This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft File: 3Vi43ud7iv5uKRpbggWxMTFpeE8.mft (raw, json) Hash identifier: WsudwAF7dkUVcJUDVnMsJ+xJgOkojYxXz7m1BcSwwDo= Subject key identifier: BF:2E:AB:E6:21:26:06:38:CA:17:18:30:91:2C:92:15:02:05:C9:86 Authority key identifier: DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F Certificate issuer: /CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F Certificate serial: 23BD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft Manifest number: 23B4 Signing time: Mon 22 Dec 2025 22:11:58 +0000 Manifest this update: Mon 22 Dec 2025 22:11:58 +0000 Manifest next update: Tue 23 Dec 2025 04:11:58 +0000 Files and hashes: 1: 3Vi43ud7iv5uKRpbggWxMTFpeE8.crl (hash: 4411p0IVNYuEBeEVsjDA43qZ2addOFhlclWOnhYWCNg=) 2: cqFqWP_u8PMUgu7Wa-ZJA_XHnQQ.roa (hash: LrTEljujW0Atd0a1+D8Fc6IgbT9Dits51r67dMvR4wQ=) Validation: Failed, unable to get local issuer certificate Certificate: Data: Version: 3 (0x2) Serial Number: 9149 (0x23bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F Validity Not Before: Dec 22 22:11:58 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=BF2EABE621260638CA171830912C92150205C986 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:9c:fd:ca:f5:18:1f:d8:26:53:80:57:67:c9: ee:a7:69:5e:ed:e4:a2:eb:de:d2:73:73:11:d5:6d: 6c:4d:91:5a:d8:68:84:64:29:08:a4:2a:24:a3:26: 3b:7c:30:e8:e3:b9:47:80:73:b8:2f:7c:b0:55:fc: 56:f1:d9:81:ac:8b:e1:eb:b2:81:3d:6f:f9:94:25: ba:2e:06:0b:86:ae:1d:35:ed:15:45:f7:15:06:bc: 84:71:36:01:e5:61:96:d6:78:c5:05:f1:cb:2a:7d: 70:99:1b:16:9c:42:42:e9:04:a9:b4:8d:a4:e0:12: f0:9a:3a:b7:cc:e7:63:8f:c6:b5:b1:e9:27:38:db: b9:fe:11:70:47:69:b8:8d:7f:b1:f1:26:58:fc:98: 16:6c:a5:2c:67:24:63:08:2d:63:47:c3:04:58:e3: 41:13:12:ec:d1:aa:a2:c2:51:4e:d6:ae:b7:ba:d7: f9:ce:6a:b7:08:4e:f4:e9:47:f9:54:f6:5c:a7:13: 6c:cf:e8:0b:bb:ce:3f:11:89:e2:8e:08:08:49:41: 18:90:ce:be:50:9c:0a:aa:16:6d:92:ed:fb:4e:74: 0e:c1:1c:61:38:d0:fa:be:fa:16:62:9e:1f:c8:ff: 67:05:57:f7:e3:1a:d9:85:bc:d6:7d:da:54:ec:7d: 0c:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:2E:AB:E6:21:26:06:38:CA:17:18:30:91:2C:92:15:02:05:C9:86 X509v3 Authority Key Identifier: keyid:DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:a0:a1:6b:63:04:31:07:c9:de:e2:6d:9d:31:73:fa:b4:64: 78:dd:d7:28:cb:76:ba:e5:af:25:76:f3:24:73:ad:79:64:36: 9a:06:7a:80:ac:a1:b0:97:51:fa:dd:41:fc:a4:87:df:ba:5c: 32:3a:1e:4f:f5:b2:65:3a:39:7e:42:4a:60:f3:1a:4e:91:2b: bf:37:7e:33:de:9c:67:d6:24:9a:6f:f7:c4:54:6b:9a:b3:66: 07:12:bf:83:c8:43:0e:6a:99:88:0d:2e:24:af:9d:3e:17:c1: ab:ed:91:01:45:e0:54:54:1f:ab:9f:5c:ac:1f:de:fa:7d:06: a3:fc:f9:16:eb:8b:81:53:d4:53:59:4f:fe:0a:1d:b1:56:9b: cd:eb:31:25:14:61:72:d6:99:96:8e:d0:40:82:64:ba:f0:3d: 76:4e:44:67:e3:be:15:67:2c:c6:9d:4e:01:da:9d:6c:e8:74: 8c:d7:bb:a2:71:14:c6:0e:8e:05:ac:98:c3:1a:9f:c0:bd:5b: f6:85:e7:28:b9:5c:81:83:03:08:ba:c5:7a:09:eb:3e:45:59: ca:ce:6a:45:13:bc:59:fc:17:e4:43:2b:e6:98:78:08:c8:1c: 1f:98:c7:b6:fb:6e:b8:95:db:2b:fe:df:e8:c1:6a:65:e2:12: b2:72:36:90 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICI70wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREQ1 OEI4REVFNzdCOEFGRTZFMjkxQTVCODIwNUIxMzEzMTY5Nzg0RjAeFw0yNTEyMjIy MjExNThaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEJGMkVBQkU2MjEyNjA2 MzhDQTE3MTgzMDkxMkM5MjE1MDIwNUM5ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDynP3K9Rgf2CZTgFdnye6naV7t5KLr3tJzcxHVbWxNkVrYaIRk KQikKiSjJjt8MOjjuUeAc7gvfLBV/Fbx2YGsi+HrsoE9b/mUJbouBguGrh017RVF 9xUGvIRxNgHlYZbWeMUF8csqfXCZGxacQkLpBKm0jaTgEvCaOrfM52OPxrWx6Sc4 27n+EXBHabiNf7HxJlj8mBZspSxnJGMILWNHwwRY40ETEuzRqqLCUU7Wrre61/nO arcITvTpR/lU9lynE2zP6Au7zj8RieKOCAhJQRiQzr5QnAqqFm2S7ftOdA7BHGE4 0Pq++hZinh/I/2cFV/fjGtmFvNZ92lTsfQxtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUvy6r5iEmBjjKFxgwkSySFQIFyYYwHwYDVR0jBBgwFoAU3Vi43ud7iv5uKRpb ggWxMTFpeE8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 MS8zVmk0M3VkN2l2NXVLUnBiZ2dXeE1URnBlRTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNWaTQzdWQ3aXY1dUtScGJnZ1d4TVRGcGVFOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzEvM1ZpNDN1ZDdpdjV1 S1JwYmdnV3hNVEZwZUU4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBACygoWtjBDEHyd7ibZ0xc/q0ZHjd1yjLdrrlryV28yRzrXlkNpoGeoCsobCX UfrdQfykh9+6XDI6Hk/1smU6OX5CSmDzGk6RK783fjPenGfWJJpv98RUa5qzZgcS v4PIQw5qmYgNLiSvnT4XwavtkQFF4FRUH6ufXKwf3vp9BqP8+Rbri4FT1FNZT/4K HbFWm83rMSUUYXLWmZaO0ECCZLrwPXZORGfjvhVnLMadTgHanWzodIzXu6JxFMYO jgWsmMMan8C9W/aF5yi5XIGDAwi6xXoJ6z5FWcrOakUTvFn8F+RDK+aYeAjIHB+Y x7b7briV2yv+3+jBamXiErJyNpA= -----END CERTIFICATE-----Generated at Tue Dec 23 20:07:10 2025 by rpki-client