This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft File: kOpMYj8LihBi2qgOqaj0R49Z3oU.mft (raw, json) Hash identifier: NxHFWr2NnjD5u5LySjasxcWTiCZMpCZjdfOh1SBGncs= Subject key identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 Authority key identifier: 90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 Certificate issuer: /CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Certificate serial: 0BC1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft Manifest number: 0BC1 Signing time: Thu 04 Dec 2025 20:50:20 +0000 Manifest this update: Thu 04 Dec 2025 20:50:20 +0000 Manifest next update: Fri 05 Dec 2025 02:50:20 +0000 Files and hashes: 1: kOpMYj8LihBi2qgOqaj0R49Z3oU.crl (hash: 9nQilYdrHmk7ngEXhKpUvOnSaL3DtR8tkFtr9TK+iPc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3009 (0xbc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Validity Not Before: Dec 4 20:50:20 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=143EEEFE1208DBB67DA953F5542B951CDF560FF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:21:e8:f9:51:72:bd:f8:a3:49:d8:ab:7e:aa: a3:cc:28:a1:fb:5b:74:e3:a0:5f:7b:99:a5:f9:26: e8:12:6d:46:15:bc:ca:55:de:ff:37:96:fa:17:70: 9d:8f:52:40:b7:7c:97:d9:d6:e1:87:3e:3a:c1:fd: 21:66:93:03:c3:4e:0c:85:c6:28:8b:0d:e4:2e:71: f4:12:85:5c:63:2f:8c:28:d7:66:ad:e0:d5:48:fb: f2:c5:5c:67:42:f7:f8:30:33:74:99:56:39:80:a0: ed:66:5b:7c:88:85:fa:59:05:b1:21:67:0a:b6:1e: cc:2a:cd:79:f5:61:48:18:95:dd:61:50:ce:e6:d5: d8:87:91:08:36:9e:f3:9a:e7:a2:be:53:06:8e:45: 04:93:bb:04:07:75:58:39:7d:0a:ce:fd:52:42:c9: e6:66:19:ad:15:cb:11:ae:35:a6:de:87:44:48:82: e0:31:06:b7:98:b9:6b:e1:22:7b:07:82:22:96:41: ae:af:51:d0:51:c3:c9:02:79:e8:0d:0a:cd:98:ef: 66:fc:fd:a2:86:c0:a3:0b:35:84:4b:6b:7d:57:93: 14:bd:94:2b:a0:4b:48:0b:58:a2:1a:6e:f3:b4:e2: c0:97:59:25:20:02:bd:ed:c6:8c:b4:fa:63:53:03: 97:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 X509v3 Authority Key Identifier: keyid:90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:46:af:20:0a:9e:e9:17:5b:c5:56:66:e2:c4:92:9f:b8:ee: 7e:56:70:3c:3c:96:07:a8:89:96:03:85:d2:1f:fc:3f:b6:d3: 71:cb:c6:69:ff:cc:12:0f:9a:6c:41:44:0d:2f:5d:26:25:36: 34:f8:74:45:3d:31:d7:c2:75:48:2f:bc:52:2b:c2:09:a0:4b: fa:71:fa:6e:79:88:71:9c:b5:02:08:c5:02:33:1e:a5:a4:ce: d4:88:15:5a:3d:4a:6e:cd:9b:ef:4d:24:75:5c:0a:9f:db:73: a0:d0:5d:7f:95:3d:74:48:a5:0a:b7:ec:9e:08:81:79:9c:2a: 85:51:1d:2f:0c:f2:28:1e:53:cf:41:28:73:01:20:5a:46:a7: 22:84:04:69:89:c1:df:4b:ea:3f:39:5a:60:e5:04:bf:c5:17: 45:bb:3a:1f:45:2e:6b:43:81:07:2a:fb:66:45:72:0f:e2:a8: d6:c1:53:c3:29:0f:d3:c3:ec:12:a6:6d:65:15:ac:b9:06:60: c7:e6:96:ba:50:18:7e:95:29:4f:a3:dd:9b:fb:8b:87:de:ea: 47:0b:15:17:65:ba:09:dd:9e:1c:80:47:8f:8f:1b:95:42:d5: e6:6b:50:c7:e2:1f:4c:9f:f4:1f:d7:74:36:1c:26:ae:ac:b6: d1:96:4e:f5 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBF QTRDNjIzRjBCOEExMDYyREFBODBFQTlBOEY0NDc4RjU5REU4NTAeFw0yNTEyMDQy MDUwMjBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE0M0VFRUZFMTIwOERC QjY3REE5NTNGNTU0MkI5NTFDREY1NjBGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDIej5UXK9+KNJ2Kt+qqPMKKH7W3TjoF97maX5JugSbUYVvMpV 3v83lvoXcJ2PUkC3fJfZ1uGHPjrB/SFmkwPDTgyFxiiLDeQucfQShVxjL4wo12at 4NVI+/LFXGdC9/gwM3SZVjmAoO1mW3yIhfpZBbEhZwq2HswqzXn1YUgYld1hUM7m 1diHkQg2nvOa56K+UwaORQSTuwQHdVg5fQrO/VJCyeZmGa0VyxGuNabeh0RIguAx BreYuWvhInsHgiKWQa6vUdBRw8kCeegNCs2Y72b8/aKGwKMLNYRLa31XkxS9lCug S0gLWKIabvO04sCXWSUgAr3txoy0+mNTA5djAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUFD7u/hII27Z9qVP1VCuVHN9WD/AwHwYDVR0jBBgwFoAUkOpMYj8LihBi2qgO qaj0R49Z3oUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 NS9rT3BNWWo4TGloQmkycWdPcWFqMFI0OVozb1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tPcE1ZajhMaWhCaTJxZ09xYWowUjQ5WjNvVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzUva09wTVlqOExpaEJp MnFnT3FhajBSNDlaM29VLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAFGryAKnukXW8VWZuLEkp+47n5WcDw8lgeoiZYDhdIf/D+203HLxmn/zBIP mmxBRA0vXSYlNjT4dEU9MdfCdUgvvFIrwgmgS/px+m55iHGctQIIxQIzHqWkztSI FVo9Sm7Nm+9NJHVcCp/bc6DQXX+VPXRIpQq37J4IgXmcKoVRHS8M8igeU89BKHMB IFpGpyKEBGmJwd9L6j85WmDlBL/FF0W7Oh9FLmtDgQcq+2ZFcg/iqNbBU8MpD9PD 7BKmbWUVrLkGYMfmlrpQGH6VKU+j3Zv7i4fe6kcLFRdlugndnhyAR4+PG5VC1eZr UMfiH0yf9B/XdDYcJq6sttGWTvU= -----END CERTIFICATE-----Generated at Thu Dec 4 23:42:02 2025 by rpki-client