This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft File: KiJnreDthkvp9oLDpe2qFRu6hmQ.mft (raw, json) Hash identifier: RTFV1fupYk8EXVnRdBBAKDCQ6zWiItiBBDN0JgJZsLU= Subject key identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 Authority key identifier: 2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 Certificate issuer: /CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Certificate serial: 0CA2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft Manifest number: 0CA2 Signing time: Sun 21 Dec 2025 16:42:00 +0000 Manifest this update: Sun 21 Dec 2025 16:42:00 +0000 Manifest next update: Sun 21 Dec 2025 22:42:00 +0000 Files and hashes: 1: KiJnreDthkvp9oLDpe2qFRu6hmQ.crl (hash: 1OvNrX7PFjNrx1MxdzvQhVVKJA3X8+7W2a68BslZ8u4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3234 (0xca2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Validity Not Before: Dec 21 16:42:00 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9DB8B31D70A09D50141479712B74C829C7596189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fe:f4:b4:fc:14:06:23:af:c2:7f:14:0d:38: 0c:fa:8f:a1:9f:f8:90:2d:50:98:3c:36:e2:7a:9e: 07:98:0c:ec:e3:4b:b0:7c:f6:62:11:04:69:1b:2b: 39:07:4d:56:32:8f:78:5c:53:35:eb:b1:24:d1:cd: 74:3f:1c:33:ec:0e:b5:1c:f2:ea:24:02:65:29:54: 9a:20:01:8e:25:a7:90:a0:1d:dc:6c:9c:b5:71:fd: af:cf:07:dd:0e:5d:13:d1:7b:cd:5d:f0:d5:aa:67: 82:8e:db:33:c0:b2:99:6a:93:53:e4:da:7e:2c:a5: 5b:05:94:38:51:fc:96:7c:2b:6f:c9:3a:9e:95:05: ef:90:9d:13:de:47:31:13:cf:dc:dd:bb:02:a1:f4: 6a:93:a8:67:3b:da:05:ba:6b:e5:b7:09:54:c8:10: 04:80:59:11:39:be:fb:d9:51:cf:d5:b4:bb:1e:3a: f4:8d:ba:02:7b:9d:a9:93:6e:8d:ed:a9:f3:dc:97: ef:ac:17:ad:e0:17:be:22:24:b8:0a:60:e7:8c:f9: e0:ab:58:cf:be:b3:fd:c8:b7:04:8b:df:3b:26:bf: 7e:79:78:e0:fd:f6:e0:fb:79:ee:88:52:dc:aa:23: 1c:53:f2:83:a0:a9:7b:ca:10:00:1a:5b:72:e9:09: 13:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 X509v3 Authority Key Identifier: keyid:2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:d9:47:25:c8:8a:17:3a:c8:9c:d9:79:47:eb:1a:01:8b:df: 23:bc:57:8d:4a:eb:de:3c:e8:e1:56:be:68:84:8c:91:0e:3e: 4f:a2:10:44:e8:a2:32:b6:6a:aa:78:36:40:56:b1:5c:28:3f: 4c:54:55:5b:fd:b9:43:a9:67:e2:2f:49:5a:60:fc:92:1c:db: 9c:b3:9e:62:35:e1:9e:18:ab:49:d2:2c:8a:54:04:1a:04:72: 01:62:9d:f5:73:0c:4a:08:cb:e7:54:79:71:36:c5:02:de:5d: 45:50:68:be:38:2d:a2:89:26:55:16:5a:09:32:b7:11:45:3d: 34:7d:65:e4:34:43:72:04:a9:a9:89:0b:9e:81:fa:8e:b2:ac: d4:37:f0:f2:17:3a:c6:f2:67:e5:59:35:ae:fc:34:ed:66:18: 4f:b9:3f:b8:ba:6b:42:9b:0e:bd:8b:28:65:db:7d:e4:c7:85: cb:16:77:b5:12:f1:11:69:fd:7c:6e:83:f8:49:43:c4:52:13: 2d:c2:4c:89:de:ad:dc:d9:2b:dd:d9:cf:c0:81:f0:83:77:2c: 6e:47:62:69:28:67:dd:51:23:bd:be:cd:1a:ce:65:df:2c:98: 39:52:00:9a:65:b9:18:3a:21:05:21:87:a2:28:f2:d8:e7:01: bf:9b:a3:96 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkEy MjY3QURFMEVEODY0QkU5RjY4MkMzQTVFREFBMTUxQkJBODY2NDAeFw0yNTEyMjEx NjQyMDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDlEQjhCMzFENzBBMDlE NTAxNDE0Nzk3MTJCNzRDODI5Qzc1OTYxODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDr/vS0/BQGI6/CfxQNOAz6j6Gf+JAtUJg8NuJ6ngeYDOzjS7B8 9mIRBGkbKzkHTVYyj3hcUzXrsSTRzXQ/HDPsDrUc8uokAmUpVJogAY4lp5CgHdxs nLVx/a/PB90OXRPRe81d8NWqZ4KO2zPAsplqk1Pk2n4spVsFlDhR/JZ8K2/JOp6V Be+QnRPeRzETz9zduwKh9GqTqGc72gW6a+W3CVTIEASAWRE5vvvZUc/VtLseOvSN ugJ7namTbo3tqfPcl++sF63gF74iJLgKYOeM+eCrWM++s/3ItwSL3zsmv355eOD9 9uD7ee6IUtyqIxxT8oOgqXvKEAAaW3LpCRMVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUnbizHXCgnVAUFHlxK3TIKcdZYYkwHwYDVR0jBBgwFoAUKiJnreDthkvp9oLD pe2qFRu6hmQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 OS9LaUpucmVEdGhrdnA5b0xEcGUycUZSdTZobVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tpSm5yZUR0aGt2cDlvTERwZTJxRlJ1NmhtUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjkvS2lKbnJlRHRoa3Zw OW9MRHBlMnFGUnU2aG1RLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGDZRyXIihc6yJzZeUfrGgGL3yO8V41K69486OFWvmiEjJEOPk+iEEToojK2 aqp4NkBWsVwoP0xUVVv9uUOpZ+IvSVpg/JIc25yznmI14Z4Yq0nSLIpUBBoEcgFi nfVzDEoIy+dUeXE2xQLeXUVQaL44LaKJJlUWWgkytxFFPTR9ZeQ0Q3IEqamJC56B +o6yrNQ38PIXOsbyZ+VZNa78NO1mGE+5P7i6a0KbDr2LKGXbfeTHhcsWd7US8RFp /Xxug/hJQ8RSEy3CTInerdzZK93Zz8CB8IN3LG5HYmkoZ91RI72+zRrOZd8smDlS AJpluRg6IQUhh6Io8tjnAb+bo5Y= -----END CERTIFICATE-----Generated at Sun Dec 21 18:37:36 2025 by rpki-client