This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft File: TKnrtNTELADG1a1ccPtrRXZYMXc.mft (raw, json) Hash identifier: f5zP4o9v/Vy3lbHnBZ0CIaCekucVerFsYrOQM2yFwv8= Subject key identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 Authority key identifier: 4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 Certificate issuer: /CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Certificate serial: 0428 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft Manifest number: 0424 Signing time: Sun 21 Dec 2025 06:40:54 +0000 Manifest this update: Sun 21 Dec 2025 06:40:54 +0000 Manifest next update: Sun 21 Dec 2025 12:40:54 +0000 Files and hashes: 1: TKnrtNTELADG1a1ccPtrRXZYMXc.crl (hash: vPHD9T8lBvmq0E62Ozpf5DGDTyuYUpBa1rd1yDsIvn8=) 2: g_rwJqn620T5ukN94yTzIjH-qVo.roa (hash: 96Avw8eFjSbQ575II11/refxqKik+Cak4C6VORPkNEs=) 3: vRMEkXhgMgYExHesqADIPCrhlMY.roa (hash: Qi9qPsWUwvCaipSHqdP/turP9n7D7ImvplBkZhPm8Ms=) Validation: Failed, unable to get local issuer certificate Certificate: Data: Version: 3 (0x2) Serial Number: 1064 (0x428) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Validity Not Before: Dec 21 06:40:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=ADD23BB7E03D1C252CA7A0EDD28753CBC17D8662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3c:7c:2a:59:0b:f4:f7:2c:ae:6f:07:1c:0a: ec:1a:4f:06:d5:0b:eb:2f:f0:a3:4d:9c:9e:a9:d4: ba:04:ba:01:35:0d:73:ff:81:12:ad:6d:0e:a8:0e: 73:2e:15:25:a1:54:eb:18:25:de:b1:25:6c:de:be: b0:b3:7c:7d:b4:46:d3:04:f9:6a:b0:6e:b7:3d:87: a6:6c:e7:49:d4:59:5a:77:f5:4b:96:8a:3e:31:da: 1a:15:dc:be:14:a6:74:74:a6:a0:83:0d:f4:a3:1b: db:2f:eb:55:c5:0f:84:b6:bf:de:96:a8:4d:c4:46: ca:35:3b:18:89:b4:9f:74:3b:23:20:fa:9c:61:0f: a4:58:5b:61:57:4d:88:ba:59:5e:b2:18:ad:96:eb: 10:15:b7:2b:a5:6a:3d:21:e2:70:19:ea:58:29:db: 00:fd:a1:4e:cc:27:5a:05:a9:91:38:ec:d7:f7:41: a2:f9:df:c0:d7:b4:dc:50:1a:b5:fb:cd:9c:a3:e9: c0:a3:89:17:dc:ff:1e:cd:f3:c6:a7:9d:0f:f5:c9: 66:fc:a9:99:b5:5a:88:26:7f:2e:b0:43:a1:0e:84: 80:a4:68:c2:b5:42:07:ca:14:b8:ee:49:b3:48:22: 36:59:b9:ae:40:25:6a:1f:44:34:91:af:30:68:64: ae:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 X509v3 Authority Key Identifier: keyid:4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:30:e3:59:04:31:ab:7b:a8:45:4e:e1:6e:61:20:3f:02:ce: 3e:36:76:b8:e9:fe:7d:5a:99:11:74:bd:e4:8f:a9:d5:98:93: c3:d2:86:94:53:64:4e:c7:9e:17:df:32:7a:9d:4e:11:0c:91: 31:32:18:16:c7:15:4c:8d:5f:49:7d:29:59:34:62:db:cb:28: 32:28:c4:e6:43:5c:c8:45:d6:38:a1:13:16:05:bf:36:c6:05: db:0c:cf:05:d4:de:d5:bc:8d:6e:10:f9:e4:d6:61:bc:fb:ad: f0:9a:2e:05:10:1e:e6:83:79:44:3b:29:b3:95:80:cc:f1:1a: f7:0f:ad:ec:90:36:22:5b:17:e3:c9:ff:2a:cd:e6:53:23:7c: 0d:8c:ae:4d:57:61:0c:fb:b2:0c:8e:39:3d:99:15:c3:e7:5b: bd:b5:d0:20:77:93:7e:6c:3e:2e:13:96:02:10:1c:68:c1:13: ee:78:ce:b2:0f:a7:aa:bb:9b:ae:e2:5b:76:61:ff:d8:fd:ab: 34:17:91:d6:48:33:fb:b6:c0:50:cd:d9:5a:0c:81:e2:51:47: a0:13:75:8b:e4:83:ca:29:46:0e:a8:6a:6b:d6:d9:21:4c:95: 65:9b:ca:3c:b7:02:02:af:29:9b:e9:7f:41:92:87:e4:26:9a: a5:68:a1:9e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBCgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENB OUVCQjRENEM0MkMwMEM2RDVBRDVDNzBGQjZCNDU3NjU4MzE3NzAeFw0yNTEyMjEw NjQwNTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFERDIzQkI3RTAzRDFD MjUyQ0E3QTBFREQyODc1M0NCQzE3RDg2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJPHwqWQv09yyubwccCuwaTwbVC+sv8KNNnJ6p1LoEugE1DXP/ gRKtbQ6oDnMuFSWhVOsYJd6xJWzevrCzfH20RtME+Wqwbrc9h6Zs50nUWVp39UuW ij4x2hoV3L4UpnR0pqCDDfSjG9sv61XFD4S2v96WqE3ERso1OxiJtJ90OyMg+pxh D6RYW2FXTYi6WV6yGK2W6xAVtyulaj0h4nAZ6lgp2wD9oU7MJ1oFqZE47Nf3QaL5 38DXtNxQGrX7zZyj6cCjiRfc/x7N88annQ/1yWb8qZm1Wogmfy6wQ6EOhICkaMK1 QgfKFLjuSbNIIjZZua5AJWofRDSRrzBoZK7TAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUrdI7t+A9HCUsp6Dt0odTy8F9hmIwHwYDVR0jBBgwFoAUTKnrtNTELADG1a1c cPtrRXZYMXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9US25ydE5URUxBREcxYTFjY1B0clJYWllNWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RLbnJ0TlRFTEFERzFhMWNjUHRyUlhaWU1YYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvVEtucnROVEVMQURH MWExY2NQdHJSWFpZTVhjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAK4w41kEMat7qEVO4W5hID8Czj42drjp/n1amRF0veSPqdWYk8PShpRTZE7H nhffMnqdThEMkTEyGBbHFUyNX0l9KVk0YtvLKDIoxOZDXMhF1jihExYFvzbGBdsM zwXU3tW8jW4Q+eTWYbz7rfCaLgUQHuaDeUQ7KbOVgMzxGvcPreyQNiJbF+PJ/yrN 5lMjfA2Mrk1XYQz7sgyOOT2ZFcPnW7210CB3k35sPi4TlgIQHGjBE+54zrIPp6q7 m67iW3Zh/9j9qzQXkdZIM/u2wFDN2VoMgeJRR6ATdYvkg8opRg6oamvW2SFMlWWb yjy3AgKvKZvpf0GSh+QmmqVooZ4= -----END CERTIFICATE-----Generated at Sun Dec 21 13:07:24 2025 by rpki-client