This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft File: yGYvK0iswHfpWADlqpLOFtJuHeo.mft (raw, json) Hash identifier: yA/LIhB1L9YCPgNbpieaDgEQezfJJknb0E1TOHphzo4= Subject key identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27 Authority key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA Certificate issuer: /CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Certificate serial: 02DE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft Manifest number: 02D8 Signing time: Thu 04 Dec 2025 20:48:43 +0000 Manifest this update: Thu 04 Dec 2025 20:48:43 +0000 Manifest next update: Fri 05 Dec 2025 02:48:43 +0000 Files and hashes: 1: 4IPxAcBB8d60RbMzQW1q_Zk5spc.roa (hash: RSRbi+VJkcVS/ILldg1kKiHadRJWcM1Mmw3Dk4goFaM=) 2: ehTiw9rYkRpnHO8xmephp32y72U.roa (hash: ZnSUAZcJTNu5SHbMWhhDR7TcoG7T1MIVuMxVggswvaw=) 3: uW_sUHl-3HScavxDrg5eg9_INJ4.roa (hash: reqWK3fVKlZA3fra6G1lT9OteuvSXtDOZpPqJhZckac=) 4: yGYvK0iswHfpWADlqpLOFtJuHeo.crl (hash: B1gHGgQ5Y8aNRIdyOqp5mQ92LM/U3uGICNrijiJxun8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 734 (0x2de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Validity Not Before: Dec 4 20:48:43 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=947CDE3614F027AFB0FD1C6D9ED9F827170D6327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:53:3e:ae:64:8f:6b:31:45:e5:ec:51:02:5b: 5b:15:41:6a:62:0e:d2:df:92:ca:34:b3:fc:9f:d4: d3:f5:93:40:bd:8e:a4:a3:4b:84:38:04:db:3a:bf: df:bb:a9:b7:7a:0f:28:7b:12:48:54:ac:52:48:55: 1e:99:93:0c:10:b7:06:0a:80:3c:0c:98:79:20:67: 1e:2d:33:c3:fb:37:8d:30:7e:ea:17:e1:f2:27:22: c0:a9:fc:2e:a1:53:e5:ac:b5:25:de:93:45:a2:b6: 1b:4a:7b:89:81:2f:32:c2:8d:98:50:f3:23:0b:22: 88:4d:77:2f:90:8b:20:e9:dd:35:35:af:8a:bb:e5: 8f:7e:50:5d:88:98:07:06:9e:3a:e2:8a:81:a7:83: 1a:9a:6b:c0:45:1d:9c:ab:18:52:d4:6d:6d:85:35: 29:a7:08:1f:00:49:4e:97:ec:43:48:f4:5f:54:6e: 0a:1e:6a:7d:a0:5e:45:e1:df:7e:85:fe:22:be:cc: 22:b3:8b:53:86:64:b7:90:c4:60:84:6f:40:a3:0f: 61:e9:29:bd:a7:44:c4:73:64:be:ba:4e:69:e2:dc: 8c:09:40:c0:00:76:9e:81:ab:17:95:d7:53:07:0f: 1f:b2:a1:b6:f7:d2:b4:54:a0:3c:31:43:82:cc:d0: 36:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27 X509v3 Authority Key Identifier: keyid:C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:f4:92:7d:b4:7e:d5:3b:42:0c:fc:8a:d8:05:52:c7:c1:1c: 66:2e:95:72:67:f1:53:1f:46:f8:2d:ab:2d:98:6a:ef:1b:90: be:df:09:03:83:db:e4:c4:a3:4c:db:c3:1c:4a:d0:ed:7b:7f: 94:eb:1c:f0:11:45:30:d5:74:d3:09:f5:c2:9d:c8:a6:06:82: 82:38:c9:51:be:e0:0d:bf:24:86:35:61:e6:4e:3f:d7:84:cb: b7:a3:75:6a:65:2f:30:a9:06:a2:b1:29:1f:be:50:88:fa:e8: f1:de:90:44:8f:ac:4f:dd:6a:a2:8d:bc:c5:d9:fd:d8:2b:d9: e8:3d:68:6b:51:98:2c:cd:80:53:23:39:81:ba:75:6d:b3:68: 70:5a:47:a0:01:5d:52:19:88:83:84:cb:36:15:b3:c6:46:93: 46:bc:68:b5:02:ef:ba:3b:49:b0:80:38:05:2f:26:26:5c:52: 41:55:c3:66:a6:45:bd:dd:25:b4:f8:df:6c:72:04:6b:98:da: 10:26:f1:9d:7c:dc:b8:56:7a:88:dc:4f:1d:21:59:39:28:1f: 33:1b:d9:48:b2:cc:23:fe:c4:d2:61:e3:8a:7f:1b:56:e1:ff: 3a:05:53:a5:66:2c:6a:47:64:76:c4:94:59:d1:21:6c:ef:0e: 4d:03:3d:ae -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzg2 NjJGMkI0OEFDQzA3N0U5NTgwMEU1QUE5MkNFMTZEMjZFMURFQTAeFw0yNTEyMDQy MDQ4NDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDk0N0NERTM2MTRGMDI3 QUZCMEZEMUM2RDlFRDlGODI3MTcwRDYzMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjUz6uZI9rMUXl7FECW1sVQWpiDtLfkso0s/yf1NP1k0C9jqSj S4Q4BNs6v9+7qbd6Dyh7EkhUrFJIVR6ZkwwQtwYKgDwMmHkgZx4tM8P7N40wfuoX 4fInIsCp/C6hU+WstSXek0WithtKe4mBLzLCjZhQ8yMLIohNdy+QiyDp3TU1r4q7 5Y9+UF2ImAcGnjriioGngxqaa8BFHZyrGFLUbW2FNSmnCB8ASU6X7ENI9F9Ubgoe an2gXkXh336F/iK+zCKzi1OGZLeQxGCEb0CjD2HpKb2nRMRzZL66Tmni3IwJQMAA dp6BqxeV11MHDx+yobb30rRUoDwxQ4LM0DYtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlHzeNhTwJ6+w/Rxtntn4JxcNYycwHwYDVR0jBBgwFoAUyGYvK0iswHfpWADl qpLOFtJuHeowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3 MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3lHWXZLMGlzd0hmcFdBRGxxcExPRnRKdUhlby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzAveUdZdkswaXN3SGZw V0FEbHFwTE9GdEp1SGVvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJL0kn20ftU7Qgz8itgFUsfBHGYulXJn8VMfRvgtqy2Yau8bkL7fCQOD2+TE o0zbwxxK0O17f5TrHPARRTDVdNMJ9cKdyKYGgoI4yVG+4A2/JIY1YeZOP9eEy7ej dWplLzCpBqKxKR++UIj66PHekESPrE/daqKNvMXZ/dgr2eg9aGtRmCzNgFMjOYG6 dW2zaHBaR6ABXVIZiIOEyzYVs8ZGk0a8aLUC77o7SbCAOAUvJiZcUkFVw2amRb3d JbT432xyBGuY2hAm8Z183LhWeojcTx0hWTkoHzMb2UiyzCP+xNJh44p/G1bh/zoF U6VmLGpHZHbElFnRIWzvDk0DPa4= -----END CERTIFICATE-----Generated at Thu Dec 4 23:40:49 2025 by rpki-client