This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3370/APoIYl4faqqWhep7FdLGrPL4yPU.mft File: APoIYl4faqqWhep7FdLGrPL4yPU.mft (raw, json) Hash identifier: WS3A9THw1uvHwyr0LrezZFgHYrKrhVLzMB52UkHRlxY= Subject key identifier: 03:33:F4:8C:E0:37:25:15:4F:BE:33:3A:B8:1E:58:0B:44:F7:80:AE Authority key identifier: 00:FA:08:62:5E:1F:6A:AA:96:85:EA:7B:15:D2:C6:AC:F2:F8:C8:F5 Certificate issuer: /CN=00FA08625E1F6AAA9685EA7B15D2C6ACF2F8C8F5 Certificate serial: 0446 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/APoIYl4faqqWhep7FdLGrPL4yPU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3370/APoIYl4faqqWhep7FdLGrPL4yPU.mft Manifest number: 0446 Signing time: Thu 04 Dec 2025 19:16:15 +0000 Manifest this update: Thu 04 Dec 2025 19:16:15 +0000 Manifest next update: Fri 05 Dec 2025 01:16:15 +0000 Files and hashes: 1: APoIYl4faqqWhep7FdLGrPL4yPU.crl (hash: c+tJdKtJHjGEpHL6iau1YHPWiZ87Jd+6leHy4FOSKKg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3370/APoIYl4faqqWhep7FdLGrPL4yPU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3370/APoIYl4faqqWhep7FdLGrPL4yPU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/APoIYl4faqqWhep7FdLGrPL4yPU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:16:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1094 (0x446) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00FA08625E1F6AAA9685EA7B15D2C6ACF2F8C8F5 Validity Not Before: Dec 4 19:16:15 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=0333F48CE03725154FBE333AB81E580B44F780AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:da:00:ce:f2:6e:fd:c3:b6:34:dc:37:20:59: fc:19:d4:8d:2d:c7:aa:16:76:8b:91:d8:32:6a:a5: 05:a3:35:be:81:5c:f8:6d:f6:45:af:39:a2:c2:95: 8a:c9:58:29:28:96:e9:25:a6:fe:bf:e7:7b:98:c5: 28:91:52:c9:9e:dd:60:69:49:41:4f:a4:a5:f4:51: a4:f4:e6:ab:3c:11:8e:51:bb:5d:e7:06:fb:6e:fa: 2c:fa:b5:96:11:73:c9:de:64:00:e2:e5:2a:13:d5: 01:ba:0c:02:71:64:b1:c0:33:d5:f9:79:61:b9:3b: c7:cc:41:f4:26:48:6d:99:8a:91:0b:5e:18:7a:18: 26:ed:e1:3c:55:c0:46:2b:63:82:11:ae:c3:a2:45: 5b:92:b0:92:3f:ef:9f:5e:79:e1:3b:76:6a:99:49: 4c:38:f5:7e:a9:8f:59:1a:74:a0:76:d0:70:f5:bb: ee:c6:e7:e8:cc:25:1a:d1:89:4b:53:b9:98:4c:73: dc:4e:d1:c3:6e:0a:16:6f:a7:ae:ec:09:78:75:9a: 3b:c5:d4:89:1e:ef:7f:67:3f:74:26:19:4c:e7:e9: de:05:2a:ea:f1:b7:64:8e:ac:2d:24:f9:6e:4c:5d: a4:05:b5:a3:c3:70:a9:04:f1:89:9e:f1:63:a7:34: 08:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:33:F4:8C:E0:37:25:15:4F:BE:33:3A:B8:1E:58:0B:44:F7:80:AE X509v3 Authority Key Identifier: keyid:00:FA:08:62:5E:1F:6A:AA:96:85:EA:7B:15:D2:C6:AC:F2:F8:C8:F5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3370/APoIYl4faqqWhep7FdLGrPL4yPU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/APoIYl4faqqWhep7FdLGrPL4yPU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3370/APoIYl4faqqWhep7FdLGrPL4yPU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:6d:fc:89:9b:2a:0f:37:a0:de:3e:d8:b4:34:dd:6e:c5:7d: 99:3a:e1:09:6d:12:13:31:62:b1:8a:bc:37:44:4e:76:4d:2f: 51:43:bf:53:28:da:9e:0f:d6:f2:19:14:99:2f:29:ab:f7:22: 16:b2:b9:e7:b1:19:4a:98:70:42:3c:db:c5:43:b8:70:9e:30: 7d:67:8f:cc:b4:d3:d2:25:cd:2e:44:90:67:3e:c7:cf:db:2a: dc:7e:f6:d1:ce:f5:e4:b4:b0:a6:87:5a:d0:a8:8b:b3:5e:76: 09:22:6c:71:15:21:12:3f:b1:4b:cf:da:6c:84:60:88:40:f1: 08:05:41:d0:e8:31:26:a1:4b:be:fe:c8:dd:04:09:d8:26:17: a8:96:b6:c0:ec:0d:e5:fe:b7:f8:da:72:31:80:80:1a:d8:25: 1d:a0:bb:e0:99:43:b9:f6:e6:18:c3:f1:49:1f:83:88:d5:55: 71:f3:57:16:82:e5:97:e2:e8:55:d9:ef:b8:41:85:5d:83:53: 60:b9:51:66:40:44:4d:b3:2a:86:5a:9f:e1:22:de:f6:14:1f: 44:2b:2b:ce:ff:7a:f2:21:bb:c0:73:c3:fe:31:f3:88:53:8c: c3:9c:45:dd:3a:2f:b7:d0:cd:63:61:51:04:1a:8c:ea:32:58: e7:7a:6f:44 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBEYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDBG QTA4NjI1RTFGNkFBQTk2ODVFQTdCMTVEMkM2QUNGMkY4QzhGNTAeFw0yNTEyMDQx OTE2MTVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDAzMzNGNDhDRTAzNzI1 MTU0RkJFMzMzQUI4MUU1ODBCNDRGNzgwQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCj2gDO8m79w7Y03DcgWfwZ1I0tx6oWdouR2DJqpQWjNb6BXPht 9kWvOaLClYrJWCkoluklpv6/53uYxSiRUsme3WBpSUFPpKX0UaT05qs8EY5Ru13n Bvtu+iz6tZYRc8neZADi5SoT1QG6DAJxZLHAM9X5eWG5O8fMQfQmSG2ZipELXhh6 GCbt4TxVwEYrY4IRrsOiRVuSsJI/759eeeE7dmqZSUw49X6pj1kadKB20HD1u+7G 5+jMJRrRiUtTuZhMc9xO0cNuChZvp67sCXh1mjvF1Ike739nP3QmGUzn6d4FKurx t2SOrC0k+W5MXaQFtaPDcKkE8Yme8WOnNAhTAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUAzP0jOA3JRVPvjM6uB5YC0T3gK4wHwYDVR0jBBgwFoAUAPoIYl4faqqWhep7 FdLGrPL4yPUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM3 MC9BUG9JWWw0ZmFxcVdoZXA3RmRMR3JQTDR5UFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FQb0lZbDRmYXFxV2hlcDdGZExHclBMNHlQVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNzAvQVBvSVlsNGZhcXFX aGVwN0ZkTEdyUEw0eVBVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAA9t/ImbKg83oN4+2LQ03W7FfZk64QltEhMxYrGKvDdETnZNL1FDv1Mo2p4P 1vIZFJkvKav3IhayueexGUqYcEI828VDuHCeMH1nj8y009IlzS5EkGc+x8/bKtx+ 9tHO9eS0sKaHWtCoi7NedgkibHEVIRI/sUvP2myEYIhA8QgFQdDoMSahS77+yN0E CdgmF6iWtsDsDeX+t/jacjGAgBrYJR2gu+CZQ7n25hjD8Ukfg4jVVXHzVxaC5Zfi 6FXZ77hBhV2DU2C5UWZARE2zKoZan+Ei3vYUH0QrK87/evIhu8Bzw/4x84hTjMOc Rd06L7fQzWNhUQQajOoyWOd6b0Q= -----END CERTIFICATE-----Generated at Thu Dec 4 23:40:33 2025 by rpki-client