This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft File: Um3mirHCXqVTIWuhLuNonNVrlkU.mft (raw, json) Hash identifier: K1aS58vAdDY62kkv8/Jtw5o1P6zqxzTPiYhyht+pENU= Subject key identifier: 7C:42:1E:2B:98:95:EB:7D:14:57:6D:3B:48:EC:0F:A2:E3:BA:01:C9 Authority key identifier: 52:6D:E6:8A:B1:C2:5E:A5:53:21:6B:A1:2E:E3:68:9C:D5:6B:96:45 Certificate issuer: /CN=526DE68AB1C25EA553216BA12EE3689CD56B9645 Certificate serial: 0AB7 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft Manifest number: 0AB7 Signing time: Thu 04 Dec 2025 20:47:54 +0000 Manifest this update: Thu 04 Dec 2025 20:47:54 +0000 Manifest next update: Fri 05 Dec 2025 02:47:54 +0000 Files and hashes: 1: Um3mirHCXqVTIWuhLuNonNVrlkU.crl (hash: VtZBRHRBuZJg3QgblZwWvG3pOO5sf2rHLzo4EaLIgZ8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2743 (0xab7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=526DE68AB1C25EA553216BA12EE3689CD56B9645 Validity Not Before: Dec 4 20:47:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=7C421E2B9895EB7D14576D3B48EC0FA2E3BA01C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:85:48:fa:6f:7f:9c:68:9e:ca:02:0a:ce:7e: 95:59:ba:0a:78:73:7e:a0:23:91:0e:2d:74:82:1b: 57:27:cc:a6:8a:8f:ac:fa:a0:f2:15:9c:5f:5b:8c: cf:cb:4e:ac:90:39:ad:b2:bd:41:9d:de:08:a6:34: bf:36:b4:1e:cc:9a:af:9e:81:a8:ae:29:e8:03:14: d8:e9:04:5b:50:a8:a7:db:b5:b2:63:80:d6:5f:f0: 95:90:2f:8b:e2:eb:ee:8b:32:1f:d0:9c:cd:d6:93: 12:04:6f:a5:82:bd:15:aa:a9:b0:a7:8f:fb:f9:50: 0b:0a:e6:74:93:a3:6e:d6:8a:a6:09:69:d1:74:5d: 79:40:a7:1b:1b:e9:32:c5:46:60:c2:29:ca:7a:8f: a2:f3:48:a9:41:78:af:91:80:ab:9e:f0:c5:e4:8f: 6d:d5:4f:55:03:27:11:d2:05:3b:78:be:31:3b:a7: 9a:ba:0b:38:f8:f9:e5:51:e8:1e:f4:1a:3d:90:17: 36:0e:2b:0c:42:e3:9e:39:d3:9c:c0:04:54:07:8e: 86:d3:d2:da:db:24:1c:6f:52:e2:34:89:3b:e7:1e: 4c:93:76:27:ed:f0:a4:20:fd:a9:24:7c:f4:71:ec: a0:31:c9:dc:af:5c:a5:fd:aa:f6:e8:0b:36:df:0d: 97:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:42:1E:2B:98:95:EB:7D:14:57:6D:3B:48:EC:0F:A2:E3:BA:01:C9 X509v3 Authority Key Identifier: keyid:52:6D:E6:8A:B1:C2:5E:A5:53:21:6B:A1:2E:E3:68:9C:D5:6B:96:45 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:c8:2c:ce:b6:2a:4c:ec:55:54:d3:8c:c3:b0:bd:67:19:4e: e8:e5:ae:87:33:97:f7:6a:7c:81:bc:b5:df:dc:0e:65:de:b3: 14:e3:cb:42:92:6e:1d:d4:79:6a:8f:ca:9d:41:4c:51:d6:4c: 3d:41:a8:2c:81:4a:76:3c:0d:38:6a:66:cb:fd:d9:d7:82:11: 88:2d:78:08:c0:31:64:f5:cf:fb:25:33:6e:77:c3:6d:73:14: cb:20:08:61:55:e2:ae:3e:ea:6e:c0:a6:72:58:aa:7a:79:a9: e9:c7:6a:fd:12:96:94:c5:55:63:dc:3a:30:e9:9b:6f:31:2f: 15:7c:3d:3e:1a:01:36:49:da:b1:b6:94:28:5b:59:78:b1:83: e1:ed:79:9a:0e:05:66:ce:5b:2a:01:ad:e4:df:cb:29:45:b0: 29:8e:52:a1:0f:1c:c7:7b:9f:07:d5:be:20:33:5b:e1:7f:6d: 1c:17:1c:62:f9:6d:a3:8d:a4:0b:59:43:d1:9f:e4:b6:c6:67: f0:f2:15:cf:97:63:27:bb:05:ec:fc:4e:ba:b7:ae:7a:1c:23: 7e:1e:e9:fd:fc:cc:35:e0:ee:36:da:21:7d:30:03:eb:13:94: b9:33:81:bb:ae:32:e6:24:7e:80:cb:28:b9:3b:15:70:30:cf: d9:36:cf:ab -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTI2 REU2OEFCMUMyNUVBNTUzMjE2QkExMkVFMzY4OUNENTZCOTY0NTAeFw0yNTEyMDQy MDQ3NTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDdDNDIxRTJCOTg5NUVC N0QxNDU3NkQzQjQ4RUMwRkEyRTNCQTAxQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHhUj6b3+caJ7KAgrOfpVZugp4c36gI5EOLXSCG1cnzKaKj6z6 oPIVnF9bjM/LTqyQOa2yvUGd3gimNL82tB7Mmq+egaiuKegDFNjpBFtQqKfbtbJj gNZf8JWQL4vi6+6LMh/QnM3WkxIEb6WCvRWqqbCnj/v5UAsK5nSTo27WiqYJadF0 XXlApxsb6TLFRmDCKcp6j6LzSKlBeK+RgKue8MXkj23VT1UDJxHSBTt4vjE7p5q6 Czj4+eVR6B70Gj2QFzYOKwxC454505zABFQHjobT0trbJBxvUuI0iTvnHkyTdift 8KQg/akkfPRx7KAxydyvXKX9qvboCzbfDZejAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUfEIeK5iV630UV207SOwPouO6AckwHwYDVR0jBBgwFoAUUm3mirHCXqVTIWuh LuNonNVrlkUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Ni9VbTNtaXJIQ1hxVlRJV3VoTHVOb25OVnJsa1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VtM21pckhDWHFWVElXdWhMdU5vbk5WcmxrVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODYvVW0zbWlySENYcVZU SVd1aEx1Tm9uTlZybGtVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFPILM62KkzsVVTTjMOwvWcZTujlroczl/dqfIG8td/cDmXesxTjy0KSbh3U eWqPyp1BTFHWTD1BqCyBSnY8DThqZsv92deCEYgteAjAMWT1z/slM253w21zFMsg CGFV4q4+6m7ApnJYqnp5qenHav0SlpTFVWPcOjDpm28xLxV8PT4aATZJ2rG2lChb WXixg+HteZoOBWbOWyoBreTfyylFsCmOUqEPHMd7nwfVviAzW+F/bRwXHGL5baON pAtZQ9Gf5LbGZ/DyFc+XYye7Bez8Trq3rnocI34e6f38zDXg7jbaIX0wA+sTlLkz gbuuMuYkfoDLKLk7FXAwz9k2z6s= -----END CERTIFICATE-----Generated at Thu Dec 4 23:41:58 2025 by rpki-client