This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft File: aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft (raw, json) Hash identifier: Q1Rafs0DlHGDq5DT0YTk8wFNO4NUvvafBcYCwzdBrPo= Subject key identifier: 39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94 Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 226A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft Manifest number: 2253 Signing time: Tue 23 Dec 2025 03:14:37 +0000 Manifest this update: Tue 23 Dec 2025 03:14:37 +0000 Manifest next update: Tue 23 Dec 2025 09:14:37 +0000 Files and hashes: 1: 9CSLI04QulnrnQ-UHevGHlqHnr8.roa (hash: uGu60xHP16pqv9mEC7avI6PBAyJp8zIpilllX2olr3g=) 2: YvxJMlGBtdhPwCe99e-TBRWSmno.roa (hash: U4S+JHkc2/dz4XfdQdt/8ojCwq7JqsXN3uR74WyZ1Sc=) 3: aP6HMIRMVaJb-HQCxP3ZEw8fy-c.roa (hash: fXEKdM5uTD2uZfbp7AsKEXmMlsEMvfXlWleKalWUB0Q=) 4: aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl (hash: C5Ge/NSTz/vLCA4frXZ2nHk06oJz7HeUGq0/LmLAHxE=) 5: j_kpTNBSK3t7GObLuJuO84r6yXg.roa (hash: 92qu/6Pnh10gXsJpooRaqzuk+tEHFKZQlp45GGTTNME=) 6: nsp1rCOyDgJcD6k5-03F0QZ3Gm0.roa (hash: VhCcjfeCfFFgpxPE8AvWfMfxwpMmlFBb5Au0JqK9qQE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 09:07:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8810 (0x226a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Dec 23 03:14:37 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=3955E7D78224F2A8E787381FC78AF15C0DD96294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d4:eb:44:e8:67:f1:ba:df:7b:27:01:02:81: 0f:fa:f1:5a:0b:8c:4b:38:05:f2:f4:01:74:33:ab: 85:c5:39:b8:f9:22:5c:56:85:6c:e8:4b:29:e6:64: 71:a1:98:ce:44:3d:6e:68:b4:85:f2:38:e9:ea:8a: ca:38:5a:8e:4c:24:40:da:76:37:8d:bf:ef:79:bf: 44:40:85:d0:92:6a:11:e3:30:06:d0:fe:79:fa:f8: 94:97:c7:16:ae:d6:1f:30:5e:47:12:20:cb:c6:47: f8:52:f4:a8:37:4c:b3:a0:26:74:05:a3:e1:72:a3: 54:8e:0a:78:25:0e:02:a7:d3:80:17:96:47:b8:f0: a3:4a:c8:95:9e:a5:ed:50:61:52:08:61:33:74:ec: 82:f2:f0:f7:05:06:9f:0e:9c:c9:e1:96:cf:f1:6a: 67:73:ac:d5:5a:e8:74:c2:22:76:1d:0d:de:1f:30: f2:b2:77:25:1d:ec:45:55:27:f3:20:fc:0c:73:d1: 21:15:54:91:2f:2e:80:6f:08:06:d9:0a:45:fd:d8: 40:38:a6:41:05:a2:30:5e:54:20:a2:2c:26:95:71: e9:60:59:12:15:cf:0b:b6:61:ec:f1:5c:5b:0a:4b: 86:b1:97:98:f6:cc:ec:e4:56:f6:cf:d4:3c:13:a4: 8a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94 X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:65:af:e9:ee:db:27:0c:7a:1a:b4:a6:72:e6:4d:70:82:2a: 91:76:8c:81:c9:df:c9:fb:be:4d:c2:76:b1:ab:01:ba:ad:51: 7b:2e:d0:4f:f8:fb:c6:16:a8:68:8f:70:40:0a:44:f1:0a:8e: 01:c1:7d:c4:15:58:1f:7e:4d:0c:c4:fd:23:50:d1:40:e7:26: 08:70:dc:35:7b:ec:57:f8:98:9c:65:16:a3:ba:8e:97:c9:6e: bb:87:51:92:1c:71:92:4a:98:99:2c:02:48:28:bb:46:ed:44: 7b:9f:e1:88:c8:29:d3:e0:0a:43:48:6d:2c:0a:d9:0f:64:5b: 1d:2f:77:6f:76:e2:f9:cb:c5:18:9d:d5:5d:f7:5d:17:64:8e: 6b:e4:37:36:98:7d:1e:be:9c:f6:53:3b:44:38:65:d3:ca:dd: a0:fe:97:1d:6b:34:c0:c9:ef:56:a4:cf:a7:68:e3:56:7b:de: 13:75:7c:e5:e4:58:ab:95:11:f2:3a:3f:a3:47:04:29:bc:dd: c9:0c:64:68:c1:f5:e5:35:40:80:8e:22:68:d8:af:70:c2:b4: e9:93:9f:87:83:09:67:57:bb:2f:d1:de:29:b0:54:02:47:87: 44:92:9b:b8:bf:13:6f:58:9f:a7:50:d7:5e:ab:1a:cf:9e:37: e2:e3:d9:76 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICImowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTEyMjMw MzE0MzdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM5NTVFN0Q3ODIyNEYy QThFNzg3MzgxRkM3OEFGMTVDMEREOTYyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCq1OtE6Gfxut97JwECgQ/68VoLjEs4BfL0AXQzq4XFObj5IlxW hWzoSynmZHGhmM5EPW5otIXyOOnqiso4Wo5MJEDadjeNv+95v0RAhdCSahHjMAbQ /nn6+JSXxxau1h8wXkcSIMvGR/hS9Kg3TLOgJnQFo+Fyo1SOCnglDgKn04AXlke4 8KNKyJWepe1QYVIIYTN07ILy8PcFBp8OnMnhls/xamdzrNVa6HTCInYdDd4fMPKy dyUd7EVVJ/Mg/Axz0SEVVJEvLoBvCAbZCkX92EA4pkEFojBeVCCiLCaVcelgWRIV zwu2YezxXFsKS4axl5j2zOzkVvbP1DwTpIqpAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUOVXn14Ik8qjnhzgfx4rxXA3ZYpQwHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvYWlHaEdxeE9yZ3Bq QmxtekdpTUxDTmExZ1hjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFtlr+nu2ycMehq0pnLmTXCCKpF2jIHJ38n7vk3CdrGrAbqtUXsu0E/4+8YW qGiPcEAKRPEKjgHBfcQVWB9+TQzE/SNQ0UDnJghw3DV77Ff4mJxlFqO6jpfJbruH UZIccZJKmJksAkgou0btRHuf4YjIKdPgCkNIbSwK2Q9kWx0vd2924vnLxRid1V33 XRdkjmvkNzaYfR6+nPZTO0Q4ZdPK3aD+lx1rNMDJ71akz6do41Z73hN1fOXkWKuV EfI6P6NHBCm83ckMZGjB9eU1QICOImjYr3DCtOmTn4eDCWdXuy/R3imwVAJHh0SS m7i/E29Yn6dQ116rGs+eN+Lj2XY= -----END CERTIFICATE-----Generated at Tue Dec 23 07:43:02 2025 by rpki-client