This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft
File: TKnrtNTELADG1a1ccPtrRXZYMXc.mft (raw, json)
Hash identifier: f5zP4o9v/Vy3lbHnBZ0CIaCekucVerFsYrOQM2yFwv8=
Subject key identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62
Authority key identifier: 4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77
Certificate issuer: /CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177
Certificate serial: 0428
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft
Manifest number: 0424
Signing time: Sun 21 Dec 2025 06:40:54 +0000
Manifest this update: Sun 21 Dec 2025 06:40:54 +0000
Manifest next update: Sun 21 Dec 2025 12:40:54 +0000
Files and hashes: 1: TKnrtNTELADG1a1ccPtrRXZYMXc.crl (hash: vPHD9T8lBvmq0E62Ozpf5DGDTyuYUpBa1rd1yDsIvn8=)
2: g_rwJqn620T5ukN94yTzIjH-qVo.roa (hash: 96Avw8eFjSbQ575II11/refxqKik+Cak4C6VORPkNEs=)
3: vRMEkXhgMgYExHesqADIPCrhlMY.roa (hash: Qi9qPsWUwvCaipSHqdP/turP9n7D7ImvplBkZhPm8Ms=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1064 (0x428)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177
Validity
Not Before: Dec 21 06:40:54 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=ADD23BB7E03D1C252CA7A0EDD28753CBC17D8662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3c:7c:2a:59:0b:f4:f7:2c:ae:6f:07:1c:0a:
ec:1a:4f:06:d5:0b:eb:2f:f0:a3:4d:9c:9e:a9:d4:
ba:04:ba:01:35:0d:73:ff:81:12:ad:6d:0e:a8:0e:
73:2e:15:25:a1:54:eb:18:25:de:b1:25:6c:de:be:
b0:b3:7c:7d:b4:46:d3:04:f9:6a:b0:6e:b7:3d:87:
a6:6c:e7:49:d4:59:5a:77:f5:4b:96:8a:3e:31:da:
1a:15:dc:be:14:a6:74:74:a6:a0:83:0d:f4:a3:1b:
db:2f:eb:55:c5:0f:84:b6:bf:de:96:a8:4d:c4:46:
ca:35:3b:18:89:b4:9f:74:3b:23:20:fa:9c:61:0f:
a4:58:5b:61:57:4d:88:ba:59:5e:b2:18:ad:96:eb:
10:15:b7:2b:a5:6a:3d:21:e2:70:19:ea:58:29:db:
00:fd:a1:4e:cc:27:5a:05:a9:91:38:ec:d7:f7:41:
a2:f9:df:c0:d7:b4:dc:50:1a:b5:fb:cd:9c:a3:e9:
c0:a3:89:17:dc:ff:1e:cd:f3:c6:a7:9d:0f:f5:c9:
66:fc:a9:99:b5:5a:88:26:7f:2e:b0:43:a1:0e:84:
80:a4:68:c2:b5:42:07:ca:14:b8:ee:49:b3:48:22:
36:59:b9:ae:40:25:6a:1f:44:34:91:af:30:68:64:
ae:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62
X509v3 Authority Key Identifier:
keyid:4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
ae:30:e3:59:04:31:ab:7b:a8:45:4e:e1:6e:61:20:3f:02:ce:
3e:36:76:b8:e9:fe:7d:5a:99:11:74:bd:e4:8f:a9:d5:98:93:
c3:d2:86:94:53:64:4e:c7:9e:17:df:32:7a:9d:4e:11:0c:91:
31:32:18:16:c7:15:4c:8d:5f:49:7d:29:59:34:62:db:cb:28:
32:28:c4:e6:43:5c:c8:45:d6:38:a1:13:16:05:bf:36:c6:05:
db:0c:cf:05:d4:de:d5:bc:8d:6e:10:f9:e4:d6:61:bc:fb:ad:
f0:9a:2e:05:10:1e:e6:83:79:44:3b:29:b3:95:80:cc:f1:1a:
f7:0f:ad:ec:90:36:22:5b:17:e3:c9:ff:2a:cd:e6:53:23:7c:
0d:8c:ae:4d:57:61:0c:fb:b2:0c:8e:39:3d:99:15:c3:e7:5b:
bd:b5:d0:20:77:93:7e:6c:3e:2e:13:96:02:10:1c:68:c1:13:
ee:78:ce:b2:0f:a7:aa:bb:9b:ae:e2:5b:76:61:ff:d8:fd:ab:
34:17:91:d6:48:33:fb:b6:c0:50:cd:d9:5a:0c:81:e2:51:47:
a0:13:75:8b:e4:83:ca:29:46:0e:a8:6a:6b:d6:d9:21:4c:95:
65:9b:ca:3c:b7:02:02:af:29:9b:e9:7f:41:92:87:e4:26:9a:
a5:68:a1:9e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBCgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENB
OUVCQjRENEM0MkMwMEM2RDVBRDVDNzBGQjZCNDU3NjU4MzE3NzAeFw0yNTEyMjEw
NjQwNTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFERDIzQkI3RTAzRDFD
MjUyQ0E3QTBFREQyODc1M0NCQzE3RDg2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJPHwqWQv09yyubwccCuwaTwbVC+sv8KNNnJ6p1LoEugE1DXP/
gRKtbQ6oDnMuFSWhVOsYJd6xJWzevrCzfH20RtME+Wqwbrc9h6Zs50nUWVp39UuW
ij4x2hoV3L4UpnR0pqCDDfSjG9sv61XFD4S2v96WqE3ERso1OxiJtJ90OyMg+pxh
D6RYW2FXTYi6WV6yGK2W6xAVtyulaj0h4nAZ6lgp2wD9oU7MJ1oFqZE47Nf3QaL5
38DXtNxQGrX7zZyj6cCjiRfc/x7N88annQ/1yWb8qZm1Wogmfy6wQ6EOhICkaMK1
QgfKFLjuSbNIIjZZua5AJWofRDSRrzBoZK7TAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUrdI7t+A9HCUsp6Dt0odTy8F9hmIwHwYDVR0jBBgwFoAUTKnrtNTELADG1a1c
cPtrRXZYMXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4
Mi9US25ydE5URUxBREcxYTFjY1B0clJYWllNWGMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RLbnJ0TlRFTEFERzFhMWNjUHRyUlhaWU1YYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvVEtucnROVEVMQURH
MWExY2NQdHJSWFpZTVhjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAK4w41kEMat7qEVO4W5hID8Czj42drjp/n1amRF0veSPqdWYk8PShpRTZE7H
nhffMnqdThEMkTEyGBbHFUyNX0l9KVk0YtvLKDIoxOZDXMhF1jihExYFvzbGBdsM
zwXU3tW8jW4Q+eTWYbz7rfCaLgUQHuaDeUQ7KbOVgMzxGvcPreyQNiJbF+PJ/yrN
5lMjfA2Mrk1XYQz7sgyOOT2ZFcPnW7210CB3k35sPi4TlgIQHGjBE+54zrIPp6q7
m67iW3Zh/9j9qzQXkdZIM/u2wFDN2VoMgeJRR6ATdYvkg8opRg6oamvW2SFMlWWb
yjy3AgKvKZvpf0GSh+QmmqVooZ4=
-----END CERTIFICATE-----
Generated at Sun Dec 21 13:07:24 2025 by rpki-client