This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.mft File: g59Ve5-fL2zdda-0q6iip5bGEOg.mft (raw, json) Hash identifier: yLN+fGroNAXb81ziQBlxSNOQYI+wXkkW0KE7PTxIQ0I= Subject key identifier: 10:86:D9:C2:13:50:68:3F:A9:CF:52:1D:5A:CE:E4:B7:CA:96:5A:0C Authority key identifier: 83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8 Certificate issuer: /CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8 Certificate serial: 1AF8 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.mft Manifest number: 1AEE Signing time: Sun 21 Dec 2025 16:41:11 +0000 Manifest this update: Sun 21 Dec 2025 16:41:11 +0000 Manifest next update: Sun 21 Dec 2025 22:41:11 +0000 Files and hashes: 1: 1Fo2622t1CxTOS46utm9i_gCKOM.roa (hash: pJs24ML5QI0Ul7NQBXviLFJLdUx0dc32wrhKpknC9n8=) 2: 8sM2BhPnO8PPejYybHxyhsAxBcc.roa (hash: /WMKJ8JzBl7rq5jagi2aE247eKQsHeZTEan6TkwFRGE=) 3: g59Ve5-fL2zdda-0q6iip5bGEOg.crl (hash: fScKAbI9ljaxYzqdpT9HSFNlkcs8Kz0eOvSYoVNjZ0Y=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6904 (0x1af8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8 Validity Not Before: Dec 21 16:41:11 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=1086D9C21350683FA9CF521D5ACEE4B7CA965A0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1e:b8:0d:60:0b:8b:8e:21:9c:a5:33:d2:af: 2d:58:22:2e:3e:9c:c4:bc:b0:21:a7:6f:a8:3f:32: 2b:54:2f:a6:0c:73:68:7d:50:d5:1e:6e:4d:7f:3d: b8:23:e3:c9:2a:e7:7e:9d:ec:9f:28:0f:ff:ba:e3: 26:67:0f:68:2d:6d:12:ed:3e:db:f5:71:dd:6a:25: 2a:11:a5:c4:85:18:e8:0a:1e:3b:2b:9b:63:e4:c2: cf:7a:5f:5a:37:93:71:c3:f7:fc:e7:ef:9c:f3:b3: d4:8f:39:04:53:07:cb:61:f3:3b:54:9c:dc:a9:ec: f8:15:fb:13:2f:80:d0:88:c4:f2:4e:d7:37:02:c9: 47:98:15:91:2a:85:12:44:ef:99:7a:0d:e2:e6:7d: 34:4d:9f:b7:59:1b:c8:cd:ee:da:92:76:83:0f:51: 91:e5:a9:a7:46:6e:da:df:2c:13:f0:05:5d:0c:6b: 47:f9:2a:a5:df:9f:b3:a8:3f:7e:e0:c3:c7:4b:36: a4:d5:9d:40:9b:cb:1c:d3:e1:02:39:c3:6b:f7:d8: 9c:a7:ca:d0:35:8a:51:9b:04:91:de:c3:72:c4:91: 6f:c9:cd:6e:06:50:df:c4:a2:30:32:33:97:c4:04: 90:2c:9c:27:de:30:70:8c:3c:04:7f:2a:6b:66:06: d5:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:86:D9:C2:13:50:68:3F:A9:CF:52:1D:5A:CE:E4:B7:CA:96:5A:0C X509v3 Authority Key Identifier: keyid:83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:05:9d:d2:d2:16:37:b4:3e:51:01:c7:b4:30:2a:f4:6a:71: f8:2f:ba:de:55:58:e8:39:7c:fc:ed:e0:dc:91:2f:38:53:e2: 21:fd:f4:92:4a:79:2e:42:78:d2:96:c1:f8:70:2e:c0:28:18: 5c:97:a5:a2:62:19:eb:88:ac:10:d4:14:ec:a8:58:b5:95:73: d8:3f:98:e4:6e:e3:12:b5:ab:0c:76:52:49:cd:34:c1:ae:d4: ff:e9:b1:32:df:03:72:71:24:d3:74:81:ea:2c:73:aa:28:f0: 3c:e1:a3:98:75:40:14:e9:7d:15:fb:c4:f2:06:c3:9f:55:87: 13:76:28:40:b1:68:0e:0b:49:2b:23:c5:2a:46:f0:69:0f:b1: a2:f2:b8:9e:b3:b3:c8:5b:ab:df:71:30:fd:06:7a:d9:c3:c7: aa:3f:bc:ce:be:b0:eb:4b:27:f0:48:db:c8:ed:0d:84:c5:ab: 43:4c:09:0f:47:8d:5e:76:38:6e:d5:dc:bc:f0:71:26:38:86: 37:16:9e:2e:37:45:42:f8:a0:c8:a7:a4:f0:b7:3a:9f:9c:29: ad:3c:86:14:c9:be:a6:da:93:15:53:37:c0:1f:af:d1:2e:05: e2:ec:fa:91:46:dd:a2:db:51:66:22:ef:b8:ba:de:0c:4b:cf: c8:76:f4:72 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICGvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODM5 RjU1N0I5RjlGMkY2Q0RENzVBRkI0QUJBOEEyQTc5NkM2MTBFODAeFw0yNTEyMjEx NjQxMTFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDEwODZEOUMyMTM1MDY4 M0ZBOUNGNTIxRDVBQ0VFNEI3Q0E5NjVBMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAHrgNYAuLjiGcpTPSry1YIi4+nMS8sCGnb6g/MitUL6YMc2h9 UNUebk1/Pbgj48kq536d7J8oD/+64yZnD2gtbRLtPtv1cd1qJSoRpcSFGOgKHjsr m2Pkws96X1o3k3HD9/zn75zzs9SPOQRTB8th8ztUnNyp7PgV+xMvgNCIxPJO1zcC yUeYFZEqhRJE75l6DeLmfTRNn7dZG8jN7tqSdoMPUZHlqadGbtrfLBPwBV0Ma0f5 KqXfn7OoP37gw8dLNqTVnUCbyxzT4QI5w2v32JynytA1ilGbBJHew3LEkW/JzW4G UN/EojAyM5fEBJAsnCfeMHCMPAR/KmtmBtUNAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUEIbZwhNQaD+pz1IdWs7kt8qWWgwwHwYDVR0jBBgwFoAUg59Ve5+fL2zdda+0 q6iip5bGEOgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 NC9nNTlWZTUtZkwyemRkYS0wcTZpaXA1YkdFT2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2c1OVZlNS1mTDJ6ZGRhLTBxNmlpcDViR0VPZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTQvZzU5VmU1LWZMMnpk ZGEtMHE2aWlwNWJHRU9nLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADAFndLSFje0PlEBx7QwKvRqcfgvut5VWOg5fPzt4NyRLzhT4iH99JJKeS5C eNKWwfhwLsAoGFyXpaJiGeuIrBDUFOyoWLWVc9g/mORu4xK1qwx2UknNNMGu1P/p sTLfA3JxJNN0geosc6oo8Dzho5h1QBTpfRX7xPIGw59VhxN2KECxaA4LSSsjxSpG 8GkPsaLyuJ6zs8hbq99xMP0GetnDx6o/vM6+sOtLJ/BI28jtDYTFq0NMCQ9HjV52 OG7V3LzwcSY4hjcWni43RUL4oMinpPC3Op+cKa08hhTJvqbakxVTN8Afr9EuBeLs +pFG3aLbUWYi77i63gxLz8h29HI= -----END CERTIFICATE-----Generated at Sun Dec 21 18:19:40 2025 by rpki-client