This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3403/9aQ8YDK2YzIuOSW-qxAzl0xUB00.mft File: 9aQ8YDK2YzIuOSW-qxAzl0xUB00.mft (raw, json) Hash identifier: u+XO0n0yGgnZXjSs/mo1DF7bx6KJyrqb0FReTjJLrHM= Subject key identifier: D8:8D:07:F8:92:2E:46:56:87:FD:E0:F3:64:33:29:C6:A0:5F:92:91 Authority key identifier: F5:A4:3C:60:32:B6:63:32:2E:39:25:BE:AB:10:33:97:4C:54:07:4D Certificate issuer: /CN=F5A43C6032B663322E3925BEAB1033974C54074D Certificate serial: D3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9aQ8YDK2YzIuOSW-qxAzl0xUB00.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3403/9aQ8YDK2YzIuOSW-qxAzl0xUB00.mft Manifest number: D3 Signing time: Thu 04 Dec 2025 20:48:10 +0000 Manifest this update: Thu 04 Dec 2025 20:48:10 +0000 Manifest next update: Fri 05 Dec 2025 02:48:10 +0000 Files and hashes: 1: 9aQ8YDK2YzIuOSW-qxAzl0xUB00.crl (hash: mbE4goksYDefQWY3eF9JhSq5yGqCShk4awm9C5k+0Vk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3403/9aQ8YDK2YzIuOSW-qxAzl0xUB00.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3403/9aQ8YDK2YzIuOSW-qxAzl0xUB00.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9aQ8YDK2YzIuOSW-qxAzl0xUB00.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 211 (0xd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F5A43C6032B663322E3925BEAB1033974C54074D Validity Not Before: Dec 4 20:48:10 2025 GMT Not After : Oct 23 09:52:02 2026 GMT Subject: CN=D88D07F8922E465687FDE0F3643329C6A05F9291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:7c:ae:82:5a:ba:57:a3:4c:0b:dc:cd:4a:92: 79:4a:69:8d:d0:9b:a6:39:c5:ab:65:f7:3c:a7:34: 73:48:be:5a:2f:04:d2:70:f6:f1:50:00:f9:a5:12: 8e:5d:98:8f:0a:14:5d:75:ec:18:c6:1c:6c:1c:ab: 28:1f:84:94:50:53:6a:de:8c:b7:0a:cc:7d:19:50: e7:b2:29:42:9b:17:e0:8c:95:bf:ab:d8:e6:4b:45: 79:95:ff:85:4f:4e:2c:54:59:b9:64:c7:b9:1d:a2: 00:e4:1a:a1:4d:34:eb:52:53:4e:eb:3a:c3:af:04: be:ef:12:fb:bb:81:dd:ef:01:bd:cd:2d:f5:7e:98: db:7e:1f:e9:32:2e:22:2f:6d:06:fb:48:a4:75:e5: 8b:26:73:c1:b4:c4:bb:b6:9e:0f:e9:b3:9c:16:bd: 9d:3d:d2:dd:4f:83:4b:fa:2e:56:e6:7c:cb:86:73: f1:ff:10:e2:aa:03:29:cc:a8:c3:b6:bf:77:f2:b7: b5:72:f0:5c:df:4e:2e:89:79:1a:cd:b6:4f:d7:fd: d3:8d:60:77:da:cb:c4:93:e7:a0:0b:32:8c:d4:75: a4:ab:a8:8a:8d:9a:05:94:03:0b:c7:ae:18:a0:69: a7:01:3b:52:92:56:c8:38:0d:df:e1:11:22:f6:44: 46:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:8D:07:F8:92:2E:46:56:87:FD:E0:F3:64:33:29:C6:A0:5F:92:91 X509v3 Authority Key Identifier: keyid:F5:A4:3C:60:32:B6:63:32:2E:39:25:BE:AB:10:33:97:4C:54:07:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3403/9aQ8YDK2YzIuOSW-qxAzl0xUB00.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9aQ8YDK2YzIuOSW-qxAzl0xUB00.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3403/9aQ8YDK2YzIuOSW-qxAzl0xUB00.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:cf:48:23:06:f1:d7:fa:0e:1e:f1:91:7f:5d:e4:c5:01:a1: a7:5f:e8:a0:ae:52:1f:b9:bd:6c:b5:e8:f7:56:e9:4e:4e:e2: 70:1f:bc:3f:ef:07:bc:25:c6:1a:7b:8a:e9:cd:02:ac:82:ea: a9:cb:61:ca:fb:ec:b1:9c:66:be:90:e4:49:5e:7b:59:d5:08: 74:5e:d9:ce:7f:a4:be:a0:a2:98:fa:cf:af:39:d0:00:5b:39: a6:5d:ea:a5:43:dd:f6:50:c7:37:5e:44:2f:fc:61:67:af:70: bc:a7:3e:3a:4d:24:f9:f1:6b:55:98:68:84:1b:37:14:2a:ef: 43:9c:5c:d8:20:75:d6:3d:6f:b3:0e:86:e4:f4:28:b6:37:f2: f8:60:66:04:72:a4:65:48:fd:45:c7:95:67:8d:63:24:f0:c4: 63:ed:ef:66:66:2e:73:0e:11:01:64:ff:f6:33:ef:c4:6a:02: c8:cb:1e:40:1d:f3:47:2f:cc:a6:b1:ae:8f:aa:aa:a3:94:4a: 51:92:63:a4:d5:77:4d:ff:ac:70:07:dd:3f:e9:f2:f2:fb:30: 91:0e:5c:ee:07:04:06:a4:26:7d:2d:09:95:41:ca:66:93:0a: 36:6b:18:7c:74:90:8d:0e:2e:0a:90:99:4a:7c:22:68:fc:fe: 58:3c:84:da -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICANMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjVB NDNDNjAzMkI2NjMzMjJFMzkyNUJFQUIxMDMzOTc0QzU0MDc0RDAeFw0yNTEyMDQy MDQ4MTBaFw0yNjEwMjMwOTUyMDJaMDMxMTAvBgNVBAMTKEQ4OEQwN0Y4OTIyRTQ2 NTY4N0ZERTBGMzY0MzMyOUM2QTA1RjkyOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMfK6CWrpXo0wL3M1KknlKaY3Qm6Y5xatl9zynNHNIvlovBNJw 9vFQAPmlEo5dmI8KFF117BjGHGwcqygfhJRQU2rejLcKzH0ZUOeyKUKbF+CMlb+r 2OZLRXmV/4VPTixUWblkx7kdogDkGqFNNOtSU07rOsOvBL7vEvu7gd3vAb3NLfV+ mNt+H+kyLiIvbQb7SKR15Ysmc8G0xLu2ng/ps5wWvZ090t1Pg0v6LlbmfMuGc/H/ EOKqAynMqMO2v3fyt7Vy8FzfTi6JeRrNtk/X/dONYHfay8ST56ALMozUdaSrqIqN mgWUAwvHrhigaacBO1KSVsg4Dd/hESL2REYFAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2I0H+JIuRlaH/eDzZDMpxqBfkpEwHwYDVR0jBBgwFoAU9aQ8YDK2YzIuOSW+ qxAzl0xUB00wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQw My85YVE4WURLMll6SXVPU1ctcXhBemwweFVCMDAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzlhUThZREsyWXpJdU9TVy1xeEF6bDB4VUIwMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0MDMvOWFROFlESzJZekl1 T1NXLXF4QXpsMHhVQjAwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJnPSCMG8df6Dh7xkX9d5MUBoadf6KCuUh+5vWy16PdW6U5O4nAfvD/vB7wl xhp7iunNAqyC6qnLYcr77LGcZr6Q5Elee1nVCHRe2c5/pL6gopj6z6850ABbOaZd 6qVD3fZQxzdeRC/8YWevcLynPjpNJPnxa1WYaIQbNxQq70OcXNggddY9b7MOhuT0 KLY38vhgZgRypGVI/UXHlWeNYyTwxGPt72ZmLnMOEQFk//Yz78RqAsjLHkAd80cv zKaxro+qqqOUSlGSY6TVd03/rHAH3T/p8vL7MJEOXO4HBAakJn0tCZVBymaTCjZr GHx0kI0OLgqQmUp8Imj8/lg8hNo= -----END CERTIFICATE-----Generated at Thu Dec 4 23:36:41 2025 by rpki-client