This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft File: NxT4EtSpDicn7ABvXkzukIk0r3g.mft (raw, json) Hash identifier: IkwiUcV7FYfNHsKl9RgJDLxeH05y8iGSCsYRDTLS+uw= Subject key identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA Authority key identifier: 37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 Certificate issuer: /CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Certificate serial: 2116 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft Manifest number: 2116 Signing time: Sun 21 Dec 2025 16:38:47 +0000 Manifest this update: Sun 21 Dec 2025 16:38:47 +0000 Manifest next update: Sun 21 Dec 2025 22:38:47 +0000 Files and hashes: 1: NxT4EtSpDicn7ABvXkzukIk0r3g.crl (hash: OqcNhtj5C6KJ93oXUC9JyVWio/5wPDVESnPwQhDwmYc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:38:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8470 (0x2116) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Validity Not Before: Dec 21 16:38:47 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D4727BD1540DF9B6C4FCC174C40A002280302BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:3b:6c:95:b3:19:b9:3c:7f:39:15:f1:fd: b5:9a:0d:ba:0a:83:cf:0b:a9:32:4a:ca:fd:8f:1b: 6f:47:00:29:45:8d:60:ee:28:18:fd:d7:fb:7f:64: ef:7e:1a:0a:cf:8c:34:ba:5b:61:b5:06:1f:0b:0d: e3:bc:71:9b:9c:a1:a8:2c:7b:f9:40:62:42:f9:7a: bb:ef:ee:7b:87:00:71:3b:9d:88:82:03:e1:31:35: 45:68:19:50:53:82:cf:b2:98:1d:7d:9b:ea:4e:fd: e0:a5:fc:fc:e8:78:8f:1e:bc:32:20:2e:38:36:d5: 9b:80:27:94:10:10:57:d4:8f:1e:eb:a2:1e:a4:4e: 25:cf:74:bb:2f:a0:63:d9:e0:46:f0:ea:a8:3f:0f: a6:15:6a:18:76:b1:18:10:34:b2:12:65:9a:8e:24: 55:5c:e4:42:15:ac:20:09:ac:fd:4c:d9:e4:ae:f9: cf:6d:24:a6:9e:58:90:f9:7c:bf:53:a1:79:36:b5: b6:5f:4d:61:ac:0b:4e:c0:02:8d:ed:02:71:78:51: 30:c9:c9:fe:b6:8c:43:03:1e:8c:21:e5:3a:c1:50: 8e:02:c4:07:e4:5a:c2:d7:3e:c3:0d:16:fd:ef:36: d7:b2:a6:7c:43:3b:d4:c0:9e:5d:4e:17:63:ec:3a: b3:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA X509v3 Authority Key Identifier: keyid:37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:5d:33:1a:55:03:ab:ad:c6:4c:68:64:9f:58:ae:94:5c:92: fc:89:eb:90:12:eb:b7:76:07:f7:e6:74:c3:1a:c9:2f:8c:ac: e0:f0:4f:b6:c2:ea:7c:52:b6:80:06:cf:6c:fb:3f:9d:41:7b: e4:5f:16:29:b0:33:99:cf:b0:54:5a:ec:97:e8:3e:a2:db:eb: f9:23:33:1c:ac:28:de:59:8e:b5:c8:8c:95:86:f2:86:39:34: 90:ba:cc:40:55:e5:5f:1d:ef:7d:ef:ea:8e:8a:c5:01:5e:01: 58:89:82:82:dd:8d:31:0d:9a:a2:0d:e5:f5:2b:07:88:d3:e4: 68:8b:46:a2:df:d9:d1:30:68:93:c8:15:8e:42:5c:20:3c:a7: 7e:f7:aa:5b:98:64:08:44:c4:8f:f9:46:6e:f5:1b:6b:a3:80: 32:01:3b:0d:55:96:0c:5b:aa:25:f0:5c:18:69:d0:a9:b5:81: 17:c9:ff:5a:9e:f8:91:c9:53:0f:f4:45:2b:6a:b7:fa:fb:a1: 0e:0c:5c:d0:35:b5:ca:29:ba:16:93:c7:85:e6:05:f0:91:11: 48:59:76:cd:1b:4b:aa:86:c9:51:b1:85:54:db:f9:d5:62:49: 3f:b7:28:59:ed:01:c8:79:fb:65:5f:fa:a8:3e:6d:58:d9:54: ed:01:53:d3 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcx NEY4MTJENEE5MEUyNzI3RUMwMDZGNUU0Q0VFOTA4OTM0QUY3ODAeFw0yNTEyMjEx NjM4NDdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ0NzI3QkQxNTQwREY5 QjZDNEZDQzE3NEM0MEEwMDIyODAzMDJCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4kDtslbMZuTx/ORXx/bWaDboKg88LqTJKyv2PG29HAClFjWDu KBj91/t/ZO9+GgrPjDS6W2G1Bh8LDeO8cZucoagse/lAYkL5ervv7nuHAHE7nYiC A+ExNUVoGVBTgs+ymB19m+pO/eCl/PzoeI8evDIgLjg21ZuAJ5QQEFfUjx7roh6k TiXPdLsvoGPZ4Ebw6qg/D6YVahh2sRgQNLISZZqOJFVc5EIVrCAJrP1M2eSu+c9t JKaeWJD5fL9ToXk2tbZfTWGsC07AAo3tAnF4UTDJyf62jEMDHowh5TrBUI4CxAfk WsLXPsMNFv3vNteypnxDO9TAnl1OF2PsOrNNAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU1HJ70VQN+bbE/MF0xAoAIoAwK9owHwYDVR0jBBgwFoAUNxT4EtSpDicn7ABv XkzukIk0r3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz MC9OeFQ0RXRTcERpY243QUJ2WGt6dWtJazByM2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL054VDRFdFNwRGljbjdBQnZYa3p1a0lrMHIzZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMzAvTnhUNEV0U3BEaWNu N0FCdlhrenVrSWswcjNnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHpdMxpVA6utxkxoZJ9YrpRckvyJ65AS67d2B/fmdMMayS+MrODwT7bC6nxS toAGz2z7P51Be+RfFimwM5nPsFRa7JfoPqLb6/kjMxysKN5ZjrXIjJWG8oY5NJC6 zEBV5V8d733v6o6KxQFeAViJgoLdjTENmqIN5fUrB4jT5GiLRqLf2dEwaJPIFY5C XCA8p373qluYZAhExI/5Rm71G2ujgDIBOw1VlgxbqiXwXBhp0Km1gRfJ/1qe+JHJ Uw/0RStqt/r7oQ4MXNA1tcopuhaTx4XmBfCREUhZds0bS6qGyVGxhVTb+dViST+3 KFntAch5+2Vf+qg+bVjZVO0BU9M= -----END CERTIFICATE-----Generated at Sun Dec 21 18:37:12 2025 by rpki-client