This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft File: h2aIiphaWvBfbvEvvU9k8h9SYYg.mft (raw, json) Hash identifier: 467C5y0CBFh3zm9NoVWvEdpyHn/abg8ry+VHtDCxysk= Subject key identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 Authority key identifier: 87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 Certificate issuer: /CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Certificate serial: 0E2E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft Manifest number: 0E2E Signing time: Sun 21 Dec 2025 14:38:22 +0000 Manifest this update: Sun 21 Dec 2025 14:38:22 +0000 Manifest next update: Sun 21 Dec 2025 20:38:22 +0000 Files and hashes: 1: h2aIiphaWvBfbvEvvU9k8h9SYYg.crl (hash: dP81dJJP1WVliPv/eewGoiwFGrp6r5eqXZkKwK/gacY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 20:38:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3630 (0xe2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Validity Not Before: Dec 21 14:38:22 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D8678AA95370861C4193AE13A081E75CD1C41BD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c0:ff:85:04:90:e9:70:da:7d:d0:ea:7d:8b: f6:99:03:3a:0b:5c:4f:4b:1d:e7:7c:aa:93:12:9b: 33:7a:64:7a:38:d4:29:2c:60:d6:c5:0d:77:99:c0: e4:16:48:ab:00:f5:64:65:d8:0a:ec:21:39:34:6b: b5:43:4d:93:7c:a3:75:4d:a4:6c:bb:0a:28:9f:f1: 78:f1:e1:5f:91:17:0b:da:4f:2f:1d:56:e4:24:b0: 7e:af:5e:6b:11:88:36:ec:f0:b6:9a:83:90:cb:da: 27:0b:e9:17:93:48:fe:4e:e1:ce:2a:50:b6:91:8c: 3a:00:a3:d5:53:9d:5f:52:f5:d2:4e:d2:6e:67:31: ef:4c:91:28:a1:30:5b:37:15:cd:90:4f:f1:ba:64: f0:24:57:f3:d8:5e:d7:c8:26:d4:b9:15:7d:07:1c: 45:c4:03:72:96:41:c5:f4:fe:d9:00:51:8f:1e:4f: c7:e3:d8:15:9e:1d:0f:86:07:5e:f1:e1:70:cb:65: 14:6e:8a:c9:eb:fc:b0:2b:e7:ba:ca:53:c2:c8:00: f3:bd:b9:96:55:5a:52:26:d8:aa:3d:40:75:57:15: a0:69:dc:7e:c8:81:d1:0e:e0:1c:c6:78:3a:f5:09: 9a:8f:3f:21:84:bc:b4:6b:ef:da:46:f4:ea:38:f8: 7c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 X509v3 Authority Key Identifier: keyid:87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:96:50:e0:34:5d:5f:d8:5c:b9:e3:87:b7:03:ee:aa:10:20: 41:b0:1c:c9:a3:68:af:68:46:9f:fa:6a:76:80:94:55:d7:a9: 7b:1d:f0:1a:71:08:d5:b8:4f:e3:dc:b9:94:92:d7:d1:57:11: 0e:8d:c0:24:06:26:38:cf:6f:4a:79:6b:d6:9a:48:6e:85:c0: f8:85:68:4e:ea:56:1c:97:da:30:59:57:1d:cc:46:17:e5:98: d2:3b:43:f1:19:19:1e:f1:a5:28:f5:88:18:af:ab:cd:44:8a: c1:09:b2:03:91:c3:78:08:3e:6a:05:d0:cd:91:f6:01:4c:17: 85:47:cf:05:73:5d:9b:88:2a:de:e1:23:c1:41:a5:a2:c9:63: 85:c5:bb:b0:ad:ea:b6:fb:a0:19:ba:e5:1d:32:78:f9:fa:af: c2:5a:93:04:1c:15:58:5e:f0:b0:32:24:97:85:ab:36:b7:f8: 3b:6a:d9:09:84:fc:b1:0b:f9:d1:55:35:cd:61:29:1e:bd:9e: 65:75:f5:bd:e0:aa:62:cb:7e:57:1c:6c:b0:3f:97:82:49:67: a9:14:3c:cc:94:0a:89:01:56:46:16:ec:ae:19:07:b8:24:e1: bd:f0:c9:22:b0:d9:bd:e1:37:ed:2f:ac:e9:ca:c3:53:f0:79: 7d:13:62:99 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODc2 Njg4OEE5ODVBNUFGMDVGNkVGMTJGQkQ0RjY0RjIxRjUyNjE4ODAeFw0yNTEyMjEx NDM4MjJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ4Njc4QUE5NTM3MDg2 MUM0MTkzQUUxM0EwODFFNzVDRDFDNDFCRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJwP+FBJDpcNp90Op9i/aZAzoLXE9LHed8qpMSmzN6ZHo41Cks YNbFDXeZwOQWSKsA9WRl2ArsITk0a7VDTZN8o3VNpGy7Ciif8Xjx4V+RFwvaTy8d VuQksH6vXmsRiDbs8Laag5DL2icL6ReTSP5O4c4qULaRjDoAo9VTnV9S9dJO0m5n Me9MkSihMFs3Fc2QT/G6ZPAkV/PYXtfIJtS5FX0HHEXEA3KWQcX0/tkAUY8eT8fj 2BWeHQ+GB17x4XDLZRRuisnr/LAr57rKU8LIAPO9uZZVWlIm2Ko9QHVXFaBp3H7I gdEO4BzGeDr1CZqPPyGEvLRr79pG9Oo4+HwVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2GeKqVNwhhxBk64ToIHnXNHEG9cwHwYDVR0jBBgwFoAUh2aIiphaWvBfbvEv vU9k8h9SYYgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgx Ny9oMmFJaXBoYVd2QmZidkV2dlU5azhoOVNZWWcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2gyYUlpcGhhV3ZCZmJ2RXZ2VTlrOGg5U1lZZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MTcvaDJhSWlwaGFXdkJm YnZFdnZVOWs4aDlTWVlnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAuWUOA0XV/YXLnjh7cD7qoQIEGwHMmjaK9oRp/6anaAlFXXqXsd8BpxCNW4 T+PcuZSS19FXEQ6NwCQGJjjPb0p5a9aaSG6FwPiFaE7qVhyX2jBZVx3MRhflmNI7 Q/EZGR7xpSj1iBivq81EisEJsgORw3gIPmoF0M2R9gFMF4VHzwVzXZuIKt7hI8FB paLJY4XFu7Ct6rb7oBm65R0yePn6r8JakwQcFVhe8LAyJJeFqza3+Dtq2QmE/LEL +dFVNc1hKR69nmV19b3gqmLLflccbLA/l4JJZ6kUPMyUCokBVkYW7K4ZB7gk4b3w ySKw2b3hN+0vrOnKw1PweX0TYpk= -----END CERTIFICATE-----Generated at Sun Dec 21 18:19:28 2025 by rpki-client