This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json) Hash identifier: +WkshE4n3BIZMmnjs8FKHpbKeIbZuVHeA6TvWGH+4vE= Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 0A4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft Manifest number: 0A35 Signing time: Thu 04 Dec 2025 18:15:58 +0000 Manifest this update: Thu 04 Dec 2025 18:15:58 +0000 Manifest next update: Fri 05 Dec 2025 00:15:58 +0000 Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=) 2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: Tj9rVphB9TgUi3xbMAWTwWuoYI7KjXLGHJYhS9QgDdw=) 3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=) 4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=) 5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=) 6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=) 7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 00:15:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2635 (0xa4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Dec 4 18:15:58 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8: 6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61: 71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be: 1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9: 3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76: a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd: fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0: d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b: 2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7: b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15: f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b: 67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52: b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68: 1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f: 92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea: d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59: f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4: 16:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:41:59:ce:70:96:26:6e:8c:10:a9:4c:69:f4:b4:e4:95:7f: c6:7c:47:81:5b:ba:19:d5:c3:20:9b:3c:a7:bd:aa:32:4b:51: 2a:b8:c7:13:11:8c:c0:29:48:ee:80:40:26:06:f2:48:d6:2d: 9d:84:01:bc:b9:be:2d:e9:fd:fd:69:94:aa:b9:de:b3:de:31: 4d:e4:14:b0:ca:f8:b9:78:cb:a9:ee:30:72:a0:ec:90:b3:92: d2:ea:e4:58:11:71:c8:e1:6d:e2:f5:91:43:00:7d:68:92:4d: ef:20:f3:e6:c9:90:8a:89:34:c8:ae:3e:08:5a:3e:34:54:45: b4:4a:97:d5:16:02:f1:3b:73:99:0e:cb:4f:58:7c:77:14:ec: 23:37:a2:46:a4:c8:f0:61:12:28:82:4e:dd:e5:5c:11:a4:d3: 12:f9:bc:46:63:6c:90:b8:a5:46:5f:5e:33:7c:50:6a:4c:03: 7a:5d:e1:f5:ca:4f:ba:a5:56:f7:77:36:6a:2c:e6:d3:7d:3c: 0f:b4:bb:2e:07:30:36:85:74:34:d2:38:e4:52:89:4d:8e:8d: d9:c2:67:55:57:16:ac:d2:cc:a6:3b:60:f4:7b:15:92:b2:dc: 79:86:f1:53:03:3c:c5:33:12:1f:ae:8b:ef:28:c1:e2:cb:23: e9:3a:d0:b2 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCkswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTEyMDQx ODE1NThaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD 97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE 8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6 b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEtBWc5wliZujBCpTGn0tOSVf8Z8R4FbuhnVwyCbPKe9qjJLUSq4xxMRjMAp SO6AQCYG8kjWLZ2EAby5vi3p/f1plKq53rPeMU3kFLDK+Ll4y6nuMHKg7JCzktLq 5FgRccjhbeL1kUMAfWiSTe8g8+bJkIqJNMiuPghaPjRURbRKl9UWAvE7c5kOy09Y fHcU7CM3okakyPBhEiiCTt3lXBGk0xL5vEZjbJC4pUZfXjN8UGpMA3pd4fXKT7ql Vvd3Nmos5tN9PA+0uy4HMDaFdDTSOORSiU2OjdnCZ1VXFqzSzKY7YPR7FZKy3HmG 8VMDPMUzEh+ui+8oweLLI+k60LI= -----END CERTIFICATE-----Generated at Thu Dec 4 23:42:02 2025 by rpki-client