This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft File: TKnrtNTELADG1a1ccPtrRXZYMXc.mft (raw, json) Hash identifier: /E0SUKcuRpqw8Hwn40Fs8wP8JcvZnRe/5Mes0FsCk58= Subject key identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 Authority key identifier: 4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 Certificate issuer: /CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Certificate serial: 0429 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft Manifest number: 0425 Signing time: Sun 21 Dec 2025 11:40:54 +0000 Manifest this update: Sun 21 Dec 2025 11:40:54 +0000 Manifest next update: Sun 21 Dec 2025 17:40:54 +0000 Files and hashes: 1: TKnrtNTELADG1a1ccPtrRXZYMXc.crl (hash: ERQILK4qjTdf9Jx2VYzdsAIewYDQy87PwrZZc2bU4Ig=) 2: g_rwJqn620T5ukN94yTzIjH-qVo.roa (hash: 96Avw8eFjSbQ575II11/refxqKik+Cak4C6VORPkNEs=) 3: vRMEkXhgMgYExHesqADIPCrhlMY.roa (hash: Qi9qPsWUwvCaipSHqdP/turP9n7D7ImvplBkZhPm8Ms=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 17:40:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1065 (0x429) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Validity Not Before: Dec 21 11:40:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=ADD23BB7E03D1C252CA7A0EDD28753CBC17D8662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3c:7c:2a:59:0b:f4:f7:2c:ae:6f:07:1c:0a: ec:1a:4f:06:d5:0b:eb:2f:f0:a3:4d:9c:9e:a9:d4: ba:04:ba:01:35:0d:73:ff:81:12:ad:6d:0e:a8:0e: 73:2e:15:25:a1:54:eb:18:25:de:b1:25:6c:de:be: b0:b3:7c:7d:b4:46:d3:04:f9:6a:b0:6e:b7:3d:87: a6:6c:e7:49:d4:59:5a:77:f5:4b:96:8a:3e:31:da: 1a:15:dc:be:14:a6:74:74:a6:a0:83:0d:f4:a3:1b: db:2f:eb:55:c5:0f:84:b6:bf:de:96:a8:4d:c4:46: ca:35:3b:18:89:b4:9f:74:3b:23:20:fa:9c:61:0f: a4:58:5b:61:57:4d:88:ba:59:5e:b2:18:ad:96:eb: 10:15:b7:2b:a5:6a:3d:21:e2:70:19:ea:58:29:db: 00:fd:a1:4e:cc:27:5a:05:a9:91:38:ec:d7:f7:41: a2:f9:df:c0:d7:b4:dc:50:1a:b5:fb:cd:9c:a3:e9: c0:a3:89:17:dc:ff:1e:cd:f3:c6:a7:9d:0f:f5:c9: 66:fc:a9:99:b5:5a:88:26:7f:2e:b0:43:a1:0e:84: 80:a4:68:c2:b5:42:07:ca:14:b8:ee:49:b3:48:22: 36:59:b9:ae:40:25:6a:1f:44:34:91:af:30:68:64: ae:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 X509v3 Authority Key Identifier: keyid:4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:6c:54:9f:47:9b:d9:ce:73:a3:dd:1c:b1:73:89:43:9a:11: f5:09:be:7a:0e:14:e3:55:51:78:9f:f6:66:6f:95:d6:86:6b: 9b:38:85:f6:ab:32:90:9e:57:f7:be:28:f2:b5:c7:44:8c:a1: 53:ab:6f:85:05:cd:5f:d3:e1:3b:87:9c:be:ec:92:ec:17:1d: 6c:1c:a0:92:73:a1:84:ab:91:82:c9:a6:8d:ce:8d:f4:2d:c5: fa:5c:d0:82:97:13:29:cc:12:9f:4a:d9:49:0d:27:d4:dc:70: 64:19:09:a6:e4:10:48:be:47:81:65:1c:d4:0f:25:d8:e3:27: 71:b6:16:29:0a:aa:a5:2e:ee:03:57:01:b2:d7:3a:5e:98:0f: 72:5c:61:58:58:33:42:76:44:6b:1d:a0:b3:82:68:72:13:5f: aa:ee:e0:f0:eb:90:1f:01:af:7a:a8:72:34:ea:cb:44:97:55: ab:d8:60:85:d4:63:29:10:03:f9:37:e5:f3:73:44:7d:e3:92: 6d:6e:45:ae:ec:ea:ac:5b:77:19:39:8d:b6:45:2c:86:5f:28: 16:02:68:80:9a:b9:5f:39:b8:12:bc:5a:8b:9e:93:f0:f9:79: d6:cd:83:61:f0:38:4b:b7:25:e3:8a:fd:09:b6:6c:32:85:67: 4f:b1:a8:f4 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENB OUVCQjRENEM0MkMwMEM2RDVBRDVDNzBGQjZCNDU3NjU4MzE3NzAeFw0yNTEyMjEx MTQwNTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFERDIzQkI3RTAzRDFD MjUyQ0E3QTBFREQyODc1M0NCQzE3RDg2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJPHwqWQv09yyubwccCuwaTwbVC+sv8KNNnJ6p1LoEugE1DXP/ gRKtbQ6oDnMuFSWhVOsYJd6xJWzevrCzfH20RtME+Wqwbrc9h6Zs50nUWVp39UuW ij4x2hoV3L4UpnR0pqCDDfSjG9sv61XFD4S2v96WqE3ERso1OxiJtJ90OyMg+pxh D6RYW2FXTYi6WV6yGK2W6xAVtyulaj0h4nAZ6lgp2wD9oU7MJ1oFqZE47Nf3QaL5 38DXtNxQGrX7zZyj6cCjiRfc/x7N88annQ/1yWb8qZm1Wogmfy6wQ6EOhICkaMK1 QgfKFLjuSbNIIjZZua5AJWofRDSRrzBoZK7TAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUrdI7t+A9HCUsp6Dt0odTy8F9hmIwHwYDVR0jBBgwFoAUTKnrtNTELADG1a1c cPtrRXZYMXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9US25ydE5URUxBREcxYTFjY1B0clJYWllNWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RLbnJ0TlRFTEFERzFhMWNjUHRyUlhaWU1YYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvVEtucnROVEVMQURH MWExY2NQdHJSWFpZTVhjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABlsVJ9Hm9nOc6PdHLFziUOaEfUJvnoOFONVUXif9mZvldaGa5s4hfarMpCe V/e+KPK1x0SMoVOrb4UFzV/T4TuHnL7skuwXHWwcoJJzoYSrkYLJpo3OjfQtxfpc 0IKXEynMEp9K2UkNJ9TccGQZCabkEEi+R4FlHNQPJdjjJ3G2FikKqqUu7gNXAbLX Ol6YD3JcYVhYM0J2RGsdoLOCaHITX6ru4PDrkB8Br3qocjTqy0SXVavYYIXUYykQ A/k35fNzRH3jkm1uRa7s6qxbdxk5jbZFLIZfKBYCaICauV85uBK8Wouek/D5edbN g2HwOEu3JeOK/Qm2bDKFZ0+xqPQ= -----END CERTIFICATE-----Generated at Sun Dec 21 14:40:37 2025 by rpki-client