This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft File: Al4teU5v-uKVus5JEQDj0YuccUE.mft (raw, json) Hash identifier: E5yb1UnIXVQUcVnqKUQ/PU3WxzV+ZLm9KqUHPtc2C90= Subject key identifier: 68:95:0B:9B:9B:3C:EB:1D:C5:A5:7A:20:50:6D:0C:00:C8:05:DE:63 Authority key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 Certificate issuer: /CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Certificate serial: 20C8 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft Manifest number: 20C2 Signing time: Fri 12 Dec 2025 22:43:09 +0000 Manifest this update: Fri 12 Dec 2025 22:43:09 +0000 Manifest next update: Sat 13 Dec 2025 04:43:09 +0000 Files and hashes: 1: 4Wx_svRAw5H2T8nYrdffgPTi7-U.roa (hash: UIMu2LEYkC7Rk/oSXerGy8RKnqRM1o29210BnaEM4sg=) 2: Al4teU5v-uKVus5JEQDj0YuccUE.crl (hash: htI1Gqv6YUH/WwobA94+SexGpHTRF7MXUBSRS0sYWgA=) Validation: Failed, CRL has expired Certificate: Data: Version: 3 (0x2) Serial Number: 8392 (0x20c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Validity Not Before: Dec 12 22:43:09 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=68950B9B9B3CEB1DC5A57A20506D0C00C805DE63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f8:52:ea:be:09:16:4c:60:da:89:fc:09:a2: ee:ac:81:ee:8c:e7:9d:62:13:ff:7b:b5:18:3f:b1: 04:6d:56:47:1f:98:4a:4f:b1:51:93:c2:c6:9b:53: b0:d2:05:fa:f9:21:8b:e5:09:9e:0a:cf:f1:ed:a8: b2:23:09:60:24:fe:55:be:e7:50:f6:51:17:92:21: 02:ae:64:78:45:9c:fc:cc:82:38:bd:eb:ff:01:6e: 5f:fd:d6:23:08:1f:11:45:65:26:fc:5c:00:cd:32: ce:77:12:98:5d:06:f0:d2:de:12:17:6f:9f:1f:e2: 6c:de:38:7b:08:38:d2:21:4b:98:54:ad:63:bf:50: 49:2e:e0:67:cf:c2:fb:8c:10:86:f6:6a:21:7e:9f: 1c:51:0f:ae:31:db:c6:17:6b:a4:9d:71:49:d1:3f: af:29:0d:8a:58:87:88:31:b4:05:1d:ec:0b:d5:76: 85:e3:cb:11:0e:d6:6f:1e:a0:81:3c:a3:ba:ee:b8: 0b:80:35:cb:9e:d1:ae:aa:3d:04:ec:32:18:d6:0f: f7:04:45:e9:da:ce:d5:ca:27:16:86:b3:9f:ca:dc: 26:36:63:9c:0e:9f:a1:cc:a1:e6:91:56:ec:2d:1d: c5:11:c9:9e:9d:3a:07:be:f3:68:98:61:f7:19:2a: ff:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:95:0B:9B:9B:3C:EB:1D:C5:A5:7A:20:50:6D:0C:00:C8:05:DE:63 X509v3 Authority Key Identifier: keyid:02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:26:28:f2:ee:7c:d0:cb:d1:ac:06:34:4d:c9:08:b8:f8:b5: a2:fc:79:e1:44:1a:32:de:77:6a:3d:a5:b7:26:f4:5d:3e:01: 50:cc:92:9a:72:f2:61:c7:35:db:ac:bf:38:0d:8d:3a:26:a6: 1d:04:04:79:42:3b:ff:93:c2:2e:ac:65:d2:0b:5b:b0:b9:81: 76:01:fc:73:33:fc:77:6c:ee:68:cd:5a:71:66:df:01:74:53: 6d:94:ec:d9:74:b2:a1:04:68:be:93:aa:30:4b:d4:3a:27:88: 61:6f:6d:f5:0a:4d:12:16:a5:b8:f0:89:54:cf:85:15:6f:9e: ca:09:6c:f3:01:25:76:63:c9:46:53:9a:64:61:4e:42:da:19: 46:86:63:8e:ca:2a:36:d8:97:df:97:33:b7:59:5c:95:8c:d0: 3a:ab:9c:49:bb:99:95:0a:2e:38:47:43:67:4e:e4:c2:44:dd: b0:ac:54:62:97:9e:ae:95:e8:50:81:61:d1:25:3d:5a:76:12: 4f:52:b4:13:b3:70:a4:40:4f:dc:bf:76:d3:6b:e7:f3:cf:1f: 7a:f7:3a:e8:9c:12:89:b3:6b:8c:84:43:99:51:c7:69:c7:a2: 5c:b1:49:94:fb:34:d6:dc:59:87:1c:83:4b:41:40:91:96:d4: 01:55:42:50 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICIMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDI1 RTJENzk0RTZGRkFFMjk1QkFDRTQ5MTEwMEUzRDE4QjlDNzE0MTAeFw0yNTEyMTIy MjQzMDlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDY4OTUwQjlCOUIzQ0VC MURDNUE1N0EyMDUwNkQwQzAwQzgwNURFNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4+FLqvgkWTGDaifwJou6sge6M551iE/97tRg/sQRtVkcfmEpP sVGTwsabU7DSBfr5IYvlCZ4Kz/HtqLIjCWAk/lW+51D2UReSIQKuZHhFnPzMgji9 6/8Bbl/91iMIHxFFZSb8XADNMs53EphdBvDS3hIXb58f4mzeOHsIONIhS5hUrWO/ UEku4GfPwvuMEIb2aiF+nxxRD64x28YXa6SdcUnRP68pDYpYh4gxtAUd7AvVdoXj yxEO1m8eoIE8o7ruuAuANcue0a6qPQTsMhjWD/cERenaztXKJxaGs5/K3CY2Y5wO n6HMoeaRVuwtHcURyZ6dOge+82iYYfcZKv+TAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUaJULm5s86x3FpXogUG0MAMgF3mMwHwYDVR0jBBgwFoAUAl4teU5v+uKVus5J EQDj0YuccUEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5 L0FsNHRlVTV2LXVLVnVzNUpFUURqMFl1Y2NVRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5L0FsNHRlVTV2LXVLVnVz NUpFUURqMFl1Y2NVRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCkJijy7nzQy9GsBjRNyQi4+LWi/HnhRBoy3ndqPaW3JvRdPgFQzJKacvJhxzXb rL84DY06JqYdBAR5Qjv/k8IurGXSC1uwuYF2AfxzM/x3bO5ozVpxZt8BdFNtlOzZ dLKhBGi+k6owS9Q6J4hhb231Ck0SFqW48IlUz4UVb57KCWzzASV2Y8lGU5pkYU5C 2hlGhmOOyio22JfflzO3WVyVjNA6q5xJu5mVCi44R0NnTuTCRN2wrFRil56ulehQ gWHRJT1adhJPUrQTs3CkQE/cv3bTa+fzzx969zronBKJs2uMhEOZUcdpx6JcsUmU +zTW3FmHHINLQUCRltQBVUJQ -----END CERTIFICATE-----Generated at Sat Dec 13 05:05:18 2025 by rpki-client