This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft File: 43TDfhgAlB4aNVhdEMhLffz80nA.mft (raw, json) Hash identifier: xAY/xhsDoI764ZI/dMSLOC/VxLQPV9GaDXAUwGZ2lF8= Subject key identifier: 11:52:0E:60:37:D0:A6:11:A8:27:11:98:00:48:10:55:01:88:24:E6 Authority key identifier: E3:74:C3:7E:18:00:94:1E:1A:35:58:5D:10:C8:4B:7D:FC:FC:D2:70 Certificate issuer: /CN=E374C37E1800941E1A35585D10C84B7DFCFCD270 Certificate serial: 0B3F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/43TDfhgAlB4aNVhdEMhLffz80nA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft Manifest number: 0B3F Signing time: Sun 21 Dec 2025 06:41:41 +0000 Manifest this update: Sun 21 Dec 2025 06:41:41 +0000 Manifest next update: Sun 21 Dec 2025 12:41:41 +0000 Files and hashes: 1: 43TDfhgAlB4aNVhdEMhLffz80nA.crl (hash: oen8/Vd9Rc9uZ6957sLAroVMIgPxIu8FWUJ7R7oJn5Y=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/43TDfhgAlB4aNVhdEMhLffz80nA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 10:39:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2879 (0xb3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E374C37E1800941E1A35585D10C84B7DFCFCD270 Validity Not Before: Dec 21 06:41:41 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=11520E6037D0A611A827119800481055018824E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:b0:3c:14:d4:b4:c9:b8:5b:fc:8f:0f:f1:7e: b7:3a:11:64:67:35:74:a7:b6:fa:2b:74:ad:96:63: 76:be:a2:ec:3a:10:f5:d4:d3:45:3d:6a:96:76:5d: 61:c6:3e:91:97:c9:5f:83:fa:ab:c0:ce:04:b6:f4: 4a:53:2a:72:12:28:13:c0:58:49:7e:82:7c:80:20: 22:6b:04:4e:ac:f6:31:cc:1b:e9:eb:0c:8a:65:b0: 60:1e:dd:f5:0f:a0:61:e0:9e:98:c8:1f:11:9b:2c: 62:18:5e:e4:4e:47:cc:53:a9:21:5e:b5:22:5d:a2: 84:29:fe:76:ae:f9:e2:de:a1:0f:5d:c5:09:0b:7f: 54:18:3b:c5:34:77:58:20:70:2f:61:43:0c:cd:e2: bd:fb:c1:dc:9b:15:d4:06:15:af:bc:43:03:80:60: 87:e8:4b:aa:9c:c2:b9:e6:fb:26:0b:57:5e:c5:82: 03:bf:88:6f:dc:a9:77:f0:46:98:d3:ec:ed:d6:f2: 3c:38:4e:02:52:28:7e:23:71:79:f9:09:60:e9:70: 8f:c8:a4:96:81:9d:22:c3:5d:37:a1:b5:6c:42:53: 71:c8:0b:14:ba:1e:34:cf:60:8d:33:5e:38:77:ea: e3:06:a5:a8:1f:36:19:61:89:e3:b1:de:3b:ec:54: e2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:52:0E:60:37:D0:A6:11:A8:27:11:98:00:48:10:55:01:88:24:E6 X509v3 Authority Key Identifier: keyid:E3:74:C3:7E:18:00:94:1E:1A:35:58:5D:10:C8:4B:7D:FC:FC:D2:70 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/43TDfhgAlB4aNVhdEMhLffz80nA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:68:4d:d7:5d:fc:b3:6c:3a:40:4e:2c:de:9d:1a:15:26:32: 4b:36:03:ae:7b:b4:4f:16:4f:15:33:39:6c:7c:ac:a9:98:78: 8d:0b:6a:f5:3e:3d:2d:cc:0d:32:2a:77:ec:ef:82:bd:e6:7a: 8d:bd:2d:b1:07:7f:fb:3e:cc:7e:31:71:7a:ac:0b:82:9f:7f: a0:02:05:73:c4:ae:98:16:ec:e9:d0:de:38:b3:27:54:c6:51: b8:9b:8c:d4:52:3a:5e:f2:ca:e2:6f:fa:90:84:37:45:22:f0: da:68:1b:fb:e1:c3:7c:60:cf:f0:90:da:85:25:e2:0d:69:c2: 9d:f0:b6:e6:cd:a3:11:32:7f:99:e6:7f:bc:8e:46:49:e0:15: 57:65:25:aa:87:45:02:78:2b:97:70:25:d9:fc:33:c0:b5:4d: cb:b4:1b:0a:37:4f:bf:42:32:b0:fa:a2:6f:55:8b:75:ce:52: 6e:9d:8e:d4:d6:67:8a:fa:b1:b9:2f:ab:3b:6c:52:6c:cb:a7: 4e:44:70:8c:0a:63:5f:49:7f:c9:61:c3:9c:7f:57:92:be:e6: a0:85:8d:7d:76:c3:67:de:51:49:bb:fd:fb:d1:fd:b6:dc:3a: 59:ee:7f:c3:a8:51:48:b3:2c:8c:c0:f5:92:1c:a2:b6:8a:6b: 83:0e:15:fb -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTM3 NEMzN0UxODAwOTQxRTFBMzU1ODVEMTBDODRCN0RGQ0ZDRDI3MDAeFw0yNTEyMjEw NjQxNDFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDExNTIwRTYwMzdEMEE2 MTFBODI3MTE5ODAwNDgxMDU1MDE4ODI0RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCesDwU1LTJuFv8jw/xfrc6EWRnNXSntvordK2WY3a+ouw6EPXU 00U9apZ2XWHGPpGXyV+D+qvAzgS29EpTKnISKBPAWEl+gnyAICJrBE6s9jHMG+nr DIplsGAe3fUPoGHgnpjIHxGbLGIYXuROR8xTqSFetSJdooQp/nau+eLeoQ9dxQkL f1QYO8U0d1ggcC9hQwzN4r37wdybFdQGFa+8QwOAYIfoS6qcwrnm+yYLV17FggO/ iG/cqXfwRpjT7O3W8jw4TgJSKH4jcXn5CWDpcI/IpJaBnSLDXTehtWxCU3HICxS6 HjTPYI0zXjh36uMGpagfNhlhieOx3jvsVOLzAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUEVIOYDfQphGoJxGYAEgQVQGIJOYwHwYDVR0jBBgwFoAU43TDfhgAlB4aNVhd EMhLffz80nAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 My80M1REZmhnQWxCNGFOVmhkRU1oTGZmejgwbkEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzQzVERmaGdBbEI0YU5WaGRFTWhMZmZ6ODBuQS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODMvNDNURGZoZ0FsQjRh TlZoZEVNaExmZno4MG5BLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAG5oTddd/LNsOkBOLN6dGhUmMks2A657tE8WTxUzOWx8rKmYeI0LavU+PS3M DTIqd+zvgr3meo29LbEHf/s+zH4xcXqsC4Kff6ACBXPErpgW7OnQ3jizJ1TGUbib jNRSOl7yyuJv+pCEN0Ui8NpoG/vhw3xgz/CQ2oUl4g1pwp3wtubNoxEyf5nmf7yO RkngFVdlJaqHRQJ4K5dwJdn8M8C1Tcu0Gwo3T79CMrD6om9Vi3XOUm6djtTWZ4r6 sbkvqztsUmzLp05EcIwKY19Jf8lhw5x/V5K+5qCFjX12w2feUUm7/fvR/bbcOlnu f8OoUUizLIzA9ZIcoraKa4MOFfs= -----END CERTIFICATE-----Generated at Sun Dec 21 08:20:01 2025 by rpki-client