This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft File: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft (raw, json) Hash identifier: WPBRmB//PKg0Ow0MGnPoSF+eMiXi8+o0fuqV9ib+jKk= Subject key identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B Authority key identifier: D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 Certificate issuer: /CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Certificate serial: 21F8 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft Manifest number: 21F8 Signing time: Thu 04 Dec 2025 20:47:51 +0000 Manifest this update: Thu 04 Dec 2025 20:47:51 +0000 Manifest next update: Fri 05 Dec 2025 02:47:51 +0000 Files and hashes: 1: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl (hash: dnf5G9u/Mt7OcKD0TUcRlQ0McJx/FzT5GoMkd3doLDE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Dec 2025 01:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8696 (0x21f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Validity Not Before: Dec 4 20:47:51 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=EFD8DB33953BC6DC717CA67C36A64A67C36B413B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:06:0e:21:8b:b1:ce:87:e9:a7:e0:0d:cc:26: f1:4a:9d:72:f5:5f:40:55:76:44:50:ef:18:3a:d7: e8:33:70:6e:66:d7:a2:05:08:1e:ff:cc:84:d9:6b: 39:20:82:05:c0:24:24:81:33:20:09:20:01:1b:26: b4:8e:5f:ef:34:78:cf:86:a9:9e:1b:c0:93:6a:32: 1d:77:fc:28:e3:5e:b9:d0:ed:f9:1a:9e:45:cd:08: 3b:db:ed:22:0f:00:34:5f:67:03:21:3b:82:b8:47: 7c:e7:77:03:2a:0e:ab:a1:05:d5:c6:53:1b:a3:ba: 1c:30:42:5c:89:b3:08:ad:0e:05:72:13:a8:02:f3: 04:aa:99:8a:61:1d:41:89:f1:60:98:15:92:9e:5d: 7c:6d:10:ab:82:48:33:03:a6:a6:01:a4:f5:82:2b: 47:ae:83:43:33:2e:55:c8:a5:e8:a6:84:c7:3d:0b: 29:1b:0b:28:c7:4e:e0:06:02:2b:8a:b3:57:be:b3: 3e:c3:a9:17:8e:23:a2:6e:b1:6f:5b:56:e6:75:0a: ac:8f:9d:68:33:0f:91:6c:b0:7e:27:8f:ba:2d:b7: b7:0c:58:18:19:81:b3:eb:9f:f2:74:9e:ae:d0:87: c6:4c:bb:ab:5c:ac:6e:00:aa:ea:b5:a1:3d:ac:6a: 4b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B X509v3 Authority Key Identifier: keyid:D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:a5:8e:43:a9:63:fb:81:ea:a9:b1:f2:be:06:08:43:81:dd: 9d:97:66:2b:d5:ca:6d:a5:a0:c0:b7:f2:a3:14:05:2e:55:f2: 3f:4c:e7:c4:fb:bb:7b:13:5b:12:b5:9f:58:df:e3:54:a6:b0: 78:89:ac:5f:f7:c3:33:ac:13:7c:ba:ab:b5:d0:f7:4d:c8:1e: f8:42:64:bc:ed:a2:9d:e7:10:04:57:0f:3a:a9:ff:42:a6:36: 4f:2c:63:1c:7c:b2:5e:b4:c1:73:48:40:85:7a:c5:6d:3e:94: 53:6b:05:2a:97:a6:e0:ca:e9:11:41:25:d0:cc:a4:84:45:00: f3:1a:7e:f1:a7:17:28:50:16:bb:0d:d1:1a:8d:3d:8c:d2:1c: e0:0d:2c:5f:5e:ad:be:07:8a:a2:e7:2d:cd:58:c0:5b:40:34: 70:f5:41:6d:4c:2c:3d:c3:4b:de:1a:d1:67:f7:27:7c:a7:8f: 80:dd:d4:7b:16:5e:27:b7:ce:df:42:50:f1:2b:64:c8:e6:38: e3:17:af:21:4e:10:0c:1d:f6:e0:80:79:db:d3:ae:a0:17:35: 42:6c:cd:48:b9:61:64:3d:89:19:32:02:bd:57:53:b1:c6:58: 00:27:39:05:a9:d2:59:a1:8e:81:a1:07:76:9c:a9:72:a2:26: d8:39:f2:8a -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICIfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDMy NEJCM0ZFNUMxNUEyRTA0MkE2MzJFNUEyMzU5RDA0OEYwNEM0MjAeFw0yNTEyMDQy MDQ3NTFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEVGRDhEQjMzOTUzQkM2 REM3MTdDQTY3QzM2QTY0QTY3QzM2QjQxM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBBg4hi7HOh+mn4A3MJvFKnXL1X0BVdkRQ7xg61+gzcG5m16IF CB7/zITZazkgggXAJCSBMyAJIAEbJrSOX+80eM+GqZ4bwJNqMh13/CjjXrnQ7fka nkXNCDvb7SIPADRfZwMhO4K4R3zndwMqDquhBdXGUxujuhwwQlyJswitDgVyE6gC 8wSqmYphHUGJ8WCYFZKeXXxtEKuCSDMDpqYBpPWCK0eug0MzLlXIpeimhMc9Cykb CyjHTuAGAiuKs1e+sz7DqReOI6JusW9bVuZ1CqyPnWgzD5FssH4nj7ott7cMWBgZ gbPrn/J0nq7Qh8ZMu6tcrG4Aquq1oT2sakuTAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU79jbM5U7xtxxfKZ8NqZKZ8NrQTswHwYDVR0jBBgwFoAU0yS7P+XBWi4EKmMu WiNZ0EjwTEIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1 LzB5UzdQLVhCV2k0RUttTXVXaU5aMEVqd1RFSS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMHlTN1AtWEJXaTRFS21NdVdpTlowRWp3VEVJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1LzB5UzdQLVhCV2k0RUtt TXVXaU5aMEVqd1RFSS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAlpY5DqWP7geqpsfK+BghDgd2dl2Yr1cptpaDAt/KjFAUuVfI/TOfE+7t7E1sS tZ9Y3+NUprB4iaxf98MzrBN8uqu10PdNyB74QmS87aKd5xAEVw86qf9CpjZPLGMc fLJetMFzSECFesVtPpRTawUql6bgyukRQSXQzKSERQDzGn7xpxcoUBa7DdEajT2M 0hzgDSxfXq2+B4qi5y3NWMBbQDRw9UFtTCw9w0veGtFn9yd8p4+A3dR7Fl4nt87f QlDxK2TI5jjjF68hThAMHfbggHnb066gFzVCbM1IuWFkPYkZMgK9V1OxxlgAJzkF qdJZoY6BoQd2nKlyoibYOfKK -----END CERTIFICATE-----Generated at Thu Dec 4 23:40:33 2025 by rpki-client