This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft File: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft (raw, json) Hash identifier: UCTn/u2GPdDA6vPWGJG9WDyRxSV9Q9sEtb6bIb6xAGE= Subject key identifier: 94:4E:1C:38:AF:E2:E2:30:95:2C:64:88:E7:63:4B:3C:0D:46:DA:AE Authority key identifier: 0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E Certificate issuer: /CN=0F28658359C977322171F402332342C31DD7C56E Certificate serial: 0A80 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft Manifest number: 0A80 Signing time: Sun 21 Dec 2025 16:41:43 +0000 Manifest this update: Sun 21 Dec 2025 16:41:43 +0000 Manifest next update: Sun 21 Dec 2025 22:41:43 +0000 Files and hashes: 1: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl (hash: tqIupf0m2gtTRr71PkPmYwDe0JLH1MN9pXKRl7hi2Pw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2688 (0xa80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0F28658359C977322171F402332342C31DD7C56E Validity Not Before: Dec 21 16:41:43 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=944E1C38AFE2E230952C6488E7634B3C0D46DAAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b2:bf:39:ef:ea:19:21:97:bf:5d:97:ce:93: 81:d6:bf:9d:4a:29:d2:34:01:33:c8:a7:bb:48:af: f2:bb:99:a9:7a:70:87:2e:53:bb:e2:64:38:38:ec: 52:08:cf:bd:d5:5e:8d:25:e0:84:7f:a1:07:46:1c: 32:52:cf:d6:e0:b3:ba:d5:f0:18:49:16:0d:ce:5d: e2:ea:f5:b3:6a:28:c8:31:d1:04:b5:cf:2f:05:30: 93:4c:9c:21:98:42:d9:a2:35:08:65:c8:3b:02:20: ba:01:e2:31:80:ee:1c:2d:50:1b:d9:18:e3:cb:42: 7a:ed:40:66:2d:b6:04:f7:06:a4:f2:df:a7:d4:d2: 47:af:a9:8b:72:90:bd:77:b9:92:e0:31:65:01:ad: 57:e8:be:7e:f6:0c:73:d5:39:e7:6b:2f:8a:52:50: 4d:7e:25:ba:da:e8:e4:94:03:8c:15:e0:ed:d8:27: df:cf:40:c0:12:69:ed:58:fe:cc:8f:89:28:96:a9: fd:46:15:0e:bd:40:b0:a8:d5:6e:b6:f4:51:7f:84: 53:f0:ca:fc:1d:7b:6e:09:71:67:bc:b6:b4:ab:3b: cc:42:df:c3:23:1c:53:0e:09:8d:0a:f3:e5:ba:a1: d3:f9:2d:22:6b:6e:27:41:91:44:20:85:96:3c:9d: cf:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:4E:1C:38:AF:E2:E2:30:95:2C:64:88:E7:63:4B:3C:0D:46:DA:AE X509v3 Authority Key Identifier: keyid:0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:c5:54:4c:10:03:5c:3e:8f:02:89:dd:93:78:74:61:51:e6: 53:df:26:f1:7a:b7:a9:d5:91:66:5e:d9:27:39:16:f0:0c:b8: 5a:23:4d:fc:98:43:6c:40:b2:df:48:98:b7:42:42:2a:aa:ad: 58:1b:e7:d3:af:85:53:4a:df:b3:ce:72:39:12:0f:b2:d6:71: 5c:f1:d1:ec:0c:61:a4:77:c6:57:12:ed:3b:15:1f:b7:e5:13: 07:15:bc:9b:dc:e2:f1:86:26:5f:cd:48:98:1b:67:d7:1c:3e: 4d:3c:a9:64:08:1c:30:be:1e:b6:0d:46:00:5f:95:6d:fb:ed: 10:79:96:e8:42:f7:a5:81:9d:19:d6:0e:e7:f4:cd:75:00:91: be:16:78:b1:4c:0a:e5:f0:87:9c:77:d2:8f:3c:5c:40:ad:eb: 3f:42:73:ee:7a:04:7d:59:62:9d:d3:50:fb:8b:b0:d6:d7:11: ed:cd:cf:17:9c:7c:7f:75:b5:70:45:eb:94:f3:eb:35:f3:34: 30:de:39:d7:dc:02:a8:d5:63:a1:0f:cf:60:1f:68:d4:96:6f: e0:a7:ff:d1:0c:b5:1f:cb:d9:49:0b:07:50:25:25:82:eb:9f: 86:11:bd:ef:b3:c7:46:3c:f3:30:85:e5:d3:16:63:ea:ad:fa: 96:34:fc:98 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEYy ODY1ODM1OUM5NzczMjIxNzFGNDAyMzMyMzQyQzMxREQ3QzU2RTAeFw0yNTEyMjEx NjQxNDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDk0NEUxQzM4QUZFMkUy MzA5NTJDNjQ4OEU3NjM0QjNDMEQ0NkRBQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrsr857+oZIZe/XZfOk4HWv51KKdI0ATPIp7tIr/K7mal6cIcu U7viZDg47FIIz73VXo0l4IR/oQdGHDJSz9bgs7rV8BhJFg3OXeLq9bNqKMgx0QS1 zy8FMJNMnCGYQtmiNQhlyDsCILoB4jGA7hwtUBvZGOPLQnrtQGYttgT3BqTy36fU 0kevqYtykL13uZLgMWUBrVfovn72DHPVOedrL4pSUE1+Jbra6OSUA4wV4O3YJ9/P QMASae1Y/syPiSiWqf1GFQ69QLCo1W629FF/hFPwyvwde24JcWe8trSrO8xC38Mj HFMOCY0K8+W6odP5LSJrbidBkUQghZY8nc/ZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlE4cOK/i4jCVLGSI52NLPA1G2q4wHwYDVR0jBBgwFoAUDyhlg1nJdzIhcfQC MyNCwx3XxW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI5 Ni9EeWhsZzFuSmR6SWhjZlFDTXlOQ3d4M1h4VzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0R5aGxnMW5KZHpJaGNmUUNNeU5Dd3gzWHhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyOTYvRHlobGcxbkpkeklo Y2ZRQ015TkN3eDNYeFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBACXFVEwQA1w+jwKJ3ZN4dGFR5lPfJvF6t6nVkWZe2Sc5FvAMuFojTfyYQ2xA st9ImLdCQiqqrVgb59OvhVNK37POcjkSD7LWcVzx0ewMYaR3xlcS7TsVH7flEwcV vJvc4vGGJl/NSJgbZ9ccPk08qWQIHDC+HrYNRgBflW377RB5luhC96WBnRnWDuf0 zXUAkb4WeLFMCuXwh5x30o88XECt6z9Cc+56BH1ZYp3TUPuLsNbXEe3NzxecfH91 tXBF65Tz6zXzNDDeOdfcAqjVY6EPz2AfaNSWb+Cn/9EMtR/L2UkLB1AlJYLrn4YR ve+zx0Y88zCF5dMWY+qt+pY0/Jg= -----END CERTIFICATE-----Generated at Sun Dec 21 18:24:06 2025 by rpki-client