This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft File: ehQ2ihcE3eKwKNJtVNg718g0fOM.mft (raw, json) Hash identifier: 8qKjWKHWYQtstqT79Cyl+KuQ5bSAvZFvFnaMFCGpOmI= Subject key identifier: 4B:EF:53:D0:EA:53:37:4A:1D:5C:A7:34:25:8A:B7:81:95:75:AE:5C Authority key identifier: 7A:14:36:8A:17:04:DD:E2:B0:28:D2:6D:54:D8:3B:D7:C8:34:7C:E3 Certificate issuer: /CN=7A14368A1704DDE2B028D26D54D83BD7C8347CE3 Certificate serial: 0458 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft Manifest number: 0455 Signing time: Sun 21 Dec 2025 21:42:12 +0000 Manifest this update: Sun 21 Dec 2025 21:42:12 +0000 Manifest next update: Mon 22 Dec 2025 03:42:12 +0000 Files and hashes: 1: HfBEtTqWTSkAtipWavXVR-y9-jo.roa (hash: 3hFDbCdIfL+OLtSS0OXYLw7zBn+k/fXqDRXMxteGY5E=) 2: OURKKMBERp6fhyznG4QUV7I1fU8.roa (hash: tEDAKCve4qFLWqxZlyva9GdzhXGBXId4jj4unjkX/zM=) 3: ehQ2ihcE3eKwKNJtVNg718g0fOM.crl (hash: bB0BROeN2xz7WpJ1dbGjXbrwukCZdYOADvNSsWXHZkI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Dec 2025 03:40:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1112 (0x458) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7A14368A1704DDE2B028D26D54D83BD7C8347CE3 Validity Not Before: Dec 21 21:42:12 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=4BEF53D0EA53374A1D5CA734258AB7819575AE5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0b:c6:32:b6:77:89:30:3d:05:9e:c2:db:5d: 45:51:28:85:3d:87:d8:4f:bc:c4:91:ab:1e:22:5b: 7d:3a:77:2d:fc:42:da:d3:d4:44:38:0d:4a:a6:08: 35:c9:d7:ca:04:4e:61:04:1b:a8:78:c5:e9:a2:d1: 5a:c5:a3:a4:82:a3:1b:83:18:bc:6d:45:bd:ac:46: 86:4c:bb:f1:9a:83:3c:ce:7c:55:9b:2e:e3:77:1c: c1:11:eb:48:ad:7d:89:39:0c:8e:1e:34:08:fe:c8: 1c:e9:1e:fc:c9:e0:64:af:1d:23:6c:78:4b:9e:1d: b3:32:0d:37:66:e5:97:ea:9b:05:38:23:9b:48:d6: 6e:9c:ee:9e:a2:0e:fc:ed:89:c7:9b:76:25:42:31: 7c:f3:b5:84:0e:72:a3:e3:9d:cc:50:86:1b:a8:07: 01:94:66:83:44:8c:23:07:b8:72:77:2b:40:a5:31: 15:7d:70:84:d9:6c:c5:76:dd:2d:96:69:b0:75:76: d1:45:75:f4:47:3a:c2:1b:e2:51:ad:e3:a5:e1:e5: c6:79:0e:97:62:2a:f1:c8:46:7b:de:97:1b:8c:41: 77:9f:8b:f0:4d:3b:00:f3:15:6d:27:5c:3f:f7:d4: f6:ad:e9:da:1c:c8:af:37:46:cf:60:1d:14:34:82: 0a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:EF:53:D0:EA:53:37:4A:1D:5C:A7:34:25:8A:B7:81:95:75:AE:5C X509v3 Authority Key Identifier: keyid:7A:14:36:8A:17:04:DD:E2:B0:28:D2:6D:54:D8:3B:D7:C8:34:7C:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:aa:9d:58:b6:13:93:44:69:3c:aa:ed:fd:8f:67:ae:c1:27: 1e:cf:2c:d8:95:32:fe:54:94:e0:76:d9:38:24:1d:08:94:be: bd:8b:b8:f1:aa:81:1d:07:4a:a3:0e:a1:03:6b:c4:25:19:f7: 7a:0a:c3:84:f1:df:28:cb:9d:1e:e3:fb:8b:05:b4:ac:da:49: c5:64:26:ee:f3:19:8c:81:0e:eb:4b:63:28:ee:f2:3c:18:0c: b3:15:39:3c:47:ee:8f:78:43:ea:87:8b:1a:1f:5d:e9:22:5b: a8:95:c7:23:fe:91:1f:40:99:4b:40:a3:23:96:ab:7d:ab:86: 5f:62:22:86:37:41:03:a6:3e:9e:6d:1b:7f:9e:99:d2:0a:aa: 57:d1:e0:af:cc:53:2f:0a:21:56:92:91:31:99:17:16:95:be: 56:b1:f2:c5:fe:db:0a:2d:68:03:e4:bd:c0:56:ce:d5:b5:f5: cc:ef:29:4c:92:23:3a:9a:18:1d:00:a3:3d:da:71:e2:15:5c: 1d:f8:b9:c4:52:05:59:69:e9:0d:d0:d2:b7:13:26:02:b7:41: df:d2:86:38:12:13:25:0e:cd:9e:79:8f:18:1b:73:65:bc:59: 7e:f2:14:dc:8b:dd:d7:23:52:b7:c0:bd:d0:08:d5:df:f5:85: 36:27:6e:bd -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICBFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0Ex NDM2OEExNzA0RERFMkIwMjhEMjZENTREODNCRDdDODM0N0NFMzAeFw0yNTEyMjEy MTQyMTJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDRCRUY1M0QwRUE1MzM3 NEExRDVDQTczNDI1OEFCNzgxOTU3NUFFNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJC8YytneJMD0FnsLbXUVRKIU9h9hPvMSRqx4iW306dy38QtrT 1EQ4DUqmCDXJ18oETmEEG6h4xemi0VrFo6SCoxuDGLxtRb2sRoZMu/GagzzOfFWb LuN3HMER60itfYk5DI4eNAj+yBzpHvzJ4GSvHSNseEueHbMyDTdm5ZfqmwU4I5tI 1m6c7p6iDvzticebdiVCMXzztYQOcqPjncxQhhuoBwGUZoNEjCMHuHJ3K0ClMRV9 cITZbMV23S2WabB1dtFFdfRHOsIb4lGt46Xh5cZ5DpdiKvHIRnvelxuMQXefi/BN OwDzFW0nXD/31Pat6docyK83Rs9gHRQ0ggpjAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUS+9T0OpTN0odXKc0JYq3gZV1rlwwHwYDVR0jBBgwFoAUehQ2ihcE3eKwKNJt VNg718g0fOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzE1 L2VoUTJpaGNFM2VLd0tOSnRWTmc3MThnMGZPTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZWhRMmloY0UzZUt3S05KdFZOZzcxOGcwZk9NLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzE1L2VoUTJpaGNFM2VLd0tO SnRWTmc3MThnMGZPTS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCLqp1YthOTRGk8qu39j2euwScezyzYlTL+VJTgdtk4JB0IlL69i7jxqoEdB0qj DqEDa8QlGfd6CsOE8d8oy50e4/uLBbSs2knFZCbu8xmMgQ7rS2Mo7vI8GAyzFTk8 R+6PeEPqh4saH13pIluolccj/pEfQJlLQKMjlqt9q4ZfYiKGN0EDpj6ebRt/npnS CqpX0eCvzFMvCiFWkpExmRcWlb5WsfLF/tsKLWgD5L3AVs7VtfXM7ylMkiM6mhgd AKM92nHiFVwd+LnEUgVZaekN0NK3EyYCt0Hf0oY4EhMlDs2eeY8YG3NlvFl+8hTc i93XI1K3wL3QCNXf9YU2J269 -----END CERTIFICATE-----Generated at Mon Dec 22 01:06:50 2025 by rpki-client