This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft File: vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft (raw, json) Hash identifier: ZW/mbdHCHflil3k4HblIYu29wjyriNG0weD7xMp6m9Q= Subject key identifier: 56:CA:4C:99:B6:C7:E8:0B:5F:09:94:1B:6E:F6:A3:5C:59:76:15:A1 Authority key identifier: BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 Certificate issuer: /CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Certificate serial: 2259 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft Manifest number: 2253 Signing time: Sun 21 Dec 2025 16:38:51 +0000 Manifest this update: Sun 21 Dec 2025 16:38:51 +0000 Manifest next update: Sun 21 Dec 2025 22:38:51 +0000 Files and hashes: 1: 5O780YytFp2aIZUy2ebH7T6RP3k.roa (hash: dZYfjDP7WydvmeUNL1iHjp+9Hb7wVZPSu7zNq9EkS4c=) 2: vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl (hash: Y26nZcJ/Lq963Pwb+QYrB/5tctCttLAIYGHCt4+G/Pg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:38:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8793 (0x2259) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Validity Not Before: Dec 21 16:38:51 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=56CA4C99B6C7E80B5F09941B6EF6A35C597615A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:95:98:3c:86:db:0c:4f:fa:c0:9b:3b:6f:00: 11:c2:b7:65:ce:dd:c6:4e:0d:fb:7c:f3:5a:2f:f0: 10:6b:e5:75:0e:99:a2:e9:d3:4c:eb:83:fb:a4:66: 0c:ad:ec:f6:aa:26:ab:30:fc:08:e2:52:64:ec:74: d7:61:93:6e:29:a2:f2:11:6b:42:3c:a3:99:15:72: 97:8c:33:37:9a:43:88:4b:33:b6:d5:96:8d:91:99: f3:92:5f:ae:e4:ea:42:3b:7d:19:fb:b5:f4:42:ea: 80:f4:f9:50:8d:82:d0:69:cd:e3:11:a2:63:16:df: 60:c2:43:45:45:3f:27:11:e4:74:86:09:05:7f:fd: bb:6a:9f:c7:09:67:25:1d:b5:fc:86:51:6a:c8:38: 2d:a3:ed:17:8b:d1:e3:ca:9b:65:c3:4d:15:73:e5: 68:ae:5c:45:d4:8f:33:47:f3:2f:13:99:55:cd:40: ff:0f:b6:3b:91:43:7d:a6:a1:08:2a:e6:66:b9:05: 59:78:d5:a3:47:9e:87:f7:b5:55:5c:2a:5d:2e:5f: 8e:b7:b2:c9:6b:77:ea:73:50:b5:be:56:84:77:09: 23:2c:a4:ce:cd:01:12:32:24:37:97:08:a5:7d:48: 37:77:94:28:35:f7:4d:5f:51:6e:a0:a0:51:45:56: 3e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:CA:4C:99:B6:C7:E8:0B:5F:09:94:1B:6E:F6:A3:5C:59:76:15:A1 X509v3 Authority Key Identifier: keyid:BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:f7:84:19:c7:42:8b:c1:89:f6:2c:33:02:2d:ff:12:79:cf: a2:15:b3:62:30:b5:10:52:9f:8b:ca:8f:12:bf:44:be:81:f2: b1:fc:a9:ce:e8:f2:24:ce:19:9b:eb:76:9b:ac:68:e1:63:52: fe:4f:94:a3:fb:0a:31:05:d3:e8:fb:d5:59:68:d6:da:26:c7: 34:09:a3:ea:15:7e:78:ed:cd:c7:9d:93:77:3b:7f:4a:93:be: 64:a9:9c:66:5f:7e:20:b8:11:9e:09:ed:47:2a:9d:c8:ca:47: f4:55:2e:cb:20:56:3f:4c:25:5e:3b:59:44:43:38:c5:5a:b0: 7e:6d:21:84:92:ff:bb:b9:5f:44:e3:49:a4:71:34:d0:a2:5d: 8a:97:e2:58:41:d7:1f:5f:84:42:3a:77:95:d5:fa:7d:fd:95: f6:ec:65:3f:95:b3:9e:34:89:0e:5e:17:21:97:0b:8f:0c:03: a0:e5:73:90:c6:34:26:50:d6:60:6c:45:21:5b:b6:48:04:08: 4b:1f:0d:6a:a3:bf:c4:d7:93:a7:1e:44:48:70:25:a7:46:5d: b9:24:c3:7c:48:03:2d:47:36:e1:12:a7:c0:99:74:43:b5:75: 71:0d:fa:54:4f:aa:f1:72:98:b3:ae:b9:46:70:c8:b2:4d:f0: 7d:8e:b7:47 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIlkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkNG NDAxN0E2RTI5MTVGMjYxNDdENDE5RTVGN0E3RDE2NEQwNDk4NDAeFw0yNTEyMjEx NjM4NTFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDU2Q0E0Qzk5QjZDN0U4 MEI1RjA5OTQxQjZFRjZBMzVDNTk3NjE1QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTlZg8htsMT/rAmztvABHCt2XO3cZODft881ov8BBr5XUOmaLp 00zrg/ukZgyt7PaqJqsw/AjiUmTsdNdhk24povIRa0I8o5kVcpeMMzeaQ4hLM7bV lo2RmfOSX67k6kI7fRn7tfRC6oD0+VCNgtBpzeMRomMW32DCQ0VFPycR5HSGCQV/ /btqn8cJZyUdtfyGUWrIOC2j7ReL0ePKm2XDTRVz5WiuXEXUjzNH8y8TmVXNQP8P tjuRQ32moQgq5ma5BVl41aNHnof3tVVcKl0uX463sslrd+pzULW+VoR3CSMspM7N ARIyJDeXCKV9SDd3lCg1901fUW6goFFFVj63AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUVspMmbbH6AtfCZQbbvajXFl2FaEwHwYDVR0jBBgwFoAUvPQBem4pFfJhR9QZ 5fen0WTQSYQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3 Mi92UFFCZW00cEZmSmhSOVFaNWZlbjBXVFFTWVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZQUUJlbTRwRmZKaFI5UVo1ZmVuMFdUUVNZUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzIvdlBRQmVtNHBGZkpo UjlRWjVmZW4wV1RRU1lRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABH3hBnHQovBifYsMwIt/xJ5z6IVs2IwtRBSn4vKjxK/RL6B8rH8qc7o8iTO GZvrdpusaOFjUv5PlKP7CjEF0+j71Vlo1tomxzQJo+oVfnjtzcedk3c7f0qTvmSp nGZffiC4EZ4J7UcqncjKR/RVLssgVj9MJV47WURDOMVasH5tIYSS/7u5X0TjSaRx NNCiXYqX4lhB1x9fhEI6d5XV+n39lfbsZT+Vs540iQ5eFyGXC48MA6Dlc5DGNCZQ 1mBsRSFbtkgECEsfDWqjv8TXk6ceREhwJadGXbkkw3xIAy1HNuESp8CZdEO1dXEN +lRPqvFymLOuuUZwyLJN8H2Ot0c= -----END CERTIFICATE-----Generated at Sun Dec 21 18:37:37 2025 by rpki-client