This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft File: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft (raw, json) Hash identifier: wXiN2HYEhD8G0/b7pEitmSBXZ2hPpotCi20S12YflBs= Subject key identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE Authority key identifier: 69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 Certificate issuer: /CN=697447C397D18C9E110B24E505C1146CF13EA871 Certificate serial: 0128 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft Manifest number: 0127 Signing time: Sun 07 Dec 2025 01:46:02 +0000 Manifest this update: Sun 07 Dec 2025 01:46:02 +0000 Manifest next update: Sun 07 Dec 2025 07:46:02 +0000 Files and hashes: 1: BZUi2Cy-x-5xY8XLQ7H-sa3JIuI.roa (hash: r4NPIAsWOPVI4/TlBnHCHN0/vB3fsl6rRgv0C6aogiE=) 2: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl (hash: Ftt1SAcPjvSXIUJaAqKHlTj11ereWOucGtIeGE3blYg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 07:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=697447C397D18C9E110B24E505C1146CF13EA871 Validity Not Before: Dec 7 01:46:02 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=AA54C733A646C84D43400EF5B3B5FE12DF33E3CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:f4:45:c8:e1:99:dc:ac:f8:b0:ab:32:f1: ec:35:60:05:c1:82:85:2a:68:82:d4:ce:52:46:71: df:ff:e3:66:54:ed:49:c4:c0:a8:e2:b7:d5:49:a2: f6:aa:aa:ca:24:79:c9:3f:7c:88:59:e6:b3:37:b9: 95:fb:98:63:34:0b:d2:a0:8c:b0:19:73:71:3a:bf: a5:b8:31:77:d3:16:14:3c:4a:26:e2:ab:4b:00:d4: ef:ae:07:ee:49:34:7c:d3:28:4c:44:47:97:7a:24: e0:dc:e8:51:bf:1b:10:74:c1:05:45:09:11:73:9d: 40:cf:c3:82:09:97:11:12:9f:89:af:f1:9f:16:f1: 0b:6f:60:17:70:07:7f:af:9b:67:58:22:e4:13:26: 7d:42:a0:eb:48:55:9f:55:bc:0e:40:5e:aa:a0:80: 64:65:f7:c0:7e:88:55:98:8d:bd:13:90:59:54:10: 34:50:03:45:73:b3:4d:40:15:9c:28:aa:fc:88:a7: c5:e6:35:82:8f:fc:90:48:77:d7:16:14:70:16:9d: d7:38:43:89:0f:d7:4b:17:d5:25:53:9b:0a:6c:b2: bd:08:f4:49:2f:16:d4:24:63:2d:9c:db:1d:56:18: 8b:bf:92:fb:e5:da:38:c1:ac:5c:a1:67:f7:e0:2f: c8:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE X509v3 Authority Key Identifier: keyid:69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:bb:5d:1a:ea:be:74:c6:b7:4f:ec:6d:eb:2e:fe:c4:db:24: 26:78:a0:d5:74:fb:e9:37:9a:aa:71:d6:7d:8b:0c:bf:1f:21: 95:17:89:60:f2:4c:5a:61:5a:58:40:07:b9:60:01:cd:9c:37: f5:08:30:c2:2d:8a:e6:21:db:60:4f:ba:ec:0f:d5:a8:32:cd: 81:a0:30:5a:ff:5a:f2:e8:7a:33:5d:b9:af:df:b4:ce:25:4b: 6c:63:0e:e3:81:aa:2b:00:9c:04:a7:e6:0a:85:84:83:04:65: 0f:59:ca:5d:fa:ca:b0:47:fd:39:6c:16:08:38:fa:e6:27:b8: 08:36:8b:ce:dc:db:88:d8:b3:d1:41:be:48:16:24:de:2e:bd: 94:9b:35:9c:66:67:f0:4c:dc:8b:46:b8:94:0c:7d:85:33:95: 00:12:18:ec:4c:c8:1f:e5:88:41:a1:9d:30:0f:16:35:d7:68: 77:fa:c0:96:f6:61:bb:4a:f8:3a:e4:72:5b:74:32:4c:cb:4f: c6:77:05:29:99:30:ab:c7:ee:ff:e1:ac:8a:5c:ec:61:49:af: 2a:05:15:ff:ea:92:a8:6d:6e:08:a3:fd:2c:75:9c:fe:4b:93: 5d:ed:8b:12:17:04:d2:bc:8f:99:2f:9e:e6:9b:33:48:c4:6e: 2a:dd:d8:39 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICASgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk3 NDQ3QzM5N0QxOEM5RTExMEIyNEU1MDVDMTE0NkNGMTNFQTg3MTAeFw0yNTEyMDcw MTQ2MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFBNTRDNzMzQTY0NkM4 NEQ0MzQwMEVGNUIzQjVGRTEyREYzM0UzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIGfRFyOGZ3Kz4sKsy8ew1YAXBgoUqaILUzlJGcd//42ZU7UnE wKjit9VJovaqqsokeck/fIhZ5rM3uZX7mGM0C9KgjLAZc3E6v6W4MXfTFhQ8Sibi q0sA1O+uB+5JNHzTKExER5d6JODc6FG/GxB0wQVFCRFznUDPw4IJlxESn4mv8Z8W 8QtvYBdwB3+vm2dYIuQTJn1CoOtIVZ9VvA5AXqqggGRl98B+iFWYjb0TkFlUEDRQ A0Vzs01AFZwoqvyIp8XmNYKP/JBId9cWFHAWndc4Q4kP10sX1SVTmwpssr0I9Ekv FtQkYy2c2x1WGIu/kvvl2jjBrFyhZ/fgL8h9AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUqlTHM6ZGyE1DQA71s7X+Et8z484wHwYDVR0jBBgwFoAUaXRHw5fRjJ4RCyTl BcEUbPE+qHEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMx L2FYUkh3NWZSako0UkN5VGxCY0VVYlBFLXFIRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYVhSSHc1ZlJqSjRSQ3lUbEJjRVViUEUtcUhFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMxL2FYUkh3NWZSako0UkN5 VGxCY0VVYlBFLXFIRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCRu10a6r50xrdP7G3rLv7E2yQmeKDVdPvpN5qqcdZ9iwy/HyGVF4lg8kxaYVpY QAe5YAHNnDf1CDDCLYrmIdtgT7rsD9WoMs2BoDBa/1ry6HozXbmv37TOJUtsYw7j gaorAJwEp+YKhYSDBGUPWcpd+sqwR/05bBYIOPrmJ7gINovO3NuI2LPRQb5IFiTe Lr2UmzWcZmfwTNyLRriUDH2FM5UAEhjsTMgf5YhBoZ0wDxY112h3+sCW9mG7Svg6 5HJbdDJMy0/GdwUpmTCrx+7/4ayKXOxhSa8qBRX/6pKobW4Io/0sdZz+S5Nd7YsS FwTSvI+ZL57mmzNIxG4q3dg5 -----END CERTIFICATE-----Generated at Sun Dec 7 07:28:52 2025 by rpki-client