This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft File: U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft (raw, json) Hash identifier: tzOpuzIg3MuUibOG6V+Y+f99XQ+fM21dMvGxmB12xNM= Subject key identifier: CE:C9:8C:09:0F:7F:37:2A:F4:5C:A1:35:F2:A5:1E:E1:C4:CF:F0:FC Authority key identifier: 53:8F:C7:59:FA:EC:F9:8E:D7:51:0C:8F:2E:6D:E9:A7:18:F8:DC:CE Certificate issuer: /CN=538FC759FAECF98ED7510C8F2E6DE9A718F8DCCE Certificate serial: 0DE3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/U4_HWfrs-Y7XUQyPLm3ppxj43M4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft Manifest number: 0DDE Signing time: Sun 21 Dec 2025 06:40:29 +0000 Manifest this update: Sun 21 Dec 2025 06:40:29 +0000 Manifest next update: Sun 21 Dec 2025 12:40:29 +0000 Files and hashes: 1: 77rolmzgqpD3vSet3IqqHzcFfMI.roa (hash: hUirENN2S2JXM3+nfYllYmKwMR8y8p+HGuQlmVafNEI=) 2: U4_HWfrs-Y7XUQyPLm3ppxj43M4.crl (hash: c4O4iO1J9QjjZuZuy+D9RvDiXy+fmT3cAjP2mgns9EI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/U4_HWfrs-Y7XUQyPLm3ppxj43M4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 12:40:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3555 (0xde3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=538FC759FAECF98ED7510C8F2E6DE9A718F8DCCE Validity Not Before: Dec 21 06:40:29 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=CEC98C090F7F372AF45CA135F2A51EE1C4CFF0FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:33:6c:9a:1c:63:6f:9d:13:40:1d:6f:ee:53: 9d:a4:4c:9a:b9:e4:f4:97:0c:d4:41:88:4b:be:b4: 71:86:ea:cb:70:2b:03:18:3e:87:7c:7c:2e:8e:c8: d4:02:58:18:b8:ce:a2:1a:e3:04:15:85:7d:13:f7: eb:4b:3c:87:7c:35:ae:f7:fb:66:3d:d2:c2:dc:22: 4b:3b:73:33:41:4c:0f:be:65:f1:04:e1:64:c6:00: 29:e0:69:d1:7b:b9:ce:3d:de:f1:4f:57:d5:2e:21: 1d:e1:ca:88:f2:ff:ed:7c:05:c5:d2:ba:56:8d:6c: a4:6b:4c:16:71:b3:d7:8e:65:7e:17:01:99:a2:dc: 67:21:4c:96:5f:66:f8:84:54:3d:86:e5:77:bb:2e: 1c:7c:ca:3e:d5:1d:d0:d1:a0:bf:7c:d9:4e:2a:0d: f4:35:ca:c5:41:a5:ea:73:fd:1d:5d:11:b4:cd:3a: 52:94:b5:a3:dd:cd:6f:7c:73:b4:1d:23:2a:f5:d2: 3a:8d:57:97:6a:19:c2:62:8f:69:44:9f:3c:80:e5: 2a:0a:b3:47:9f:be:9d:29:fe:c7:f0:cc:b2:c0:8b: 86:fd:e2:5b:22:d1:4c:0f:2b:6b:d5:bc:be:bc:5e: 45:f0:22:32:13:e7:42:f4:8b:af:2c:05:25:60:29: e6:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:C9:8C:09:0F:7F:37:2A:F4:5C:A1:35:F2:A5:1E:E1:C4:CF:F0:FC X509v3 Authority Key Identifier: keyid:53:8F:C7:59:FA:EC:F9:8E:D7:51:0C:8F:2E:6D:E9:A7:18:F8:DC:CE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/U4_HWfrs-Y7XUQyPLm3ppxj43M4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:01:03:34:34:20:7b:72:4d:89:60:ba:3f:61:63:1f:65:6d: 8a:be:d6:a9:6c:ea:4a:ca:32:de:97:de:f5:c0:b9:cb:25:c6: 34:2a:21:6f:2a:89:cb:c7:c4:f5:bc:e6:a7:49:ae:ef:ff:84: 82:95:c3:07:cf:fa:32:13:fe:7e:27:b6:9a:d7:a1:ce:8e:6b: b0:eb:b1:2d:22:6e:7a:1c:8f:39:4b:20:01:96:83:31:68:f5: 4a:c5:3d:58:b4:41:1e:ce:2d:52:32:51:14:00:e7:3d:c9:5d: 51:47:eb:00:b5:1a:3c:f1:4c:e0:b9:81:a0:e2:ef:0f:f5:bf: f7:d0:f1:91:2b:36:01:08:33:87:d4:15:a1:d0:1d:7d:72:10: e2:d7:cb:c7:7f:f4:7c:72:c7:fa:79:b0:2d:30:a2:86:0d:f7: e3:af:64:66:9e:bf:b6:70:66:65:c8:5a:f3:f7:01:07:54:97: 06:12:25:16:ab:60:bb:21:fd:fa:49:d1:4e:92:85:bf:99:a9: 2a:35:19:e7:48:dd:2c:c3:3f:67:f4:43:57:ef:4f:2a:13:4a: b8:00:5a:92:31:d4:8f:fe:d9:5d:e7:f2:9b:42:7a:a1:6a:d6: a4:f1:94:3f:69:fd:b4:10:b5:3b:5a:d9:bc:f7:86:6f:75:d6: 59:74:51:86 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTM4 RkM3NTlGQUVDRjk4RUQ3NTEwQzhGMkU2REU5QTcxOEY4RENDRTAeFw0yNTEyMjEw NjQwMjlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKENFQzk4QzA5MEY3RjM3 MkFGNDVDQTEzNUYyQTUxRUUxQzRDRkYwRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9M2yaHGNvnRNAHW/uU52kTJq55PSXDNRBiEu+tHGG6stwKwMY Pod8fC6OyNQCWBi4zqIa4wQVhX0T9+tLPId8Na73+2Y90sLcIks7czNBTA++ZfEE 4WTGACngadF7uc493vFPV9UuIR3hyojy/+18BcXSulaNbKRrTBZxs9eOZX4XAZmi 3GchTJZfZviEVD2G5Xe7Lhx8yj7VHdDRoL982U4qDfQ1ysVBpepz/R1dEbTNOlKU taPdzW98c7QdIyr10jqNV5dqGcJij2lEnzyA5SoKs0efvp0p/sfwzLLAi4b94lsi 0UwPK2vVvL68XkXwIjIT50L0i68sBSVgKeb5AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUzsmMCQ9/Nyr0XKE18qUe4cTP8PwwHwYDVR0jBBgwFoAUU4/HWfrs+Y7XUQyP Lm3ppxj43M4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 Mi9VNF9IV2Zycy1ZN1hVUXlQTG0zcHB4ajQzTTQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1U0X0hXZnJzLVk3WFVReVBMbTNwcHhqNDNNNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTIvVTRfSFdmcnMtWTdY VVF5UExtM3BweGo0M000Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAgBAzQ0IHtyTYlguj9hYx9lbYq+1qls6krKMt6X3vXAucslxjQqIW8qicvH xPW85qdJru//hIKVwwfP+jIT/n4ntprXoc6Oa7DrsS0ibnocjzlLIAGWgzFo9UrF PVi0QR7OLVIyURQA5z3JXVFH6wC1GjzxTOC5gaDi7w/1v/fQ8ZErNgEIM4fUFaHQ HX1yEOLXy8d/9Hxyx/p5sC0wooYN9+OvZGaev7ZwZmXIWvP3AQdUlwYSJRarYLsh /fpJ0U6Shb+ZqSo1GedI3SzDP2f0Q1fvTyoTSrgAWpIx1I/+2V3n8ptCeqFq1qTx lD9p/bQQtTta2bz3hm911ll0UYY= -----END CERTIFICATE-----Generated at Sun Dec 21 11:30:46 2025 by rpki-client