This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft File: MtXsFcXlZORw7HsUzUfeLYYqzoM.mft (raw, json) Hash identifier: Ri7x4HD1yVtnXUlhktuju7kiy+fsADrHcgxTpMAdw74= Subject key identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3 Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 07FD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft Manifest number: 07F5 Signing time: Wed 24 Dec 2025 04:13:33 +0000 Manifest this update: Wed 24 Dec 2025 04:13:33 +0000 Manifest next update: Wed 24 Dec 2025 10:13:33 +0000 Files and hashes: 1: HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa (hash: nzM/sVo6T3wrJOKA8s9C/r1i/A+SHE4RxkcR9ZuDMqw=) 2: MtXsFcXlZORw7HsUzUfeLYYqzoM.crl (hash: 0y8oeALHv0WmjjIuLJUUce8/QWe8fDqerGTQFbV8Pcg=) 3: bC40d1-ghgM21ALWbp1O1UkgkdU.roa (hash: 9yTQDJvjPR2trUFfN17YffGLD8jC8nwJrrCPuFbW2Vc=) 4: dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa (hash: 7aICgRrTtrePB+0YhNu9XutmrrOoUeqPXvBeqh7Qv/Y=) 5: mrsHKrTmE4mOslEo5lBsb9iRJlk.roa (hash: a/F6thmLhHVyrowSSbW9el8yqJWv7IOkNKEtetCNUq8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Dec 2025 10:13:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2045 (0x7fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Dec 24 04:13:33 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=47AC346E7B3AC13DA66FB22DEB396C0EE042F7C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:06:ad:80:a7:c7:cb:d9:7d:75:2c:0c:3f:cd: c2:0d:d0:0f:94:80:71:80:08:b7:0d:13:d2:22:2e: 1f:69:28:26:a3:1f:7b:5b:82:d2:b7:18:d1:6b:dc: dd:7a:40:ed:ab:f0:fa:0b:60:77:af:60:f3:87:e8: 42:da:79:19:1c:dc:e1:96:7a:b5:cd:15:32:74:d9: 78:00:f9:ed:c6:df:84:c8:58:88:9a:91:31:55:c1: 21:2d:57:8c:47:bf:a1:ce:cc:9b:dd:07:18:30:67: a2:a9:94:4c:69:ea:53:21:88:d6:5c:10:c3:f1:a7: b4:90:07:76:2e:23:65:d9:ee:4a:48:ab:82:aa:20: 49:96:56:a2:82:28:70:db:75:f7:51:7d:82:16:97: b5:05:af:af:f5:ea:ee:ec:4a:e0:12:d8:ba:30:1b: 11:b3:aa:d5:db:a9:3d:12:36:63:cd:09:e9:b8:b4: 4d:cc:4b:d0:a9:a2:d2:e9:66:a0:cd:7a:e6:1c:b2: 09:c2:0c:7a:5e:5c:13:94:b5:64:28:13:c3:a6:c1: 02:5f:67:c7:b0:62:2a:2e:00:c8:15:04:d7:4f:59: e8:8c:7f:84:b6:f2:3d:50:37:04:31:c8:8a:88:b6: 4a:77:c9:be:89:01:e8:ca:76:2c:05:d7:91:52:25: fb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3 X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:cb:5b:bc:5e:eb:c2:0c:f7:3c:60:95:e0:01:c9:92:39:a7: ab:06:30:65:01:c6:fa:13:06:19:03:da:df:2f:ef:8b:41:cf: 93:95:2e:1b:fe:56:a0:b7:2f:f7:56:bb:de:c0:31:49:b5:b3: 00:d6:65:51:31:ac:c9:e7:3f:89:09:c6:c6:90:48:7c:45:46: f1:ab:c7:d1:cc:aa:c1:98:7a:21:82:e7:ef:7b:14:f1:de:34: 6c:03:c8:71:1d:11:a1:2b:17:4c:c3:29:55:42:56:54:53:92: 69:0b:bf:a3:9e:2b:fa:84:77:10:8d:c5:91:ca:c4:16:8f:cf: a0:bd:d4:18:86:d1:55:d2:e9:bd:c4:12:8f:50:9e:b4:ab:e6: cf:22:35:89:8e:46:87:fd:b1:b5:a5:82:0e:38:4c:fa:8a:12: 61:c3:28:3b:5a:8e:13:eb:3c:ee:1d:b0:d7:d5:f1:98:df:26: 6e:70:a6:15:c0:4f:11:c7:8a:3e:d7:d4:80:d9:41:51:21:e7: 00:e0:9e:47:75:de:54:8e:fc:2f:c7:c1:64:0b:11:00:e5:0b: dd:56:b1:46:41:1c:08:03:ff:46:8f:fc:8d:98:b5:f7:bd:6e: bc:f5:0a:49:63:98:7e:2d:83:47:15:e3:13:0f:0b:c6:89:d8: f9:9b:20:54 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICB/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNTEyMjQw NDEzMzNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDQ3QUMzNDZFN0IzQUMx M0RBNjZGQjIyREVCMzk2QzBFRTA0MkY3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVBq2Ap8fL2X11LAw/zcIN0A+UgHGACLcNE9IiLh9pKCajH3tb gtK3GNFr3N16QO2r8PoLYHevYPOH6ELaeRkc3OGWerXNFTJ02XgA+e3G34TIWIia kTFVwSEtV4xHv6HOzJvdBxgwZ6KplExp6lMhiNZcEMPxp7SQB3YuI2XZ7kpIq4Kq IEmWVqKCKHDbdfdRfYIWl7UFr6/16u7sSuAS2LowGxGzqtXbqT0SNmPNCem4tE3M S9CpotLpZqDNeuYcsgnCDHpeXBOUtWQoE8OmwQJfZ8ewYiouAMgVBNdPWeiMf4S2 8j1QNwQxyIqItkp3yb6JAejKdiwF15FSJfvLAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUR6w0bns6wT2mb7It6zlsDuBC98MwHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvTXRYc0ZjWGxaT1J3 N0hzVXpVZmVMWVlxem9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEfLW7xe68IM9zxgleAByZI5p6sGMGUBxvoTBhkD2t8v74tBz5OVLhv+VqC3 L/dWu97AMUm1swDWZVExrMnnP4kJxsaQSHxFRvGrx9HMqsGYeiGC5+97FPHeNGwD yHEdEaErF0zDKVVCVlRTkmkLv6OeK/qEdxCNxZHKxBaPz6C91BiG0VXS6b3EEo9Q nrSr5s8iNYmORof9sbWlgg44TPqKEmHDKDtajhPrPO4dsNfV8ZjfJm5wphXATxHH ij7X1IDZQVEh5wDgnkd13lSO/C/HwWQLEQDlC91WsUZBHAgD/0aP/I2Ytfe9brz1 CkljmH4tg0cV4xMPC8aJ2PmbIFQ= -----END CERTIFICATE-----Generated at Wed Dec 24 09:22:09 2025 by rpki-client