This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft File: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft (raw, json) Hash identifier: CAWVWrF6GQN+zAPI1hN+zs3mVsAS4V6YqBTwo5K53YI= Subject key identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 Authority key identifier: 0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 Certificate issuer: /CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Certificate serial: 204E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft Manifest number: 204E Signing time: Tue 23 Dec 2025 13:11:19 +0000 Manifest this update: Tue 23 Dec 2025 13:11:19 +0000 Manifest next update: Tue 23 Dec 2025 19:11:19 +0000 Files and hashes: 1: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl (hash: vY1X/WsWcL+ZRnvyfBjKEfAK+LxEHRNFCvZGSwE4qaM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Dec 2025 18:39:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8270 (0x204e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Validity Not Before: Dec 23 13:11:19 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=5C648233F6748FCBACF142D46BE96E4F03962A68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fe:be:28:bc:e8:92:51:ab:b2:1b:df:f9:86: 30:13:3c:b6:06:e1:aa:a8:65:99:2d:88:d4:d5:a3: 2c:7b:4d:1d:c6:03:6e:7b:0a:f9:be:24:d6:f4:e1: 6e:b9:73:f2:b9:37:30:dd:bc:a8:a5:ab:65:f0:72: ce:42:40:b2:e4:57:09:70:ba:f6:02:ea:c4:5b:d3: 78:b0:f9:45:c2:43:eb:e5:6f:6f:ac:b9:71:a8:5f: 86:fb:bc:5a:40:fc:e7:34:21:96:7f:e9:53:a3:49: 69:21:42:4d:0e:f2:ec:b0:48:6c:4f:93:67:97:fc: 45:86:cd:e4:3b:13:a9:a7:46:9a:32:8c:44:3f:84: 21:18:21:86:30:e6:71:31:cc:47:0d:d7:8b:7c:a8: 9e:7d:70:74:56:4b:6c:92:9d:51:24:b9:7f:61:7f: 28:b6:69:8b:fe:29:be:33:2f:2a:87:b1:e5:76:a7: 8f:a3:72:7f:6d:e1:bf:8d:71:1b:dd:91:73:92:16: 3b:17:a6:7c:eb:47:39:aa:2b:65:0f:d0:94:82:33: 90:37:f4:32:d0:8c:72:86:17:12:4b:74:82:9b:32: 07:93:12:3b:c7:c5:84:c2:2f:71:47:aa:af:cc:4d: 17:7d:17:2f:12:e8:cb:84:ed:de:fd:d4:e1:03:45: 7b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 X509v3 Authority Key Identifier: keyid:0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:62:01:78:61:0e:31:8d:55:fd:ed:d1:b4:b1:f1:95:98:f5: 6d:6c:80:e7:56:74:df:eb:00:5d:8e:dd:45:54:13:04:eb:66: dc:be:20:e1:cc:96:db:04:54:8b:c3:c4:cd:63:5e:54:79:ee: 5d:0b:eb:66:67:c0:28:fe:48:c0:12:be:e4:d0:09:9d:73:19: 75:e0:89:ea:aa:81:f6:95:12:34:af:c8:c9:ce:4e:03:78:cf: 19:82:9e:91:e5:78:90:bf:17:f2:45:10:87:95:a8:75:c7:96: 9f:a6:ce:9b:1c:d7:dd:52:59:b9:3a:8d:21:6a:92:89:53:a8: e9:e3:e2:82:50:be:03:72:f1:a4:a7:cf:85:4a:1c:fb:a0:fb: 16:57:53:f4:0c:6a:90:86:42:de:43:d8:35:3f:80:02:d9:a9: 38:f5:6e:eb:d4:4c:27:b9:d2:bc:98:70:a1:3c:9a:ad:84:6c: 04:df:3b:2a:c3:97:da:7e:7d:ca:ac:45:5d:cb:14:c1:cb:90: 06:b4:02:7f:59:f6:80:20:87:94:52:0f:21:25:b8:ae:98:68: fe:05:d8:c4:47:88:e1:7e:42:c5:eb:66:09:3f:0b:b9:87:8d: 72:22:5e:c0:6f:84:87:55:47:16:c2:9e:cb:01:e5:5c:5b:53: 8e:72:b7:fc -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICIE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ0 QTNCNjIxNDA3OENBNDhFNjZGM0I4QzU0RjFDNUZEQkM5REU3NDAeFw0yNTEyMjMx MzExMTlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDVDNjQ4MjMzRjY3NDhG Q0JBQ0YxNDJENDZCRTk2RTRGMDM5NjJBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe/r4ovOiSUauyG9/5hjATPLYG4aqoZZktiNTVoyx7TR3GA257 Cvm+JNb04W65c/K5NzDdvKilq2Xwcs5CQLLkVwlwuvYC6sRb03iw+UXCQ+vlb2+s uXGoX4b7vFpA/Oc0IZZ/6VOjSWkhQk0O8uywSGxPk2eX/EWGzeQ7E6mnRpoyjEQ/ hCEYIYYw5nExzEcN14t8qJ59cHRWS2ySnVEkuX9hfyi2aYv+Kb4zLyqHseV2p4+j cn9t4b+NcRvdkXOSFjsXpnzrRzmqK2UP0JSCM5A39DLQjHKGFxJLdIKbMgeTEjvH xYTCL3FHqq/MTRd9Fy8S6MuE7d791OEDRXvdAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUXGSCM/Z0j8us8ULUa+luTwOWKmgwHwYDVR0jBBgwFoAUDUo7YhQHjKSOZvO4 xU8cX9vJ3nQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1 L0RVbzdZaFFIaktTT1p2TzR4VThjWDl2SjNuUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRFVvN1loUUhqS1NPWnZPNHhVOGNYOXZKM25RLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0RVbzdZaFFIaktTT1p2 TzR4VThjWDl2SjNuUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQA1YgF4YQ4xjVX97dG0sfGVmPVtbIDnVnTf6wBdjt1FVBME62bcviDhzJbbBFSL w8TNY15Uee5dC+tmZ8Ao/kjAEr7k0Amdcxl14InqqoH2lRI0r8jJzk4DeM8Zgp6R 5XiQvxfyRRCHlah1x5afps6bHNfdUlm5Oo0hapKJU6jp4+KCUL4DcvGkp8+FShz7 oPsWV1P0DGqQhkLeQ9g1P4AC2ak49W7r1EwnudK8mHChPJqthGwE3zsqw5fafn3K rEVdyxTBy5AGtAJ/WfaAIIeUUg8hJbiumGj+BdjER4jhfkLF62YJPwu5h41yIl7A b4SHVUcWwp7LAeVcW1OOcrf8 -----END CERTIFICATE-----Generated at Tue Dec 23 16:46:51 2025 by rpki-client