This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft File: oZapzKejMT4hgEp8O7SXdfnwZYo.mft (raw, json) Hash identifier: C53Ml8QOVtWTZFH80mLkv8Ct/lRHZ4WoCCQE1BbA9sk= Subject key identifier: DA:37:F7:07:93:01:7B:A5:C6:48:F3:BD:80:A4:1B:A9:CF:5C:81:6A Authority key identifier: A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A Certificate issuer: /CN=A196A9CCA7A3313E21804A7C3BB49775F9F0658A Certificate serial: 1074 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft Manifest number: 1074 Signing time: Sun 21 Dec 2025 16:41:16 +0000 Manifest this update: Sun 21 Dec 2025 16:41:16 +0000 Manifest next update: Sun 21 Dec 2025 22:41:16 +0000 Files and hashes: 1: oZapzKejMT4hgEp8O7SXdfnwZYo.crl (hash: UW6Of7o8Yg69hTV7/4IyWTswYVfC0B2JMglk2494ESs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4212 (0x1074) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A196A9CCA7A3313E21804A7C3BB49775F9F0658A Validity Not Before: Dec 21 16:41:16 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DA37F70793017BA5C648F3BD80A41BA9CF5C816A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2f:da:9c:59:d3:b4:fa:59:cb:6e:0e:17:94: f0:b3:5e:ce:88:fa:29:03:9d:81:46:cf:4a:57:9b: e1:59:9e:b3:b1:6a:e8:37:ad:78:a6:51:7a:39:00: e8:eb:4f:c7:0a:2b:03:56:84:91:e9:ed:e6:0e:9b: 13:5b:bb:8e:20:72:dc:6f:e4:fe:10:34:7f:ad:2a: 49:2b:fb:a0:42:0b:5e:45:3f:9a:6a:bc:61:af:f4: 13:d3:13:3a:27:51:8e:1a:dc:89:eb:cb:df:18:2e: 72:7f:14:e7:93:31:03:8a:f6:51:1e:f7:91:4c:15: 84:de:b0:42:e1:6c:26:f9:a7:59:67:24:14:6a:ec: 38:f2:a8:24:a5:5a:d7:5b:f4:4f:9c:20:33:d4:a4: 91:26:33:f6:b3:10:e8:d3:b6:ac:57:d0:94:a6:a3: e7:ab:b7:aa:0f:22:44:f4:92:96:7c:06:18:90:ea: ba:63:06:af:04:2a:a2:b2:f1:2f:29:b4:bf:e5:08: 95:bd:23:b4:a9:f9:62:bc:ed:ea:33:41:d3:d9:d8: 27:21:45:58:f1:00:67:b7:1e:a1:af:86:63:28:29: d1:8f:0a:07:f1:13:a5:0c:49:54:a4:b7:21:33:a0: 32:7d:ce:24:50:27:ac:c3:96:4b:ce:2a:4d:04:03: 0a:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:37:F7:07:93:01:7B:A5:C6:48:F3:BD:80:A4:1B:A9:CF:5C:81:6A X509v3 Authority Key Identifier: keyid:A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:71:94:ec:36:cd:32:be:08:84:e8:6c:1a:40:40:33:64:3a: c9:32:88:cf:af:29:d7:12:f6:3b:bf:29:99:cc:4b:b4:48:63: 29:1c:09:0e:3a:b0:f5:03:f9:b2:c6:d7:59:11:d1:31:38:fc: 3b:2e:5b:52:8f:b3:c8:64:8e:4e:7b:ac:7a:02:55:9f:34:cc: 4f:3b:49:ed:da:48:29:41:27:38:10:57:ce:32:97:0e:a3:50: 88:a1:4d:31:f6:e7:4e:fe:1d:ec:04:c8:5c:e3:00:55:11:fd: 04:5b:fd:d9:b4:f0:5c:18:f7:70:18:fc:d1:67:67:1d:32:ce: 92:08:a0:d9:33:b6:1e:77:6f:81:df:24:f1:fe:69:29:79:b4: 5d:31:3c:24:28:0f:ee:1b:bd:c9:04:7b:fe:0d:13:9e:f1:23: aa:fe:f8:f6:89:d8:0c:d2:31:27:13:9a:0e:c1:88:54:c1:f2: 07:62:74:fb:57:31:2d:bb:3a:e7:f8:ad:26:c7:e2:90:fc:28: 2e:9d:7c:1b:63:68:94:36:8e:58:8c:26:87:a6:a3:95:0e:26: a8:22:ae:93:d0:44:fc:40:38:68:1d:f4:54:be:18:e6:fd:ab: 46:96:b3:40:7a:98:c1:d0:9b:3e:bf:41:61:85:ab:e4:5e:bd: 18:89:71:3c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICEHQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTE5 NkE5Q0NBN0EzMzEzRTIxODA0QTdDM0JCNDk3NzVGOUYwNjU4QTAeFw0yNTEyMjEx NjQxMTZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERBMzdGNzA3OTMwMTdC QTVDNjQ4RjNCRDgwQTQxQkE5Q0Y1QzgxNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeL9qcWdO0+lnLbg4XlPCzXs6I+ikDnYFGz0pXm+FZnrOxaug3 rXimUXo5AOjrT8cKKwNWhJHp7eYOmxNbu44gctxv5P4QNH+tKkkr+6BCC15FP5pq vGGv9BPTEzonUY4a3Inry98YLnJ/FOeTMQOK9lEe95FMFYTesELhbCb5p1lnJBRq 7DjyqCSlWtdb9E+cIDPUpJEmM/azEOjTtqxX0JSmo+ert6oPIkT0kpZ8BhiQ6rpj Bq8EKqKy8S8ptL/lCJW9I7Sp+WK87eozQdPZ2CchRVjxAGe3HqGvhmMoKdGPCgfx E6UMSVSktyEzoDJ9ziRQJ6zDlkvOKk0EAwpHAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2jf3B5MBe6XGSPO9gKQbqc9cgWowHwYDVR0jBBgwFoAUoZapzKejMT4hgEp8 O7SXdfnwZYowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM4 NC9vWmFwektlak1UNGhnRXA4TzdTWGRmbndaWW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL29aYXB6S2VqTVQ0aGdFcDhPN1NYZGZud1pZby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzODQvb1phcHpLZWpNVDRo Z0VwOE83U1hkZm53WllvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADpxlOw2zTK+CITobBpAQDNkOskyiM+vKdcS9ju/KZnMS7RIYykcCQ46sPUD +bLG11kR0TE4/DsuW1KPs8hkjk57rHoCVZ80zE87Se3aSClBJzgQV84ylw6jUIih TTH2507+HewEyFzjAFUR/QRb/dm08FwY93AY/NFnZx0yzpIIoNkzth53b4HfJPH+ aSl5tF0xPCQoD+4bvckEe/4NE57xI6r++PaJ2AzSMScTmg7BiFTB8gdidPtXMS27 Ouf4rSbH4pD8KC6dfBtjaJQ2jliMJoemo5UOJqgirpPQRPxAOGgd9FS+GOb9q0aW s0B6mMHQmz6/QWGFq+RevRiJcTw= -----END CERTIFICATE-----Generated at Sun Dec 21 18:20:41 2025 by rpki-client