This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json) Hash identifier: j8ePKl2dlmV+WEce+joy4CnOhBkxuSda9K2SWvXBfCw= Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 0A9F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft Manifest number: 0A89 Signing time: Sun 21 Dec 2025 16:38:27 +0000 Manifest this update: Sun 21 Dec 2025 16:38:27 +0000 Manifest next update: Sun 21 Dec 2025 22:38:27 +0000 Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=) 2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: j3KfVZOAW3g6VHDRu/LztIE6D1t1Y3EBottRZvgnAM8=) 3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=) 4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=) 5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=) 6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=) 7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:38:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2719 (0xa9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Dec 21 16:38:27 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8: 6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61: 71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be: 1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9: 3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76: a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd: fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0: d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b: 2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7: b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15: f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b: 67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52: b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68: 1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f: 92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea: d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59: f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4: 16:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:a7:ae:be:6c:b2:fc:9a:bd:18:9a:5d:09:0e:86:d8:1b:98: 81:3c:71:84:17:3b:93:6b:18:24:a5:0a:02:da:0c:a9:b7:42: 4a:66:e6:f8:e3:cb:92:2b:31:00:c3:ef:09:77:b3:b4:9a:b5: 26:78:c6:19:63:9d:05:b8:6b:38:27:13:6e:08:93:33:1c:75: 13:8a:c7:b0:40:2a:80:01:a9:bf:4a:c7:82:03:55:27:e3:04: 4d:8b:39:b9:3b:34:c6:ae:1d:2a:4c:0b:e7:99:bb:3a:a9:c4: 53:b8:61:e8:87:2a:e2:dd:3c:cc:73:57:8d:d7:1d:52:61:c8: 3f:69:63:a0:b9:5d:63:98:cb:81:dc:e0:4a:bc:49:83:f0:79: 0d:07:ea:6b:49:f7:3f:56:41:ab:a4:cc:ae:86:c4:cb:ff:cb: 92:3e:58:bc:53:15:7b:3c:fa:f3:04:22:1b:a6:05:a3:ee:23: ac:39:04:48:9b:bc:2a:32:2a:85:63:93:71:0b:9c:c2:d2:e4: f1:70:8e:5a:1b:fb:6d:d3:c5:07:b5:8a:e7:57:a6:09:de:41: 2e:2e:af:8d:f3:7d:e5:24:97:1c:ee:e6:e4:26:73:ed:bc:6d: 14:6d:c5:8c:24:5e:b8:f4:e7:81:11:50:ce:5e:28:0c:e2:b4: e5:b6:db:98 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTEyMjEx NjM4MjdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD 97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE 8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6 b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAKKnrr5ssvyavRiaXQkOhtgbmIE8cYQXO5NrGCSlCgLaDKm3Qkpm5vjjy5Ir MQDD7wl3s7SatSZ4xhljnQW4azgnE24IkzMcdROKx7BAKoABqb9Kx4IDVSfjBE2L Obk7NMauHSpMC+eZuzqpxFO4YeiHKuLdPMxzV43XHVJhyD9pY6C5XWOYy4Hc4Eq8 SYPweQ0H6mtJ9z9WQaukzK6GxMv/y5I+WLxTFXs8+vMEIhumBaPuI6w5BEibvCoy KoVjk3ELnMLS5PFwjlob+23TxQe1iudXpgneQS4ur43zfeUklxzu5uQmc+28bRRt xYwkXrj054ERUM5eKAzitOW225g= -----END CERTIFICATE-----Generated at Sun Dec 21 18:36:08 2025 by rpki-client