This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft File: 2GueAukE5bR2WU2yt5eONcp8HW4.mft (raw, json) Hash identifier: UAZtIXdgEF1we+JPyp7BulZirdCM4xlzpEtSHbDZvMk= Subject key identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF Authority key identifier: D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E Certificate issuer: /CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Certificate serial: 06CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft Manifest number: 06CA Signing time: Sun 21 Dec 2025 16:42:37 +0000 Manifest this update: Sun 21 Dec 2025 16:42:37 +0000 Manifest next update: Sun 21 Dec 2025 22:42:37 +0000 Files and hashes: 1: 2GueAukE5bR2WU2yt5eONcp8HW4.crl (hash: NAhXecrwjUw0gmxoodUanob5tp8ndY5UN9oFqD+j4Yk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1738 (0x6ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Validity Not Before: Dec 21 16:42:37 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=6361ACF5C706117405735DA1DBC145841FE7E8CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6d:e1:1e:1c:50:f8:51:6d:8b:dd:6b:57:64: 02:42:4e:11:f9:95:bd:ef:6b:7c:45:0b:94:45:98: 60:af:b4:58:f3:95:57:ec:e9:f3:ef:7f:be:ec:65: 09:bb:56:07:6b:63:d2:22:37:c8:7b:26:fc:6a:56: f2:14:58:79:6d:9a:7b:0a:32:a7:bb:e9:f9:d9:3d: 99:2c:c4:b5:5e:98:3b:8b:0d:42:9e:dd:2b:6e:ed: 1a:25:c8:6b:60:d4:dc:4a:9d:31:54:c8:a4:cf:e5: ba:a0:2c:59:d8:a8:fc:9c:f4:a6:62:61:cf:a1:0e: ab:d6:04:30:a4:6d:a5:68:1e:71:d2:69:1e:59:ec: 2e:28:43:1a:4a:63:af:b8:8d:52:3e:17:4c:30:13: 08:98:a7:0e:83:e9:8f:e5:b7:07:33:d9:d1:e3:93: 43:31:e1:96:6d:00:ba:7d:94:b7:58:48:30:ec:f3: 3b:7c:b1:9a:bf:d9:c3:ea:b2:3f:54:ba:c0:7c:12: 7b:2a:64:6e:fc:6c:17:9c:21:82:4a:1a:84:47:a7: fc:35:c5:77:df:81:e9:32:09:3d:c9:19:fd:9a:a2: 88:f3:b6:19:1b:4e:36:87:59:7f:f3:6a:ab:b4:62: 99:0c:ff:7a:6b:fc:bc:b9:06:81:c7:b1:35:fa:54: eb:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF X509v3 Authority Key Identifier: keyid:D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:56:ec:d1:a3:58:98:96:d3:e0:69:7f:50:f8:6c:af:cc:8a: 0f:26:a6:2e:71:00:29:00:88:4a:6a:79:67:d8:de:67:25:07: e0:58:ec:34:40:bc:9f:d1:7d:db:d0:cb:a1:38:77:82:b0:57: ea:54:ed:62:44:22:8e:92:ac:3c:a1:5c:c3:62:ce:97:02:3a: b5:d2:7c:3a:32:57:e0:74:d5:62:fc:37:9d:e7:91:cb:08:49: 98:7f:d8:fb:d3:16:2e:49:cf:90:ad:9c:1c:f9:ac:37:9b:98: 5d:06:92:f9:d9:02:a0:58:f0:70:99:79:6e:f6:77:69:66:f8: f6:e4:e2:3f:76:c1:a3:20:8d:c2:6b:1b:a2:7f:68:47:9a:da: dd:8f:bb:7f:45:17:1c:44:b8:d6:dd:06:40:a7:e2:a8:77:3c: dd:6c:94:a8:28:c4:5e:5a:91:f4:ba:e3:05:25:2e:bc:2b:be: 8a:54:d0:52:12:f1:24:8e:4a:04:e7:c6:f5:22:88:8c:06:d9: c2:45:53:42:e9:8a:3d:15:e8:5b:46:dc:72:21:bb:5a:05:27: 6c:f3:95:25:c5:9c:91:cb:2c:c4:24:3e:6e:ce:99:d5:f5:55: 02:9b:24:9f:ae:da:f1:4b:9e:88:af:78:1a:a2:8c:8d:ae:45: 20:45:e1:f4 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDg2 QjlFMDJFOTA0RTVCNDc2NTk0REIyQjc5NzhFMzVDQTdDMUQ2RTAeFw0yNTEyMjEx NjQyMzdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDYzNjFBQ0Y1QzcwNjEx NzQwNTczNURBMURCQzE0NTg0MUZFN0U4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjbeEeHFD4UW2L3WtXZAJCThH5lb3va3xFC5RFmGCvtFjzlVfs 6fPvf77sZQm7VgdrY9IiN8h7JvxqVvIUWHltmnsKMqe76fnZPZksxLVemDuLDUKe 3Stu7RolyGtg1NxKnTFUyKTP5bqgLFnYqPyc9KZiYc+hDqvWBDCkbaVoHnHSaR5Z 7C4oQxpKY6+4jVI+F0wwEwiYpw6D6Y/ltwcz2dHjk0Mx4ZZtALp9lLdYSDDs8zt8 sZq/2cPqsj9UusB8EnsqZG78bBecIYJKGoRHp/w1xXffgekyCT3JGf2aoojzthkb TjaHWX/zaqu0YpkM/3pr/Ly5BoHHsTX6VOsvAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUY2Gs9ccGEXQFc12h28FFhB/n6M8wHwYDVR0jBBgwFoAU2GueAukE5bR2WU2y t5eONcp8HW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 Ni8yR3VlQXVrRTViUjJXVTJ5dDVlT05jcDhIVzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzJHdWVBdWtFNWJSMldVMnl0NWVPTmNwOEhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDYvMkd1ZUF1a0U1YlIy V1UyeXQ1ZU9OY3A4SFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAF1W7NGjWJiW0+Bpf1D4bK/Mig8mpi5xACkAiEpqeWfY3mclB+BY7DRAvJ/R fdvQy6E4d4KwV+pU7WJEIo6SrDyhXMNizpcCOrXSfDoyV+B01WL8N53nkcsISZh/ 2PvTFi5Jz5CtnBz5rDebmF0GkvnZAqBY8HCZeW72d2lm+Pbk4j92waMgjcJrG6J/ aEea2t2Pu39FFxxEuNbdBkCn4qh3PN1slKgoxF5akfS64wUlLrwrvopU0FIS8SSO SgTnxvUiiIwG2cJFU0Lpij0V6FtG3HIhu1oFJ2zzlSXFnJHLLMQkPm7OmdX1VQKb JJ+u2vFLnoiveBqijI2uRSBF4fQ= -----END CERTIFICATE-----Generated at Sun Dec 21 18:19:27 2025 by rpki-client