This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft File: hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft (raw, json) Hash identifier: 4/TJzSANCoCx9Hn6TFs30i2q59X4/PTpK3NSmd7C6Zo= Subject key identifier: 4D:28:36:42:2D:A4:F1:4F:8E:8A:7E:1D:DA:A1:7B:D2:F2:CF:62:79 Authority key identifier: 85:7F:20:86:98:A2:49:A0:59:60:79:DE:4F:3D:AE:5F:A7:B9:67:54 Certificate issuer: /CN=857F208698A249A0596079DE4F3DAE5FA7B96754 Certificate serial: 0D85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft Manifest number: 0D85 Signing time: Sun 21 Dec 2025 16:40:39 +0000 Manifest this update: Sun 21 Dec 2025 16:40:39 +0000 Manifest next update: Sun 21 Dec 2025 22:40:39 +0000 Files and hashes: 1: hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl (hash: Vzv5qc9uDwf/mx2/6JD9W7jBUq+4jBP6X22+T4+Lrgs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3461 (0xd85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=857F208698A249A0596079DE4F3DAE5FA7B96754 Validity Not Before: Dec 21 16:40:39 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=4D2836422DA4F14F8E8A7E1DDAA17BD2F2CF6279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c1:61:84:f2:15:6d:fb:f5:6d:1c:83:13:14: 46:d6:5f:2d:2e:43:72:41:d8:d1:e4:3a:ce:59:76: 0a:bb:77:95:38:9e:b5:ec:4f:d6:b2:17:78:c6:29: 03:5e:6c:85:17:f3:8b:5f:28:e8:8e:51:c4:f0:24: 56:16:e3:f0:03:d2:e8:f5:da:aa:0e:a7:c6:fa:6c: 1f:66:60:7e:72:9c:6e:44:95:00:10:e6:e0:38:90: c1:f1:47:a3:33:63:bc:d6:85:92:5f:02:7c:e6:8c: 1e:4c:20:54:a3:77:ed:ca:8e:31:e3:8f:1d:62:14: 12:91:24:f2:28:30:a2:e1:70:54:ca:81:f1:3f:07: 4c:1f:e6:18:c0:df:9b:04:d7:61:63:f6:4a:b7:9a: 41:ea:38:f4:4f:65:75:92:26:97:0a:9f:39:4b:b1: 95:98:ce:a0:0a:48:2b:4c:52:26:91:22:1a:45:58: 5e:40:5e:ba:b9:52:80:58:9e:4a:7c:db:1a:dc:85: d0:1e:e9:9a:08:d5:9d:47:48:46:ed:dc:e3:80:d8: 49:67:c5:9f:10:1b:db:6e:18:69:4b:72:06:ee:f1: 1f:8b:1e:2a:c7:60:e5:2b:90:f3:49:eb:f7:43:1e: d3:c1:59:81:1a:51:f6:a6:24:17:3f:1f:33:94:28: 12:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:28:36:42:2D:A4:F1:4F:8E:8A:7E:1D:DA:A1:7B:D2:F2:CF:62:79 X509v3 Authority Key Identifier: keyid:85:7F:20:86:98:A2:49:A0:59:60:79:DE:4F:3D:AE:5F:A7:B9:67:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:ec:76:fa:78:1e:8b:19:32:e4:c5:11:64:01:2c:33:a1:ca: 9a:cb:54:c1:d6:77:01:30:df:55:10:9f:f4:0e:94:cf:ab:11: 9d:c5:cc:6e:a3:c1:e2:eb:87:bc:cc:c2:5c:dd:66:a8:bd:de: d4:ca:c8:44:cd:07:32:79:47:c2:24:e7:03:7d:78:a7:71:23: 57:b6:80:b0:c7:50:ef:82:cb:48:a7:c2:25:b9:65:d7:e1:b4: d5:e9:c4:85:3e:c8:31:f6:02:4f:a7:7c:6f:46:4c:3c:9a:2c: 63:c7:36:31:c0:81:76:dd:3f:83:9f:c9:3a:62:aa:87:d4:e2: 8d:05:df:34:9c:e4:31:74:83:d4:b8:74:ea:10:e9:c3:84:d4: 96:dd:3f:2c:f7:b9:24:89:06:49:f5:36:8e:13:f3:bf:01:f6: c8:bf:4a:f3:ad:b9:da:e8:e6:03:6d:a4:b1:4a:d1:e5:71:1b: d5:7d:57:2b:ac:ef:d7:7a:3f:71:1e:29:b0:0d:d8:be:43:c4: 98:24:5e:d8:8a:70:a9:de:b8:f4:c6:bb:44:f9:19:49:0d:6f: bf:f3:55:6a:c6:67:6a:27:d2:4b:3d:87:cc:cb:53:69:da:7f: 12:67:0c:02:72:34:56:6c:84:13:9c:c6:fa:6d:25:e1:dd:e9: b1:1e:3e:13 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU3 RjIwODY5OEEyNDlBMDU5NjA3OURFNEYzREFFNUZBN0I5Njc1NDAeFw0yNTEyMjEx NjQwMzlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDREMjgzNjQyMkRBNEYx NEY4RThBN0UxRERBQTE3QkQyRjJDRjYyNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6wWGE8hVt+/VtHIMTFEbWXy0uQ3JB2NHkOs5Zdgq7d5U4nrXs T9ayF3jGKQNebIUX84tfKOiOUcTwJFYW4/AD0uj12qoOp8b6bB9mYH5ynG5ElQAQ 5uA4kMHxR6MzY7zWhZJfAnzmjB5MIFSjd+3KjjHjjx1iFBKRJPIoMKLhcFTKgfE/ B0wf5hjA35sE12Fj9kq3mkHqOPRPZXWSJpcKnzlLsZWYzqAKSCtMUiaRIhpFWF5A Xrq5UoBYnkp82xrchdAe6ZoI1Z1HSEbt3OOA2ElnxZ8QG9tuGGlLcgbu8R+LHirH YOUrkPNJ6/dDHtPBWYEaUfamJBc/HzOUKBJ1AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUTSg2Qi2k8U+Oin4d2qF70vLPYnkwHwYDVR0jBBgwFoAUhX8ghpiiSaBZYHne Tz2uX6e5Z1QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OS9oWDhnaHBpaVNhQlpZSG5lVHoydVg2ZTVaMVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2hYOGdocGlpU2FCWllIbmVUejJ1WDZlNVoxUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTkvaFg4Z2hwaWlTYUJa WUhuZVR6MnVYNmU1WjFRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEDsdvp4HosZMuTFEWQBLDOhyprLVMHWdwEw31UQn/QOlM+rEZ3FzG6jweLr h7zMwlzdZqi93tTKyETNBzJ5R8Ik5wN9eKdxI1e2gLDHUO+Cy0inwiW5ZdfhtNXp xIU+yDH2Ak+nfG9GTDyaLGPHNjHAgXbdP4OfyTpiqofU4o0F3zSc5DF0g9S4dOoQ 6cOE1JbdPyz3uSSJBkn1No4T878B9si/SvOtudro5gNtpLFK0eVxG9V9Vyus79d6 P3EeKbAN2L5DxJgkXtiKcKneuPTGu0T5GUkNb7/zVWrGZ2on0ks9h8zLU2nafxJn DAJyNFZshBOcxvptJeHd6bEePhM= -----END CERTIFICATE-----Generated at Sun Dec 21 18:22:52 2025 by rpki-client