This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft File: kXok3C9fwHVc6sn-HMXExV183fo.mft (raw, json) Hash identifier: dT7uFFEVpKDrAVTYLsZMNmIhK6LB7ZVOTi+uJ2YGJFA= Subject key identifier: 35:6B:69:02:74:63:F8:A7:68:3B:39:60:AD:61:9D:11:CA:B7:44:44 Authority key identifier: 91:7A:24:DC:2F:5F:C0:75:5C:EA:C9:FE:1C:C5:C4:C5:5D:7C:DD:FA Certificate issuer: /CN=917A24DC2F5FC0755CEAC9FE1CC5C4C55D7CDDFA Certificate serial: 0B42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft Manifest number: 0B42 Signing time: Sun 21 Dec 2025 06:40:55 +0000 Manifest this update: Sun 21 Dec 2025 06:40:55 +0000 Manifest next update: Sun 21 Dec 2025 12:40:55 +0000 Files and hashes: 1: kXok3C9fwHVc6sn-HMXExV183fo.crl (hash: LjnREIvkXfd/URZNuQYjHY0+zpL6HDPUk8iQ2jczxs4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 10:39:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2882 (0xb42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=917A24DC2F5FC0755CEAC9FE1CC5C4C55D7CDDFA Validity Not Before: Dec 21 06:40:55 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=356B69027463F8A7683B3960AD619D11CAB74444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:4e:45:4c:b3:46:df:85:b4:aa:ff:bd:44:49: ae:dc:9f:f2:13:71:46:0e:08:9b:42:64:81:38:a0: 3c:6c:13:19:02:51:5c:45:34:75:ca:8a:74:b0:f5: ec:f9:8b:a6:7f:dd:78:c5:93:3d:5b:31:2c:d1:98: 22:f0:6e:7d:e6:42:15:97:11:7e:b3:da:11:e4:20: c1:6e:64:fb:7a:05:49:2e:6a:20:56:05:a5:60:fd: bd:ab:0d:d4:e2:9b:97:e7:f9:25:ea:f0:d5:18:3c: 5e:2e:e7:ed:f3:f8:ac:f2:0d:90:40:dc:31:12:a2: e6:de:a0:e7:3b:55:1e:92:4d:17:37:df:53:18:21: 13:15:87:ab:bd:8d:c7:24:0a:f0:23:ee:c4:ea:03: 55:8a:6d:16:c3:13:86:61:e1:43:08:2f:8b:70:ff: 72:63:c7:a8:68:f4:a4:6f:09:7c:91:b6:9a:0a:b3: b7:68:29:45:96:5d:17:8f:84:9f:19:05:78:d4:76: 0a:d8:9f:50:c9:5e:88:fc:e4:89:95:c1:33:b8:ec: 41:bf:55:53:b3:93:ce:b4:7b:b1:19:af:fa:d3:e7: 91:07:67:26:35:ce:74:70:27:ff:47:59:61:79:7e: b6:8e:fb:c8:a1:9e:7d:5e:84:75:cd:cb:20:d5:98: 30:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:6B:69:02:74:63:F8:A7:68:3B:39:60:AD:61:9D:11:CA:B7:44:44 X509v3 Authority Key Identifier: keyid:91:7A:24:DC:2F:5F:C0:75:5C:EA:C9:FE:1C:C5:C4:C5:5D:7C:DD:FA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:b8:17:d5:61:b0:4b:7a:df:89:f0:68:d1:ae:3e:1f:6e:76: 75:e3:4b:f4:16:d0:95:e3:86:6a:21:4e:2e:bf:59:52:bc:a3: 55:7d:6a:7d:18:da:a7:75:b3:d2:7a:ac:6b:4d:3e:4d:21:8b: fa:dd:4e:86:62:3c:08:7d:05:0c:e5:30:a8:cc:02:77:56:49: 15:1f:99:c4:47:b4:61:7f:36:f0:92:51:da:21:46:e0:0a:ba: 21:f8:cf:1e:f1:ec:66:0c:69:61:20:7a:ea:04:0f:61:61:d2: 18:2c:fc:d7:42:19:55:54:04:bf:84:9e:9c:22:da:67:25:c8: ba:ee:80:4b:b8:d8:0d:d7:8c:c9:9a:55:36:9d:c8:32:54:5b: e0:a0:56:65:a2:b1:bc:ca:2e:3e:e9:c2:20:b5:79:43:f0:81: 12:4b:7a:c8:dc:1d:69:47:95:5f:cd:29:e2:59:db:ec:f1:21: 10:f3:33:e5:1f:d9:14:ba:72:31:16:ed:87:9b:f3:76:de:95: 5e:b8:6c:6e:dc:bf:fa:ad:d2:b3:0a:e1:e2:02:0c:29:e0:d5: 8f:7b:69:0a:8d:86:a4:31:5a:8b:c4:09:2f:c9:0c:f1:62:ab: b1:3c:49:a8:d4:d1:1a:43:1c:e8:0b:e7:15:56:fe:35:30:99: 52:64:11:2a -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICC0IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTE3 QTI0REMyRjVGQzA3NTVDRUFDOUZFMUNDNUM0QzU1RDdDRERGQTAeFw0yNTEyMjEw NjQwNTVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM1NkI2OTAyNzQ2M0Y4 QTc2ODNCMzk2MEFENjE5RDExQ0FCNzQ0NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrTkVMs0bfhbSq/71ESa7cn/ITcUYOCJtCZIE4oDxsExkCUVxF NHXKinSw9ez5i6Z/3XjFkz1bMSzRmCLwbn3mQhWXEX6z2hHkIMFuZPt6BUkuaiBW BaVg/b2rDdTim5fn+SXq8NUYPF4u5+3z+KzyDZBA3DESoubeoOc7VR6STRc331MY IRMVh6u9jcckCvAj7sTqA1WKbRbDE4Zh4UMIL4tw/3Jjx6ho9KRvCXyRtpoKs7do KUWWXRePhJ8ZBXjUdgrYn1DJXoj85ImVwTO47EG/VVOzk860e7EZr/rT55EHZyY1 znRwJ/9HWWF5fraO+8ihnn1ehHXNyyDVmDADAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUNWtpAnRj+KdoOzlgrWGdEcq3REQwHwYDVR0jBBgwFoAUkXok3C9fwHVc6sn+ HMXExV183fowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 NC9rWG9rM0M5ZndIVmM2c24tSE1YRXhWMTgzZm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tYb2szQzlmd0hWYzZzbi1ITVhFeFYxODNmby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODQva1hvazNDOWZ3SFZj NnNuLUhNWEV4VjE4M2ZvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGG4F9VhsEt634nwaNGuPh9udnXjS/QW0JXjhmohTi6/WVK8o1V9an0Y2qd1 s9J6rGtNPk0hi/rdToZiPAh9BQzlMKjMAndWSRUfmcRHtGF/NvCSUdohRuAKuiH4 zx7x7GYMaWEgeuoED2Fh0hgs/NdCGVVUBL+Enpwi2mclyLrugEu42A3XjMmaVTad yDJUW+CgVmWisbzKLj7pwiC1eUPwgRJLesjcHWlHlV/NKeJZ2+zxIRDzM+Uf2RS6 cjEW7Yeb83belV64bG7cv/qt0rMK4eICDCng1Y97aQqNhqQxWovECS/JDPFiq7E8 SajU0RpDHOgL5xVW/jUwmVJkESo= -----END CERTIFICATE-----Generated at Sun Dec 21 08:18:27 2025 by rpki-client