:8A Certificate issuer: /CN=5207270043DA839B089CBF891D57B41AB239AD8A Certificate serial: 0C09 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft Manifest number: 0C09 Signing time: Sat 06 Dec 2025 16:18:27 +0000 Manifest this update: Sat 06 Dec 2025 16:18:27 +0000 Manifest next update: Sat 06 Dec 2025 22:18:27 +0000 Files and hashes: 1: UgcnAEPag5sInL-JHVe0GrI5rYo.crl (hash: SNZJhBoJC5hekX7MxsMxVSj1lZNF2oHrSjjBI9nrnPQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 22:17:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3081 (0xc09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5207270043DA839B089CBF891D57B41AB239AD8A Validity Not Before: Dec 6 16:18:27 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=076BFCAB6C1B916DA2F50F1A9F033F91667C4A22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:25:7c:17:61:a5:b7:97:2d:83:0c:08:aa:14: d8:8c:da:f3:0e:a4:fc:c6:60:69:23:35:d3:df:a5: 20:17:4c:f8:ca:fd:24:d5:c1:f9:f7:8c:87:fd:a4: 13:37:70:b9:a7:1a:c6:76:5a:ff:65:eb:00:3b:cb: ad:70:e4:62:6e:f6:50:78:0e:c8:91:02:42:ec:a8: 27:89:a2:d7:b2:94:c8:85:90:8f:2a:4c:b5:19:14: 42:33:cb:83:e8:38:27:72:1b:29:71:b5:41:2e:0f: 54:25:dd:8b:f0:ef:4b:32:1f:5f:12:dd:c7:d0:7f: 4a:db:7b:a1:21:0e:dd:b8:75:97:d2:05:98:95:13: 81:44:09:41:d6:8a:14:c0:b5:a1:f0:1c:8c:a1:a3: d5:ad:fe:da:d8:ac:a9:6b:bf:54:27:b1:96:6b:88: 3b:60:23:36:5e:d1:5d:7a:7c:80:9c:f6:84:40:c8: 2f:88:31:94:f7:9e:bc:50:d2:2e:15:9a:23:df:9c: 20:39:42:88:d7:c5:d7:1a:10:b1:2c:7a:0f:e3:ed: 0d:d9:d7:c2:6f:be:8b:a0:84:51:8f:b2:97:b8:54: 00:f4:b8:7f:3a:44:5d:5f:5d:2b:6a:25:01:02:73: 4c:71:ea:b9:7a:64:61:27:ca:ec:99:79:8a:c1:83: 20:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:6B:FC:AB:6C:1B:91:6D:A2:F5:0F:1A:9F:03:3F:91:66:7C:4A:22 X509v3 Authority Key Identifier: keyid:52:07:27:00:43:DA:83:9B:08:9C:BF:89:1D:57:B4:1A:B2:39:AD:8A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:95:2a:3f:96:ca:88:2f:d7:61:8e:f5:11:9c:de:7a:05:44: 42:c5:65:49:2e:60:55:8e:45:a2:4b:c3:65:7d:dc:7f:52:b7: a4:86:7e:75:2c:1c:b4:b1:95:a2:61:1f:b8:e6:ee:8f:38:9a: 0c:30:dc:a7:7f:63:d1:b1:4e:30:f7:fe:c4:fd:4c:28:20:9f: a7:ea:dd:d3:e1:21:f9:92:02:96:3b:16:d4:13:8e:3a:4d:e9: 3c:11:ba:59:c7:5e:f4:c0:12:61:3a:a4:16:9f:47:21:1e:f7: 8e:f1:62:84:d2:d3:9a:fc:75:8a:08:7f:ac:4a:28:89:59:db: 4d:a5:18:7e:9c:74:d0:14:bd:4f:d9:9c:95:8e:25:6b:0f:3d: d9:03:49:c7:9e:9e:66:7b:32:6f:5b:cf:cf:7d:22:ff:4b:e8: 2f:39:38:ae:5d:3d:38:44:24:87:31:83:13:6c:d3:a2:6d:43: ac:6e:53:e1:37:81:6a:f3:1a:29:67:b2:a7:4f:41:61:6e:3e: b9:80:c8:92:40:df:1d:78:2b:42:65:7a:36:d9:03:d0:dd:74: d9:25:79:1f:94:7f:5d:19:93:b4:67:da:47:3f:1c:e8:42:3a: ba:8d:63:de:b8:9a:25:16:e0:f6:bb:90:ea:a5:91:29:b5:12: 0a:dd:c3:b3 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTIw NzI3MDA0M0RBODM5QjA4OUNCRjg5MUQ1N0I0MUFCMjM5QUQ4QTAeFw0yNTEyMDYx NjE4MjdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDA3NkJGQ0FCNkMxQjkx NkRBMkY1MEYxQTlGMDMzRjkxNjY3QzRBMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8JXwXYaW3ly2DDAiqFNiM2vMOpPzGYGkjNdPfpSAXTPjK/STV wfn3jIf9pBM3cLmnGsZ2Wv9l6wA7y61w5GJu9lB4DsiRAkLsqCeJoteylMiFkI8q TLUZFEIzy4PoOCdyGylxtUEuD1Ql3Yvw70syH18S3cfQf0rbe6EhDt24dZfSBZiV E4FECUHWihTAtaHwHIyho9Wt/trYrKlrv1QnsZZriDtgIzZe0V16fICc9oRAyC+I MZT3nrxQ0i4VmiPfnCA5QojXxdcaELEseg/j7Q3Z18JvvoughFGPspe4VAD0uH86 RF1fXStqJQECc0xx6rl6ZGEnyuyZeYrBgyCRAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUB2v8q2wbkW2i9Q8anwM/kWZ8SiIwHwYDVR0jBBgwFoAUUgcnAEPag5sInL+J HVe0GrI5rYowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 MS9VZ2NuQUVQYWc1c0luTC1KSFZlMEdySTVyWW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VnY25BRVBhZzVzSW5MLUpIVmUwR3JJNXJZby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzEvVWdjbkFFUGFnNXNJ bkwtSkhWZTBHckk1cllvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFCVKj+Wyogv12GO9RGc3noFRELFZUkuYFWORaJLw2V93H9St6SGfnUsHLSx laJhH7jm7o84mgww3Kd/Y9GxTjD3/sT9TCggn6fq3dPhIfmSApY7FtQTjjpN6TwR ulnHXvTAEmE6pBafRyEe947xYoTS05r8dYoIf6xKKIlZ202lGH6cdNAUvU/ZnJWO JWsPPdkDSceenmZ7Mm9bz899Iv9L6C85OK5dPThEJIcxgxNs06JtQ6xuU+E3gWrz GilnsqdPQWFuPrmAyJJA3x14K0JlejbZA9DddNkleR+Uf10Zk7Rn2kc/HOhCOrqN Y964miUW4Pa7kOqlkSm1Egrdw7M= -----END CERTIFICATE-----Generated at Sat Dec 6 21:24:11 2025 by rpki-client