This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft File: LcO_WKfD4suVkd5E2HmTwNP3MnM.mft (raw, json) Hash identifier: RavreVKDwnRniBf5H5QHc1i8sgbgkryz0Fq5SKokvu4= Subject key identifier: 36:74:07:F6:67:E8:B7:FA:6A:B4:E4:16:F4:85:B0:12:C3:A3:1C:C4 Authority key identifier: 2D:C3:BF:58:A7:C3:E2:CB:95:91:DE:44:D8:79:93:C0:D3:F7:32:73 Certificate issuer: /CN=2DC3BF58A7C3E2CB9591DE44D87993C0D3F73273 Certificate serial: 0A6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LcO_WKfD4suVkd5E2HmTwNP3MnM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft Manifest number: 0A6A Signing time: Sat 06 Dec 2025 21:18:38 +0000 Manifest this update: Sat 06 Dec 2025 21:18:38 +0000 Manifest next update: Sun 07 Dec 2025 03:18:38 +0000 Files and hashes: 1: LcO_WKfD4suVkd5E2HmTwNP3MnM.crl (hash: 9yY+yqC2xQAjmRXHU4L2t+UqJplaPvvgSsbYw3Pq2X4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LcO_WKfD4suVkd5E2HmTwNP3MnM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:17:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2666 (0xa6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DC3BF58A7C3E2CB9591DE44D87993C0D3F73273 Validity Not Before: Dec 6 21:18:38 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=367407F667E8B7FA6AB4E416F485B012C3A31CC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:43:b9:90:a7:b9:1c:e8:12:8a:e5:8c:fb:aa: 6e:31:ee:eb:e5:b8:70:28:bd:51:a0:e3:9f:2a:d0: 77:8d:76:61:8b:9f:17:31:84:33:50:66:8a:09:bf: fa:99:0d:10:db:88:7e:b5:43:0c:12:1f:a7:fb:49: 3d:3f:c9:c4:0b:d4:a8:68:3f:82:bb:59:5a:b0:47: 27:a5:35:11:a1:ce:9a:12:83:1c:5c:81:e7:e8:70: d0:7a:ce:72:da:f7:6a:54:19:7c:d8:3c:c6:d5:21: fd:9d:fe:7e:b1:2a:ff:b3:ba:e7:e4:9d:5a:64:98: cb:25:63:14:3f:58:b6:f1:bf:80:c0:17:5d:98:c6: 3d:4e:f5:83:4e:be:e0:a7:74:13:93:92:9d:8d:0f: 2c:a0:b1:cb:c9:3d:55:83:4b:93:28:17:68:0b:19: b6:73:45:2d:61:38:c0:0a:e2:20:7f:57:ab:66:b8: 30:62:e6:dc:bd:28:4e:19:81:fb:31:92:b4:d5:46: 3a:56:52:c7:8c:ee:55:1c:b9:53:22:5e:23:da:23: 43:d1:4e:d5:9b:42:ab:50:2a:dc:bc:bf:5e:9a:36: 47:dc:38:18:a2:52:e4:b8:9a:20:cf:aa:af:a2:05: 4d:01:7b:f0:9d:72:5b:ff:b4:8c:08:33:ed:ee:6b: 36:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:74:07:F6:67:E8:B7:FA:6A:B4:E4:16:F4:85:B0:12:C3:A3:1C:C4 X509v3 Authority Key Identifier: keyid:2D:C3:BF:58:A7:C3:E2:CB:95:91:DE:44:D8:79:93:C0:D3:F7:32:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LcO_WKfD4suVkd5E2HmTwNP3MnM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:43:6d:fe:37:83:c4:f7:8a:af:1a:73:59:ea:08:fc:6f:73: 33:aa:93:f9:dc:ac:82:49:d0:9d:fb:f9:22:db:79:6e:15:d8: e2:b3:c4:27:14:2e:3a:80:2f:ab:15:95:98:ea:78:f5:42:55: 65:16:0a:af:6f:2e:3e:6a:19:bd:15:c1:1a:27:42:b1:d1:59: 3b:7b:b9:d4:62:22:dc:58:1e:e2:81:0d:04:88:b0:9a:76:49: cf:be:b3:d7:d0:22:c8:93:e0:3f:79:e0:51:79:d9:ef:ba:78: c9:30:e6:aa:f3:b7:f3:69:72:5f:23:bc:77:52:47:99:a3:ea: 85:38:9f:57:ad:5b:cb:70:ab:8d:3d:3e:b2:ea:37:f4:27:92: f8:98:67:7d:d3:06:64:f7:47:e8:84:2a:e2:d4:f7:8f:9e:4f: b3:d4:ca:a8:0c:ee:8f:cf:df:5c:05:11:55:7b:d8:9b:f6:a3: 8f:b2:3a:c1:15:16:39:eb:80:de:41:e2:0d:71:1e:30:76:a3: a5:17:ad:3b:1e:9f:ac:bb:d5:d9:4d:83:99:22:95:5a:3c:f9: 8d:74:d3:93:68:b2:c8:11:a8:ed:14:46:9d:46:34:cd:00:11: 55:2e:fd:53:c7:e9:34:fd:ea:f3:4e:67:c0:25:96:ea:d3:c2: a3:cf:a2:30 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRD M0JGNThBN0MzRTJDQjk1OTFERTQ0RDg3OTkzQzBEM0Y3MzI3MzAeFw0yNTEyMDYy MTE4MzhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM2NzQwN0Y2NjdFOEI3 RkE2QUI0RTQxNkY0ODVCMDEyQzNBMzFDQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpQ7mQp7kc6BKK5Yz7qm4x7uvluHAovVGg458q0HeNdmGLnxcx hDNQZooJv/qZDRDbiH61QwwSH6f7ST0/ycQL1KhoP4K7WVqwRyelNRGhzpoSgxxc gefocNB6znLa92pUGXzYPMbVIf2d/n6xKv+zuufknVpkmMslYxQ/WLbxv4DAF12Y xj1O9YNOvuCndBOTkp2NDyygscvJPVWDS5MoF2gLGbZzRS1hOMAK4iB/V6tmuDBi 5ty9KE4ZgfsxkrTVRjpWUseM7lUcuVMiXiPaI0PRTtWbQqtQKty8v16aNkfcOBii UuS4miDPqq+iBU0Be/Cdclv/tIwIM+3uazaPAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUNnQH9mfot/pqtOQW9IWwEsOjHMQwHwYDVR0jBBgwFoAULcO/WKfD4suVkd5E 2HmTwNP3MnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI5 Mi9MY09fV0tmRDRzdVZrZDVFMkhtVHdOUDNNbk0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xjT19XS2ZENHN1VmtkNUUySG1Ud05QM01uTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyOTIvTGNPX1dLZkQ0c3VW a2Q1RTJIbVR3TlAzTW5NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJFDbf43g8T3iq8ac1nqCPxvczOqk/ncrIJJ0J37+SLbeW4V2OKzxCcULjqA L6sVlZjqePVCVWUWCq9vLj5qGb0VwRonQrHRWTt7udRiItxYHuKBDQSIsJp2Sc++ s9fQIsiT4D954FF52e+6eMkw5qrzt/Npcl8jvHdSR5mj6oU4n1etW8twq409PrLq N/QnkviYZ33TBmT3R+iEKuLU94+eT7PUyqgM7o/P31wFEVV72Jv2o4+yOsEVFjnr gN5B4g1xHjB2o6UXrTsen6y71dlNg5kilVo8+Y1005NossgRqO0URp1GNM0AEVUu /VPH6TT96vNOZ8AllurTwqPPojA= -----END CERTIFICATE-----Generated at Sun Dec 7 02:52:07 2025 by rpki-client