This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft File: m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft (raw, json) Hash identifier: bELrjgEASU1tUAsqO+g7mimq3H6v1nbvnqVN7MbAzJk= Subject key identifier: 42:CA:EE:A6:60:60:CA:33:38:7B:50:1B:B1:26:DC:FB:B8:C4:4E:4E Authority key identifier: 9B:4A:3C:36:B4:23:47:AC:EF:36:E8:4A:66:E6:9E:E5:9B:ED:8B:76 Certificate issuer: /CN=9B4A3C36B42347ACEF36E84A66E69EE59BED8B76 Certificate serial: 1CB1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft Manifest number: 1CAA Signing time: Sun 07 Dec 2025 01:49:57 +0000 Manifest this update: Sun 07 Dec 2025 01:49:57 +0000 Manifest next update: Sun 07 Dec 2025 07:49:57 +0000 Files and hashes: 1: U8G90-YYRgh6k3HDnDRzn22nZOU.roa (hash: 1ypHTYDNhHGShZNbyXb5EDdy2PfInXRHSiQUuVslDdQ=) 2: gcv3IRtBMP0g_QP2HXkJ4IuRlKU.roa (hash: W4N2kLS/TBnU7hLEU2XcWlrf1fkrk2tPC5ARdXrekA0=) 3: m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl (hash: XArESr+TwWH/v/wmEg1GTR0o8+uE7ubSfGlOr+JP9us=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 07:49:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7345 (0x1cb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B4A3C36B42347ACEF36E84A66E69EE59BED8B76 Validity Not Before: Dec 7 01:49:57 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=42CAEEA66060CA33387B501BB126DCFBB8C44E4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:e9:fb:c8:37:26:30:8e:a9:73:91:eb:0d: d3:a8:4b:94:58:77:f2:a5:18:d1:24:94:c9:4f:84: 16:5f:19:49:15:da:ef:5e:46:93:09:48:dc:21:2c: d6:38:6e:8c:9f:77:57:5a:af:4b:1a:53:6b:a1:32: 77:5c:75:26:c5:51:ab:17:75:bb:8c:26:74:b9:60: a0:77:e6:e7:14:62:f8:98:12:6f:35:59:62:2b:d5: 56:2d:e1:58:51:dc:35:6b:0f:ed:38:ac:0f:ee:24: 37:8e:94:8a:4d:81:d5:49:03:f1:af:58:e6:ac:dd: 33:3d:a6:ab:5d:64:4f:6c:78:8f:0e:7c:91:09:6d: a5:b9:9f:23:ee:d3:d9:86:81:84:20:f7:2a:94:9a: a0:25:0f:f5:5c:1c:8d:b3:2c:e2:9a:65:e5:8e:ef: 85:ec:ee:e0:2a:ce:77:5c:30:7a:0a:6b:66:38:c7: 58:60:8e:49:9a:c9:90:12:99:73:35:b4:ac:e4:85: ab:30:0d:a7:fa:ef:97:8c:64:c1:cc:93:a0:dc:0d: e6:18:f4:6d:f3:e3:2b:78:3c:4e:ba:97:98:c5:1b: bf:46:10:5f:f0:ef:cd:13:be:9c:a8:39:68:90:65: 51:b5:2f:20:8e:20:42:06:5d:58:4b:33:2b:a1:fb: f6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:CA:EE:A6:60:60:CA:33:38:7B:50:1B:B1:26:DC:FB:B8:C4:4E:4E X509v3 Authority Key Identifier: keyid:9B:4A:3C:36:B4:23:47:AC:EF:36:E8:4A:66:E6:9E:E5:9B:ED:8B:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:72:aa:e0:05:59:4f:52:61:27:e9:2e:c8:77:96:40:b9:6a: 68:ec:e2:67:55:7d:09:21:7b:30:2b:0f:40:53:5c:a3:b5:bc: 7e:73:88:a0:f6:b7:b3:14:ad:b3:82:b2:86:1f:e9:05:8f:e0: 24:fe:79:6e:ff:05:e4:ca:31:ac:41:40:b0:9b:b2:9e:2d:fd: 0c:ef:2d:56:0e:e8:30:84:3e:ae:30:63:52:a3:0e:13:3f:f8: df:6f:3d:ff:d0:f7:a5:a6:22:af:41:84:56:3e:74:2c:40:b5: 4d:dd:c2:4e:51:67:6a:03:35:bc:d7:07:09:8a:9d:bb:88:7b: 05:ba:47:7b:bb:84:c6:43:9e:75:0a:26:bc:a4:d7:78:f2:0e: 4d:47:5b:9b:d3:1a:83:0c:42:f0:3a:54:a5:03:1f:b3:9d:e1: 77:6b:8d:66:48:6c:de:8c:83:c3:ee:c8:16:e9:37:59:a5:57: 81:2f:0a:39:08:ac:47:2e:20:35:bf:aa:74:66:64:b8:af:1b: 23:e6:0d:db:24:19:83:d7:d5:21:bd:e5:ae:e5:16:7e:fc:b4: bb:0a:83:d9:fe:66:89:85:70:b0:7c:a3:d1:13:1c:b3:9b:e6: 4b:68:34:cd:63:95:e6:e5:b7:f9:7b:86:5d:41:cd:0f:1b:fc: 7a:86:95:5c -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICHLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI0 QTNDMzZCNDIzNDdBQ0VGMzZFODRBNjZFNjlFRTU5QkVEOEI3NjAeFw0yNTEyMDcw MTQ5NTdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDQyQ0FFRUE2NjA2MENB MzMzODdCNTAxQkIxMjZEQ0ZCQjhDNDRFNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlden7yDcmMI6pc5HrDdOoS5RYd/KlGNEklMlPhBZfGUkV2u9e RpMJSNwhLNY4boyfd1dar0saU2uhMndcdSbFUasXdbuMJnS5YKB35ucUYviYEm81 WWIr1VYt4VhR3DVrD+04rA/uJDeOlIpNgdVJA/GvWOas3TM9pqtdZE9seI8OfJEJ baW5nyPu09mGgYQg9yqUmqAlD/VcHI2zLOKaZeWO74Xs7uAqzndcMHoKa2Y4x1hg jkmayZASmXM1tKzkhaswDaf675eMZMHMk6DcDeYY9G3z4yt4PE66l5jFG79GEF/w 780TvpyoOWiQZVG1LyCOIEIGXVhLMyuh+/ZrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUQsrupmBgyjM4e1AbsSbc+7jETk4wHwYDVR0jBBgwFoAUm0o8NrQjR6zvNuhK Zuae5Zvti3YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTA4 L20wbzhOclFqUjZ6dk51aEtadWFlNVp2dGkzWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbTBvOE5yUWpSNnp2TnVoS1p1YWU1WnZ0aTNZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTA4L20wbzhOclFqUjZ6dk51 aEtadWFlNVp2dGkzWS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCScqrgBVlPUmEn6S7Id5ZAuWpo7OJnVX0JIXswKw9AU1yjtbx+c4ig9rezFK2z grKGH+kFj+Ak/nlu/wXkyjGsQUCwm7KeLf0M7y1WDugwhD6uMGNSow4TP/jfbz3/ 0PelpiKvQYRWPnQsQLVN3cJOUWdqAzW81wcJip27iHsFukd7u4TGQ551Cia8pNd4 8g5NR1ub0xqDDELwOlSlAx+zneF3a41mSGzejIPD7sgW6TdZpVeBLwo5CKxHLiA1 v6p0ZmS4rxsj5g3bJBmD19UhveWu5RZ+/LS7CoPZ/maJhXCwfKPRExyzm+ZLaDTN Y5Xm5bf5e4ZdQc0PG/x6hpVc -----END CERTIFICATE-----Generated at Sun Dec 7 06:43:15 2025 by rpki-client