This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft File: 7oh6zHzktfZsz0lG8Cv6y94ot2o.mft (raw, json) Hash identifier: +rrFeQcRX2AvPRZdjOyi7UBe+R3BVf9Q+0cnX/M1pec= Subject key identifier: 71:D1:BC:AA:71:CD:2B:AB:92:8D:BD:57:9E:F3:C1:79:07:4B:57:CC Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Certificate serial: 205C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft Manifest number: 2047 Signing time: Fri 12 Dec 2025 22:39:57 +0000 Manifest this update: Fri 12 Dec 2025 22:39:57 +0000 Manifest next update: Sat 13 Dec 2025 04:39:57 +0000 Files and hashes: 1: 6x6hqo0Cnu2DY80d0M2a1T3hILw.roa (hash: suL4eu4ACTdMQ8EhG3IwPC8L4xiiawA4SSbx7c7QEeU=) 2: 7oh6zHzktfZsz0lG8Cv6y94ot2o.crl (hash: 4aqIJlcqneeotmTNc8PYYZm/89BY7AdTsvd4g8yNoSI=) 3: ErfEwcAx898tX4S9822NVXpbrGo.roa (hash: VAxgA96n0yvdmKEC0RETcM04sas17swBidGI/3NcD+c=) 4: X9U6c4cYKAx0rXhgtX8hkxalSFs.roa (hash: GoRC8cSZH4f3OWCxKXSnZPnR9NAmS+/EImBAzeimhQ8=) 5: zJ9YmN7_pZvu0tkeY-0KKlh6Js0.roa (hash: i9RgwHolwZTVdXudlPKeD4KuhudGO2gUAIrLw8GTjnE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Dec 2025 04:39:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8284 (0x205c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Validity Not Before: Dec 12 22:39:57 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=71D1BCAA71CD2BAB928DBD579EF3C179074B57CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:95:0d:60:c4:3e:68:d6:46:f0:7e:0a:c7:54: 8b:25:88:5d:a6:57:09:eb:d8:6b:89:e3:d3:e3:ac: 4d:69:db:62:e5:06:8c:e4:91:ba:71:fa:f7:d5:95: 58:08:be:d8:1e:a5:1d:d0:96:57:91:8c:61:7b:ec: ff:10:49:62:12:f0:6c:d4:5b:ed:58:6e:c9:9b:86: 88:6d:18:26:6b:9e:47:bf:c4:6b:5c:04:f1:ab:9d: c5:6a:cd:a8:ad:19:b4:b1:f1:8e:ce:6c:fa:eb:c6: f4:97:49:72:03:bf:5f:b3:15:71:ff:55:fd:1a:5d: 57:d9:e9:3b:c8:79:26:dc:c7:98:96:83:c0:ed:0a: a3:a7:70:18:bf:13:3d:b8:d7:f4:7d:e1:bf:34:37: 53:dc:b8:a6:0d:42:19:7e:42:da:ac:95:e6:1d:69: 27:49:14:88:e3:bd:92:36:aa:e2:6c:3a:4c:92:32: 4c:72:8e:c0:53:97:b4:26:a2:12:33:89:4e:7a:a1: 81:f9:91:0a:42:a3:4c:bd:af:c6:2c:f5:4f:03:51: d3:cb:05:69:0b:29:d7:da:6f:97:7e:33:60:77:74: 0f:de:0b:42:d0:28:0e:17:5d:ac:72:6c:2d:4f:0f: ad:79:16:c8:83:fc:d5:df:1c:3b:22:0e:cd:59:3c: ca:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:D1:BC:AA:71:CD:2B:AB:92:8D:BD:57:9E:F3:C1:79:07:4B:57:CC X509v3 Authority Key Identifier: keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:5b:c9:4e:00:c5:9f:22:c0:a2:99:49:cb:5d:46:ff:f7:b6: 3c:22:83:0e:13:06:c5:b8:1e:a5:7b:15:59:c4:f0:34:c6:08: 7c:9b:64:9b:e2:c1:0a:9f:9e:10:7e:74:f2:4e:0c:bc:33:00: ee:a8:09:54:a5:40:6e:fc:da:74:0b:11:50:38:3e:af:57:56: 1e:90:ba:2d:c1:da:3c:49:63:6d:87:92:fa:19:37:a9:f3:51: bd:66:24:54:85:69:62:8a:b4:11:01:08:68:6d:8f:4b:f6:b1: 55:cb:b5:9c:1a:b8:5d:9d:5f:ce:27:11:85:a4:60:89:54:fb: 5a:dd:ef:73:b3:ae:31:72:a6:7f:ed:7c:b1:f3:36:89:2f:36: 16:fd:1b:f2:36:7f:8c:0f:63:e5:bf:df:35:79:d3:bd:e6:fe: c4:89:ca:34:16:7b:c4:85:4d:26:08:a4:da:94:08:00:10:fe: 34:cf:a2:d2:7c:fd:52:88:9e:98:75:cf:63:77:25:30:f1:da: 56:23:5f:eb:bf:9c:d6:94:16:5a:ec:2f:51:03:ac:1f:c5:23: c7:c3:07:b2:fc:0e:89:3f:71:c4:ce:f8:45:d7:c5:e3:6b:14: f7:5b:26:f5:4d:1d:65:c9:01:2d:14:e5:f7:e8:c5:3e:19:a3: 4f:ac:97:1b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICIFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4 ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNTEyMTIy MjM5NTdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDcxRDFCQ0FBNzFDRDJC QUI5MjhEQkQ1NzlFRjNDMTc5MDc0QjU3Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCWlQ1gxD5o1kbwfgrHVIsliF2mVwnr2GuJ49PjrE1p22LlBozk kbpx+vfVlVgIvtgepR3QlleRjGF77P8QSWIS8GzUW+1YbsmbhohtGCZrnke/xGtc BPGrncVqzaitGbSx8Y7ObPrrxvSXSXIDv1+zFXH/Vf0aXVfZ6TvIeSbcx5iWg8Dt CqOncBi/Ez241/R94b80N1PcuKYNQhl+QtqsleYdaSdJFIjjvZI2quJsOkySMkxy jsBTl7QmohIziU56oYH5kQpCo0y9r8Ys9U8DUdPLBWkLKdfab5d+M2B3dA/eC0LQ KA4XXaxybC1PD615FsiD/NXfHDsiDs1ZPMqDAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUcdG8qnHNK6uSjb1XnvPBeQdLV8wwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG 8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxLzdvaDZ6SHprdGZac3ow bEc4Q3Y2eTk0b3Qyby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAVW8lOAMWfIsCimUnLXUb/97Y8IoMOEwbFuB6lexVZxPA0xgh8m2Sb4sEKn54Q fnTyTgy8MwDuqAlUpUBu/Np0CxFQOD6vV1YekLotwdo8SWNth5L6GTep81G9ZiRU hWliirQRAQhobY9L9rFVy7WcGrhdnV/OJxGFpGCJVPta3e9zs64xcqZ/7Xyx8zaJ LzYW/RvyNn+MD2Plv981edO95v7Eico0FnvEhU0mCKTalAgAEP40z6LSfP1SiJ6Y dc9jdyUw8dpWI1/rv5zWlBZa7C9RA6wfxSPHwwey/A6JP3HEzvhF18XjaxT3Wyb1 TR1lyQEtFOX36MU+GaNPrJcb -----END CERTIFICATE-----Generated at Sat Dec 13 04:36:15 2025 by rpki-client