This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft File: w9r9_4KPO0NdEnBkqVb13VOivD0.mft (raw, json) Hash identifier: OSB9lIZ3u2WP/+jxfe6eFx6xHEh/Tt/AdbeBXbt76wg= Subject key identifier: 8E:E5:CB:2E:27:FF:AB:48:4C:FE:D0:A5:64:8D:26:9B:37:D2:0E:E5 Authority key identifier: C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D Certificate issuer: /CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Certificate serial: 023C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft Manifest number: 023A Signing time: Sun 21 Dec 2025 16:41:45 +0000 Manifest this update: Sun 21 Dec 2025 16:41:45 +0000 Manifest next update: Sun 21 Dec 2025 22:41:45 +0000 Files and hashes: 1: 8voVhgIMSHYOly56t_xyMcphEAk.roa (hash: Zve3JGBpr96I7P2FGoZun6H4kwIc0NADRMp0+IZbH2M=) 2: B4VakvjmikOE0cZukdRqw0KrCTI.roa (hash: L9vozjtlPeTyphy2by0sIiAgYomNTYPFBsvoKjJcz0g=) 3: w9r9_4KPO0NdEnBkqVb13VOivD0.crl (hash: 85Dy6QTm7dqITAtD1025UX4TH53nmlIqL3YfUXNkA8w=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 572 (0x23c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Validity Not Before: Dec 21 16:41:45 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=8EE5CB2E27FFAB484CFED0A5648D269B37D20EE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:22:97:b6:c6:2b:4c:24:f8:65:35:f0:e4:bf: 30:4d:00:3c:3e:de:58:b5:62:13:ee:18:4a:ca:d7: b4:4c:b8:93:4d:e3:c2:84:bb:f6:fa:bf:1b:5c:d2: 97:a0:4f:1c:8b:82:69:5c:ab:02:78:63:b0:d5:2e: 1d:42:eb:cc:bd:51:23:67:43:32:7f:e4:c9:24:64: 35:24:cf:dd:ae:d2:a9:60:07:4b:01:9d:3d:d8:da: 4e:ca:ca:c3:32:96:8d:c9:6a:9d:de:f8:0d:f4:87: f4:46:94:6f:b1:d6:fc:5e:a6:f5:d8:88:b6:6a:67: 28:f0:78:83:c3:f4:f3:6b:df:c9:6e:53:c5:0b:25: cc:bd:55:d0:35:b7:b8:2a:86:4e:38:c6:04:61:ca: a8:e6:e5:e4:02:95:2d:4b:57:f9:d8:db:1f:b8:bd: 40:20:38:9d:90:fd:e8:ac:8b:c1:0d:33:2a:98:db: ae:ca:91:30:1d:55:3a:4b:4d:4d:6e:23:be:0b:9a: df:0f:8c:13:63:03:14:9b:89:06:41:5a:f9:3b:b8: a5:6d:0c:4e:3b:dd:c2:8f:c0:11:17:cb:66:fe:46: d3:0d:72:29:64:d8:ca:b9:7d:c2:cc:b2:ad:0b:1a: e8:79:f0:4e:5b:34:bf:20:63:7f:53:0e:65:86:a2: 23:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E5:CB:2E:27:FF:AB:48:4C:FE:D0:A5:64:8D:26:9B:37:D2:0E:E5 X509v3 Authority Key Identifier: keyid:C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:a4:56:36:75:f9:a5:fb:cd:53:e3:77:e8:08:0c:c9:68:c0: 0f:e9:36:8e:63:9c:d9:ff:b8:9c:04:6e:dd:da:51:b6:f7:5f: 42:8f:69:ed:6b:5a:ff:48:6b:bd:57:4e:63:24:cc:2b:bd:68: eb:86:1c:b4:8b:6b:2e:c6:ae:e3:af:27:b2:ed:71:e2:63:4e: b1:ad:6e:a2:c1:72:b9:f4:b4:87:b1:d4:76:72:b9:59:02:cf: c5:9a:e5:c5:90:27:00:7b:1f:a4:6b:ca:20:50:37:9e:c1:02: cb:1c:bb:60:b7:e7:ee:8b:6c:1e:d4:6f:38:ab:9c:5d:64:0e: ba:64:f9:4d:5b:1e:2d:eb:a6:ce:37:e6:e1:cb:0f:2d:f4:48: 0d:1f:72:47:c1:41:21:06:f6:9c:87:5d:31:56:ee:c0:2b:8e: 05:2a:e9:f1:0c:cb:74:26:ce:4a:e6:21:fd:1b:a8:0e:5e:18: 6c:5c:f6:b5:2f:40:3d:9e:84:85:57:96:ce:fd:c0:7f:0d:29: e4:a1:03:07:b5:a6:24:88:c7:d0:16:11:1a:b7:37:78:b2:8a: 76:95:58:c5:46:3f:4f:bc:7a:9a:a6:de:f3:d3:f6:ed:27:80: 1d:c0:05:36:27:3b:c1:d7:78:58:a5:b4:99:bc:bb:db:9a:ce: c6:3f:e9:fe -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzNE QUZERkY4MjhGM0I0MzVEMTI3MDY0QTk1NkY1REQ1M0EyQkMzRDAeFw0yNTEyMjEx NjQxNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDhFRTVDQjJFMjdGRkFC NDg0Q0ZFRDBBNTY0OEQyNjlCMzdEMjBFRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbIpe2xitMJPhlNfDkvzBNADw+3li1YhPuGErK17RMuJNN48KE u/b6vxtc0pegTxyLgmlcqwJ4Y7DVLh1C68y9USNnQzJ/5MkkZDUkz92u0qlgB0sB nT3Y2k7KysMylo3Jap3e+A30h/RGlG+x1vxepvXYiLZqZyjweIPD9PNr38luU8UL Jcy9VdA1t7gqhk44xgRhyqjm5eQClS1LV/nY2x+4vUAgOJ2Q/eisi8ENMyqY267K kTAdVTpLTU1uI74Lmt8PjBNjAxSbiQZBWvk7uKVtDE473cKPwBEXy2b+RtMNcilk 2Mq5fcLMsq0LGuh58E5bNL8gY39TDmWGoiPtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUjuXLLif/q0hM/tClZI0mmzfSDuUwHwYDVR0jBBgwFoAUw9r9/4KPO0NdEnBk qVb13VOivD0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy NS93OXI5XzRLUE8wTmRFbkJrcVZiMTNWT2l2RDAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3c5cjlfNEtQTzBOZEVuQmtxVmIxM1ZPaXZEMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjUvdzlyOV80S1BPME5k RW5Ca3FWYjEzVk9pdkQwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAGkVjZ1+aX7zVPjd+gIDMlowA/pNo5jnNn/uJwEbt3aUbb3X0KPae1rWv9I a71XTmMkzCu9aOuGHLSLay7GruOvJ7LtceJjTrGtbqLBcrn0tIex1HZyuVkCz8Wa 5cWQJwB7H6RryiBQN57BAsscu2C35+6LbB7UbzirnF1kDrpk+U1bHi3rps435uHL Dy30SA0fckfBQSEG9pyHXTFW7sArjgUq6fEMy3QmzkrmIf0bqA5eGGxc9rUvQD2e hIVXls79wH8NKeShAwe1piSIx9AWERq3N3iyinaVWMVGP0+8epqm3vPT9u0ngB3A BTYnO8HXeFiltJm8u9uazsY/6f4= -----END CERTIFICATE-----Generated at Sun Dec 21 18:19:38 2025 by rpki-client