This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft File: 1JQPURo42VRNSLTFxsObBYH4kf4.mft (raw, json) Hash identifier: VNy7KpKm0SRJo5F2jndu9mCu0wmYJbXyEWThN31ux/c= Subject key identifier: 14:AB:6B:DC:F1:DE:B6:17:49:DD:01:29:29:6C:74:EC:90:D5:45:97 Authority key identifier: D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE Certificate issuer: /CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE Certificate serial: 01D3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft Manifest number: 01D1 Signing time: Thu 04 Dec 2025 20:49:11 +0000 Manifest this update: Thu 04 Dec 2025 20:49:11 +0000 Manifest next update: Fri 05 Dec 2025 02:49:11 +0000 Files and hashes: 1: 1JQPURo42VRNSLTFxsObBYH4kf4.crl (hash: UhTcqhEey6Xm2RrCSJZO0grAwQCA7qSWVAhnp/6HKg4=) 2: XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa (hash: i76OhCIwCGUrBdnZ6U6M1/woB4YGh0bDGaiEq4xZxAA=) 3: o0yhMvDIOHV-tmQVctXjhUcSRiI.roa (hash: SLL3IhXfo60djFS/eMKmcoL3aMmfcJgrvUvuHnpcZXg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 467 (0x1d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE Validity Not Before: Dec 4 20:49:11 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=14AB6BDCF1DEB61749DD0129296C74EC90D54597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e8:68:2c:b2:b8:bc:c5:b5:48:c0:a1:a5:53: 9f:cd:0b:3c:dc:35:37:92:98:86:ac:f8:a1:a5:c5: 4a:2c:d0:75:56:67:8b:bc:33:ed:9a:28:d5:16:83: ef:b0:a5:10:c1:44:98:da:c5:c0:75:ec:ed:72:f2: ce:1f:3f:23:0e:e6:a8:8e:88:ed:9a:62:30:f9:93: 4f:48:b2:8f:68:48:69:ad:c5:c8:f0:de:dd:60:19: e5:26:c7:52:54:f9:1f:31:43:12:1f:25:0c:53:0a: e8:16:c7:0b:30:67:70:d9:d0:a0:74:3e:df:fe:51: 1e:e9:1f:2b:20:a2:0e:89:18:ad:53:ec:08:0f:7f: 67:74:05:81:b5:11:8c:d3:8f:fa:d8:93:cb:61:5d: f0:a5:47:44:4b:5a:b0:25:5e:93:63:79:3c:51:cd: 3d:54:2d:1e:c6:4c:f5:11:65:65:95:b1:7b:9d:c7: 63:bd:ae:ec:11:16:fd:8a:30:ed:3c:8d:6f:3b:69: 56:d4:a2:c0:5a:a9:a8:13:ef:c5:36:22:86:71:65: 31:16:9b:2d:a1:29:d0:9f:46:b4:1c:be:0b:8a:05: d0:45:05:d4:52:62:a0:5d:96:af:ee:e6:e6:3d:51: 7d:b3:0e:67:82:3b:20:cc:ac:c2:fb:a8:36:36:2a: b2:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:AB:6B:DC:F1:DE:B6:17:49:DD:01:29:29:6C:74:EC:90:D5:45:97 X509v3 Authority Key Identifier: keyid:D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:ca:98:50:81:45:9a:03:31:29:1d:ab:7d:79:c9:2f:41:b9: 8d:7f:8d:71:2d:0b:5b:be:48:20:46:7c:67:e1:a8:11:d6:c2: 30:f4:9a:22:92:34:3a:96:89:ff:3e:7f:28:c0:25:c7:78:c7: 2e:ea:a6:db:4b:7a:b9:b5:70:bb:a0:91:0a:42:b1:06:9a:1f: 5f:bc:af:d4:95:85:40:f5:df:c1:cc:f9:8e:df:97:80:d2:d5: cb:8c:11:4f:4a:fb:19:ec:bd:89:cf:df:99:95:a4:4d:33:4e: e6:86:a5:16:66:8b:9a:c4:e7:48:e2:37:8c:36:9e:e2:e5:c2: 65:e8:80:c5:21:7a:3c:14:d3:d1:4d:71:6b:d3:e5:38:75:2d: f8:89:8a:3a:09:8b:d4:7a:77:39:b8:12:6f:89:5d:27:0f:12: 57:25:67:ac:a0:d4:98:2c:d0:b3:ce:dd:e4:a4:b1:de:40:1a: 53:ca:76:c3:c4:cf:01:be:0a:a4:79:9c:3f:29:dc:49:21:07: 6b:9c:4d:68:5b:86:21:2c:2c:27:1c:cc:cc:37:c8:50:d1:f6: 37:32:63:11:29:8c:16:0b:e9:02:a2:cb:ff:f3:49:c9:e0:02: 1f:aa:82:45:49:3d:84:99:ae:1b:70:7d:53:b6:e9:58:2d:b5: cd:97:e6:c0 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDQ5 NDBGNTExQTM4RDk1NDRENDhCNEM1QzZDMzlCMDU4MUY4OTFGRTAeFw0yNTEyMDQy MDQ5MTFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE0QUI2QkRDRjFERUI2 MTc0OUREMDEyOTI5NkM3NEVDOTBENTQ1OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB6Ggssri8xbVIwKGlU5/NCzzcNTeSmIas+KGlxUos0HVWZ4u8 M+2aKNUWg++wpRDBRJjaxcB17O1y8s4fPyMO5qiOiO2aYjD5k09Iso9oSGmtxcjw 3t1gGeUmx1JU+R8xQxIfJQxTCugWxwswZ3DZ0KB0Pt/+UR7pHysgog6JGK1T7AgP f2d0BYG1EYzTj/rYk8thXfClR0RLWrAlXpNjeTxRzT1ULR7GTPURZWWVsXudx2O9 ruwRFv2KMO08jW87aVbUosBaqagT78U2IoZxZTEWmy2hKdCfRrQcvguKBdBFBdRS YqBdlq/u5uY9UX2zDmeCOyDMrML7qDY2KrLPAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUFKtr3PHethdJ3QEpKWx07JDVRZcwHwYDVR0jBBgwFoAU1JQPURo42VRNSLTF xsObBYH4kf4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY4 OC8xSlFQVVJvNDJWUk5TTFRGeHNPYkJZSDRrZjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzFKUVBVUm80MlZSTlNMVEZ4c09iQllINGtmNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2ODgvMUpRUFVSbzQyVlJO U0xURnhzT2JCWUg0a2Y0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAXKmFCBRZoDMSkdq315yS9BuY1/jXEtC1u+SCBGfGfhqBHWwjD0miKSNDqW if8+fyjAJcd4xy7qpttLerm1cLugkQpCsQaaH1+8r9SVhUD138HM+Y7fl4DS1cuM EU9K+xnsvYnP35mVpE0zTuaGpRZmi5rE50jiN4w2nuLlwmXogMUhejwU09FNcWvT 5Th1LfiJijoJi9R6dzm4Em+JXScPElclZ6yg1Jgs0LPO3eSksd5AGlPKdsPEzwG+ CqR5nD8p3EkhB2ucTWhbhiEsLCcczMw3yFDR9jcyYxEpjBYL6QKiy//zScngAh+q gkVJPYSZrhtwfVO26Vgttc2X5sA= -----END CERTIFICATE-----Generated at Thu Dec 4 23:42:02 2025 by rpki-client