This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft File: KCAlirZf9h_V1m2Vlk9I76NdzIY.mft (raw, json) Hash identifier: /wR06wM1sVmATsTj6Dng7Kdwd+2nsmy4wShk57GM/IA= Subject key identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Certificate serial: 182D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft Manifest number: 1828 Signing time: Sun 21 Dec 2025 16:43:01 +0000 Manifest this update: Sun 21 Dec 2025 16:43:01 +0000 Manifest next update: Sun 21 Dec 2025 22:43:01 +0000 Files and hashes: 1: I9uSXffH-pwTghGYA_o9PiW31PU.roa (hash: nwRRWYa9JDWQiBl3beIie/BcmhzWO1BFjAfKhqo9ItM=) 2: KCAlirZf9h_V1m2Vlk9I76NdzIY.crl (hash: BwgyUnH0NEgSNIbcdQSvc1tKPYUGMUfbJweiUcWHRlg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6189 (0x182d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Validity Not Before: Dec 21 16:43:01 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=F22C52B900B880022A9210A686FE1A8006C4DAEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:00:01:ef:f8:9d:ec:b2:12:09:20:58:1f:f3: bd:ff:df:54:3b:c9:ac:13:5f:ac:3e:9a:f0:59:2a: 74:83:21:ab:51:13:b2:13:63:81:d9:61:f8:5e:72: 60:1f:12:b1:10:b8:dc:7a:b2:56:21:d0:fb:d7:f2: aa:49:63:be:c8:7f:19:56:97:04:da:4e:53:1c:16: c3:31:42:cb:b6:b8:63:dc:61:e5:98:a1:85:70:f3: 67:09:3e:d7:5d:db:ba:22:5d:14:68:44:54:17:ce: af:66:c2:4f:e8:75:a9:e8:cc:15:f5:4e:86:ae:4d: bd:6c:c9:56:d8:e9:b3:55:b2:0b:eb:a7:5b:fb:a0: b1:ff:b0:ab:0f:f4:d2:07:47:cb:2c:90:1f:0e:ef: ef:7f:4a:20:a2:34:ae:d9:44:8f:d9:a7:52:23:ad: 22:31:a4:2d:eb:05:2e:7a:97:20:23:ab:b8:dc:74: 6e:b5:ef:14:54:01:f8:0d:d1:90:ef:1f:be:ed:99: aa:81:f8:f5:48:90:4c:c3:2c:07:cd:df:be:58:06: 0f:72:e1:81:bf:f1:58:33:a0:10:5c:bc:6c:0d:34: 36:2e:f3:d8:1a:b3:bd:d0:1b:c2:fa:72:fd:13:9f: ab:9b:01:90:e8:66:7d:12:2b:b9:80:20:93:cb:4f: 3f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB X509v3 Authority Key Identifier: keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:a0:76:0f:9f:61:80:de:e4:78:3a:6d:92:d2:d8:ec:15:4e: d5:46:bd:48:92:48:ee:8e:bd:7a:53:b1:73:96:f1:0e:b9:12: d7:94:c4:27:fb:86:87:54:ad:2f:02:15:42:53:ee:b1:ff:db: ae:b5:41:c8:f8:4d:75:48:bb:c9:f4:f8:01:d9:63:71:19:6c: da:b3:89:0f:89:7e:30:15:29:76:72:65:26:5b:7a:ed:a2:d2: 32:7a:d7:04:48:ea:c3:6c:b7:1d:43:36:6e:0f:00:80:03:6b: d3:6e:e8:78:a5:19:42:db:e1:34:f8:d4:35:f4:22:46:f3:d8: 1b:7d:2d:f3:c0:dd:39:3e:fb:23:52:34:da:be:c0:23:97:45: 80:e7:68:ad:ae:d6:79:ab:89:aa:1c:74:e4:29:e1:3d:20:88: 7a:93:72:5f:84:06:8a:57:eb:f3:2a:11:6b:6c:4b:49:af:d8: a4:7d:cf:39:8e:81:e1:e3:1e:52:17:65:de:93:56:83:b5:c2: 4c:06:79:e4:08:39:b6:8c:3b:80:73:34:8e:3d:4d:0a:68:96: 45:25:a3:c9:16:81:7e:08:3e:ea:bb:32:f4:1a:b7:08:17:54: c4:75:d4:ec:84:96:a1:39:17:97:72:f7:58:fe:28:b5:57:62: 08:3f:86:0a -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICGC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNTEyMjEx NjQzMDFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEYyMkM1MkI5MDBCODgw MDIyQTkyMTBBNjg2RkUxQTgwMDZDNERBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYAAHv+J3sshIJIFgf873/31Q7yawTX6w+mvBZKnSDIatRE7IT Y4HZYfhecmAfErEQuNx6slYh0PvX8qpJY77IfxlWlwTaTlMcFsMxQsu2uGPcYeWY oYVw82cJPtdd27oiXRRoRFQXzq9mwk/odanozBX1ToauTb1syVbY6bNVsgvrp1v7 oLH/sKsP9NIHR8sskB8O7+9/SiCiNK7ZRI/Zp1IjrSIxpC3rBS56lyAjq7jcdG61 7xRUAfgN0ZDvH77tmaqB+PVIkEzDLAfN375YBg9y4YG/8VgzoBBcvGwNNDYu89ga s73QG8L6cv0Tn6ubAZDoZn0SK7mAIJPLTz83AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU8ixSuQC4gAIqkhCmhv4agAbE2uswHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvS0NBbGlyWmY5aF9W MW0yVmxrOUk3Nk5keklZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAE6gdg+fYYDe5Hg6bZLS2OwVTtVGvUiSSO6OvXpTsXOW8Q65EteUxCf7hodU rS8CFUJT7rH/2661Qcj4TXVIu8n0+AHZY3EZbNqziQ+JfjAVKXZyZSZbeu2i0jJ6 1wRI6sNstx1DNm4PAIADa9Nu6HilGULb4TT41DX0Ikbz2Bt9LfPA3Tk++yNSNNq+ wCOXRYDnaK2u1nmriaocdOQp4T0giHqTcl+EBopX6/MqEWtsS0mv2KR9zzmOgeHj HlIXZd6TVoO1wkwGeeQIObaMO4BzNI49TQpolkUlo8kWgX4IPuq7MvQatwgXVMR1 1OyElqE5F5dy91j+KLVXYgg/hgo= -----END CERTIFICATE-----Generated at Sun Dec 21 18:23:41 2025 by rpki-client