This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3219/o2ONnURLf8HfsOr6YxeqblUpSw0.mft File: o2ONnURLf8HfsOr6YxeqblUpSw0.mft (raw, json) Hash identifier: dsj61PwVaNQerUvBTWqgIug5VTKn2fSU+18Ae3I99JI= Subject key identifier: 02:D0:70:B9:6A:26:16:09:2A:B8:B5:D6:9C:51:93:0B:4B:C4:91:4E Authority key identifier: A3:63:8D:9D:44:4B:7F:C1:DF:B0:EA:FA:63:17:AA:6E:55:29:4B:0D Certificate issuer: /CN=A3638D9D444B7FC1DFB0EAFA6317AA6E55294B0D Certificate serial: 11F4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/o2ONnURLf8HfsOr6YxeqblUpSw0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3219/o2ONnURLf8HfsOr6YxeqblUpSw0.mft Manifest number: 11F4 Signing time: Thu 04 Dec 2025 20:46:30 +0000 Manifest this update: Thu 04 Dec 2025 20:46:30 +0000 Manifest next update: Fri 05 Dec 2025 02:46:30 +0000 Files and hashes: 1: o2ONnURLf8HfsOr6YxeqblUpSw0.crl (hash: PugKni5T/qA/csfXpIzYxFp/BMBZARvD6l8jMnnjHyY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3219/o2ONnURLf8HfsOr6YxeqblUpSw0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3219/o2ONnURLf8HfsOr6YxeqblUpSw0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/o2ONnURLf8HfsOr6YxeqblUpSw0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4596 (0x11f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A3638D9D444B7FC1DFB0EAFA6317AA6E55294B0D Validity Not Before: Dec 4 20:46:30 2025 GMT Not After : Oct 23 09:22:04 2026 GMT Subject: CN=02D070B96A2616092AB8B5D69C51930B4BC4914E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:12:1f:02:61:cc:04:0f:6c:0f:8e:b4:81:ec: 4b:f0:17:51:ab:8a:49:a0:53:f0:43:14:38:4e:af: d1:35:2e:bf:83:7a:ce:56:9b:64:d4:50:68:80:ba: 87:c5:12:2a:5c:cf:12:a5:8e:17:b8:39:c0:a1:02: 22:d2:ad:d2:13:e5:b2:25:c1:c1:d2:cc:72:2a:e9: f4:06:10:e0:b6:d0:be:d6:c8:fa:c3:16:73:49:b0: 9f:f0:76:67:7c:21:a0:02:53:42:ea:91:b7:a9:eb: 65:3d:0a:63:af:a8:ce:60:45:bc:02:6f:5a:4d:21: 33:cc:03:cd:30:c0:57:d4:e9:95:d2:d2:e8:bc:e1: 8f:e3:37:02:2f:91:66:57:71:3a:53:84:77:96:5d: c0:88:8b:c0:f7:1b:dc:a7:52:82:99:91:ad:15:5a: d5:c6:0d:9e:e5:b0:e7:79:a7:2e:95:31:ad:bd:7a: 57:e8:cc:a5:f0:e0:a4:f8:e4:39:9a:61:98:2c:5b: c9:cd:05:01:28:3e:a1:c1:d9:cf:7d:b6:09:5b:1a: 63:5f:8c:c2:e3:df:6f:be:ff:7d:64:86:96:f3:90: 2a:d8:c0:67:a1:08:c7:96:06:f2:66:a5:08:c9:22: 39:c4:2e:2c:cf:3f:7a:7a:79:cf:c0:c8:99:59:18: 82:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:D0:70:B9:6A:26:16:09:2A:B8:B5:D6:9C:51:93:0B:4B:C4:91:4E X509v3 Authority Key Identifier: keyid:A3:63:8D:9D:44:4B:7F:C1:DF:B0:EA:FA:63:17:AA:6E:55:29:4B:0D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3219/o2ONnURLf8HfsOr6YxeqblUpSw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/o2ONnURLf8HfsOr6YxeqblUpSw0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3219/o2ONnURLf8HfsOr6YxeqblUpSw0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:3a:0d:66:95:13:4a:d6:b1:f7:30:35:08:8a:fa:0c:33:26: a7:fe:c6:47:b1:53:a2:59:58:fa:f0:b5:28:60:f5:f3:27:c6: d2:a0:54:57:cd:c1:05:2d:95:92:b4:3a:d4:c6:24:12:d1:2f: 67:0e:05:fa:3d:99:90:58:59:37:fa:fc:95:0e:89:c8:86:b7: 4e:ea:5b:b4:9d:9b:b3:a6:93:af:ed:d9:88:ae:11:2f:f0:bf: 0f:17:72:d3:8d:24:e2:99:37:04:8b:32:d3:29:55:db:6f:9c: 07:07:c6:5f:17:93:b4:6a:2b:ff:19:fb:98:fc:8e:84:53:20: 32:67:42:0a:9c:d3:b7:7c:24:29:2f:ce:3c:ed:e5:01:59:0a: ab:85:3f:46:a4:57:bc:6b:09:88:d2:e4:a0:c4:4f:27:e1:25: 0c:b7:b4:d6:b6:88:ad:f2:b8:92:59:89:ef:fd:33:4a:c1:be: 6c:07:ae:31:6d:11:18:c8:57:fd:57:79:fc:19:dd:c2:be:b5: 1a:54:7b:ff:cb:39:12:8b:41:b7:56:b6:b0:6f:13:f2:31:55: 66:d8:5c:22:0b:c6:18:5b:e3:05:1e:8e:22:fb:e2:67:8d:01: 1a:da:53:81:b7:8f:0f:b7:84:ce:27:34:98:25:00:40:5d:10: 0c:76:50:4a -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICEfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTM2 MzhEOUQ0NDRCN0ZDMURGQjBFQUZBNjMxN0FBNkU1NTI5NEIwRDAeFw0yNTEyMDQy MDQ2MzBaFw0yNjEwMjMwOTIyMDRaMDMxMTAvBgNVBAMTKDAyRDA3MEI5NkEyNjE2 MDkyQUI4QjVENjlDNTE5MzBCNEJDNDkxNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2Eh8CYcwED2wPjrSB7EvwF1GrikmgU/BDFDhOr9E1Lr+Des5W m2TUUGiAuofFEipczxKljhe4OcChAiLSrdIT5bIlwcHSzHIq6fQGEOC20L7WyPrD FnNJsJ/wdmd8IaACU0Lqkbep62U9CmOvqM5gRbwCb1pNITPMA80wwFfU6ZXS0ui8 4Y/jNwIvkWZXcTpThHeWXcCIi8D3G9ynUoKZka0VWtXGDZ7lsOd5py6VMa29elfo zKXw4KT45DmaYZgsW8nNBQEoPqHB2c99tglbGmNfjMLj32++/31khpbzkCrYwGeh CMeWBvJmpQjJIjnELizPP3p6ec/AyJlZGIKhAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUAtBwuWomFgkquLXWnFGTC0vEkU4wHwYDVR0jBBgwFoAUo2ONnURLf8HfsOr6 YxeqblUpSw0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIx OS9vMk9OblVSTGY4SGZzT3I2WXhlcWJsVXBTdzAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL28yT05uVVJMZjhIZnNPcjZZeGVxYmxVcFN3MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMTkvbzJPTm5VUkxmOEhm c09yNll4ZXFibFVwU3cwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHQ6DWaVE0rWsfcwNQiK+gwzJqf+xkexU6JZWPrwtShg9fMnxtKgVFfNwQUt lZK0OtTGJBLRL2cOBfo9mZBYWTf6/JUOiciGt07qW7Sdm7Omk6/t2YiuES/wvw8X ctONJOKZNwSLMtMpVdtvnAcHxl8Xk7RqK/8Z+5j8joRTIDJnQgqc07d8JCkvzjzt 5QFZCquFP0akV7xrCYjS5KDETyfhJQy3tNa2iK3yuJJZie/9M0rBvmwHrjFtERjI V/1XefwZ3cK+tRpUe//LORKLQbdWtrBvE/IxVWbYXCILxhhb4wUejiL74meNARra U4G3jw+3hM4nNJglAEBdEAx2UEo= -----END CERTIFICATE-----Generated at Thu Dec 4 23:36:42 2025 by rpki-client