This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft File: 2GueAukE5bR2WU2yt5eONcp8HW4.mft (raw, json) Hash identifier: twrgfY/70nseykP/EgxB3M0tl3JVkeF8NzTr7XgX2hE= Subject key identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF Authority key identifier: D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E Certificate issuer: /CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Certificate serial: 0677 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft Manifest number: 0677 Signing time: Thu 04 Dec 2025 20:49:59 +0000 Manifest this update: Thu 04 Dec 2025 20:49:59 +0000 Manifest next update: Fri 05 Dec 2025 02:49:59 +0000 Files and hashes: 1: 2GueAukE5bR2WU2yt5eONcp8HW4.crl (hash: CPoAUsI7J6NDqKSeY5IKTvRWHBDW7tDp2Ww6W631Dps=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1655 (0x677) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Validity Not Before: Dec 4 20:49:59 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=6361ACF5C706117405735DA1DBC145841FE7E8CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6d:e1:1e:1c:50:f8:51:6d:8b:dd:6b:57:64: 02:42:4e:11:f9:95:bd:ef:6b:7c:45:0b:94:45:98: 60:af:b4:58:f3:95:57:ec:e9:f3:ef:7f:be:ec:65: 09:bb:56:07:6b:63:d2:22:37:c8:7b:26:fc:6a:56: f2:14:58:79:6d:9a:7b:0a:32:a7:bb:e9:f9:d9:3d: 99:2c:c4:b5:5e:98:3b:8b:0d:42:9e:dd:2b:6e:ed: 1a:25:c8:6b:60:d4:dc:4a:9d:31:54:c8:a4:cf:e5: ba:a0:2c:59:d8:a8:fc:9c:f4:a6:62:61:cf:a1:0e: ab:d6:04:30:a4:6d:a5:68:1e:71:d2:69:1e:59:ec: 2e:28:43:1a:4a:63:af:b8:8d:52:3e:17:4c:30:13: 08:98:a7:0e:83:e9:8f:e5:b7:07:33:d9:d1:e3:93: 43:31:e1:96:6d:00:ba:7d:94:b7:58:48:30:ec:f3: 3b:7c:b1:9a:bf:d9:c3:ea:b2:3f:54:ba:c0:7c:12: 7b:2a:64:6e:fc:6c:17:9c:21:82:4a:1a:84:47:a7: fc:35:c5:77:df:81:e9:32:09:3d:c9:19:fd:9a:a2: 88:f3:b6:19:1b:4e:36:87:59:7f:f3:6a:ab:b4:62: 99:0c:ff:7a:6b:fc:bc:b9:06:81:c7:b1:35:fa:54: eb:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF X509v3 Authority Key Identifier: keyid:D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:50:d2:03:58:6d:60:7d:d4:4d:d3:1c:38:23:41:75:7c:5f: d9:30:fa:b1:b2:f8:bb:87:01:46:36:63:7e:65:fa:8a:c4:bf: 17:76:35:64:c8:0b:3f:79:64:b0:da:4a:1f:14:55:65:80:f6: 1d:43:27:59:f1:85:a7:a3:42:ac:8e:9f:e6:ab:39:05:c0:84: c7:7d:18:4e:9e:7d:d7:d1:54:d8:80:3b:93:6c:b7:56:39:94: b6:6b:3a:1d:0b:82:68:4d:aa:65:1e:b6:e4:3c:bf:53:4e:9f: 5e:ff:d0:cd:56:e7:a7:b8:08:c7:ae:b6:d6:a8:93:51:8d:a6: ea:7b:a9:ae:2f:18:79:9b:a4:aa:bb:21:47:a0:62:5b:54:29: 3c:36:c2:f2:f8:92:e7:5e:9d:81:9b:9f:94:8e:2e:33:46:42: f4:01:f7:d0:6e:ee:21:82:08:8b:bb:98:29:af:a8:67:6e:b8: 11:a3:ca:9a:96:9d:1c:f1:81:3f:6f:fe:7b:79:92:59:e3:ba: fc:53:8a:44:59:11:59:81:f4:d1:ef:48:ee:27:4f:8f:0f:dc: 1c:77:cb:de:df:c2:95:e7:a2:e4:99:5d:aa:e8:54:7e:e6:4d: 1b:48:a6:b5:39:22:24:32:c9:3a:dc:d4:75:ac:fe:c9:3a:f4: 40:2d:93:45 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBncwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDg2 QjlFMDJFOTA0RTVCNDc2NTk0REIyQjc5NzhFMzVDQTdDMUQ2RTAeFw0yNTEyMDQy MDQ5NTlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDYzNjFBQ0Y1QzcwNjEx NzQwNTczNURBMURCQzE0NTg0MUZFN0U4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjbeEeHFD4UW2L3WtXZAJCThH5lb3va3xFC5RFmGCvtFjzlVfs 6fPvf77sZQm7VgdrY9IiN8h7JvxqVvIUWHltmnsKMqe76fnZPZksxLVemDuLDUKe 3Stu7RolyGtg1NxKnTFUyKTP5bqgLFnYqPyc9KZiYc+hDqvWBDCkbaVoHnHSaR5Z 7C4oQxpKY6+4jVI+F0wwEwiYpw6D6Y/ltwcz2dHjk0Mx4ZZtALp9lLdYSDDs8zt8 sZq/2cPqsj9UusB8EnsqZG78bBecIYJKGoRHp/w1xXffgekyCT3JGf2aoojzthkb TjaHWX/zaqu0YpkM/3pr/Ly5BoHHsTX6VOsvAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUY2Gs9ccGEXQFc12h28FFhB/n6M8wHwYDVR0jBBgwFoAU2GueAukE5bR2WU2y t5eONcp8HW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 Ni8yR3VlQXVrRTViUjJXVTJ5dDVlT05jcDhIVzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzJHdWVBdWtFNWJSMldVMnl0NWVPTmNwOEhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDYvMkd1ZUF1a0U1YlIy V1UyeXQ1ZU9OY3A4SFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAG5Q0gNYbWB91E3THDgjQXV8X9kw+rGy+LuHAUY2Y35l+orEvxd2NWTICz95 ZLDaSh8UVWWA9h1DJ1nxhaejQqyOn+arOQXAhMd9GE6efdfRVNiAO5Nst1Y5lLZr Oh0LgmhNqmUetuQ8v1NOn17/0M1W56e4CMeuttaok1GNpup7qa4vGHmbpKq7IUeg YltUKTw2wvL4kudenYGbn5SOLjNGQvQB99Bu7iGCCIu7mCmvqGduuBGjypqWnRzx gT9v/nt5klnjuvxTikRZEVmB9NHvSO4nT48P3Bx3y97fwpXnouSZXaroVH7mTRtI prU5IiQyyTrc1HWs/sk69EAtk0U= -----END CERTIFICATE-----Generated at Thu Dec 4 23:40:37 2025 by rpki-client