This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.mft File: Z7bHlviRA1kP8cyQcd_kwN84_U0.mft (raw, json) Hash identifier: TMZ3lT8DBC3ZW+N6yXYNf7c4pe7WTTM/R8ZB9NWwrfE= Subject key identifier: 59:EA:CF:82:3B:3E:15:F6:9C:D6:25:5F:54:24:3B:C4:15:EB:80:6A Authority key identifier: 67:B6:C7:96:F8:91:03:59:0F:F1:CC:90:71:DF:E4:C0:DF:38:FD:4D Certificate issuer: /CN=67B6C796F89103590FF1CC9071DFE4C0DF38FD4D Certificate serial: 01AC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Z7bHlviRA1kP8cyQcd_kwN84_U0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.mft Manifest number: 01AB Signing time: Sun 21 Dec 2025 06:38:53 +0000 Manifest this update: Sun 21 Dec 2025 06:38:53 +0000 Manifest next update: Sun 21 Dec 2025 12:38:53 +0000 Files and hashes: 1: Z7bHlviRA1kP8cyQcd_kwN84_U0.crl (hash: aTlLpGqMubwB8hn1eUYuWh6k0eH8BYuBLwpz+vqM7E0=) 2: loLhskS-iZNnvxWA0PZirro_KmM.roa (hash: Pwatgv8DYXkuuWa++kua2bH5oIdl0XsHAQ6/LW4WROc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Z7bHlviRA1kP8cyQcd_kwN84_U0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 10:39:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 428 (0x1ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67B6C796F89103590FF1CC9071DFE4C0DF38FD4D Validity Not Before: Dec 21 06:38:53 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=59EACF823B3E15F69CD6255F54243BC415EB806A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c5:04:fb:58:14:da:e3:78:b4:21:e8:0f:fe: ad:d0:0a:2c:6a:40:e7:4a:59:df:e4:ba:d4:9c:06: 1d:03:cf:b8:c3:ea:c3:ab:f5:d9:77:f3:6a:8c:6f: eb:8a:80:4d:b7:a9:ee:7d:e0:14:fe:e4:3c:de:fc: 76:1e:79:c5:4b:d0:a3:92:a6:ad:b8:c0:78:84:4e: a3:b3:e6:74:ff:20:c5:e8:ed:3a:65:4d:bc:44:f9: 8f:68:ed:31:96:45:4a:2a:3d:35:4e:27:2f:fb:36: 55:8e:c5:1e:c7:09:c4:96:25:39:14:cf:3d:7e:07: 75:a9:96:24:d5:a2:af:cf:30:09:a9:48:91:d7:41: b5:6c:7a:4c:ea:31:3a:43:16:80:e0:b5:4e:ac:4a: dd:0b:a5:9f:07:bd:c2:8b:bc:e4:4e:2e:92:74:68: 05:04:1d:fc:80:ac:ea:b0:07:51:2b:4f:35:2a:95: e7:52:5d:7b:65:52:4b:60:c5:25:28:2b:38:5a:2d: 7a:38:c5:e4:4a:91:e5:1d:ce:26:1e:48:b9:00:c4: c3:d2:3d:4c:9d:45:d6:6a:c0:99:66:ab:bd:5b:fc: 86:4d:97:e6:b2:9e:90:aa:e5:cc:3c:9e:c1:1b:2f: bd:74:8d:23:65:b8:03:85:87:f1:c3:26:a0:37:4a: 05:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:EA:CF:82:3B:3E:15:F6:9C:D6:25:5F:54:24:3B:C4:15:EB:80:6A X509v3 Authority Key Identifier: keyid:67:B6:C7:96:F8:91:03:59:0F:F1:CC:90:71:DF:E4:C0:DF:38:FD:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Z7bHlviRA1kP8cyQcd_kwN84_U0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3396/Z7bHlviRA1kP8cyQcd_kwN84_U0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:84:aa:1d:6d:67:e6:50:62:04:73:6d:34:d9:ff:b1:4e:e1: 64:4f:68:5b:b9:e2:82:48:9b:b3:79:55:6c:e5:c1:47:e3:d9: 06:ff:78:3e:c2:04:59:7d:f2:84:e4:04:33:3f:f3:42:ae:30: e2:29:61:e2:41:e3:03:ef:da:b4:64:78:3f:98:18:8f:3c:c3: a7:e4:61:1f:01:c7:77:3a:d3:83:32:cd:9b:0e:7f:08:4c:1c: 43:02:51:23:ba:44:c6:60:d1:38:5f:1f:f1:ba:4a:87:55:ea: 0e:1d:15:6c:cf:95:04:19:a7:ea:60:c0:3e:d8:61:72:e0:53: 99:fe:ca:9a:ef:b7:93:91:99:8d:44:dc:71:e6:3a:b7:4a:5f: e8:13:17:58:13:5e:9d:97:bd:b0:fa:93:26:80:65:f3:cf:d0: ab:88:c3:50:98:a5:60:ad:32:c2:7b:c5:60:9b:8a:fb:03:30: 50:a0:ec:74:7d:8b:92:ea:16:a5:97:1d:49:aa:df:60:49:9b: bf:16:32:79:fa:53:bf:5a:9f:4a:ff:0e:14:03:9d:4a:91:56: aa:7d:23:63:76:aa:af:f2:3e:de:a7:d6:74:e6:b8:f4:3f:1a: f2:e3:5f:1f:da:5a:fd:39:9e:5a:ff:74:fd:5c:70:35:ab:1a: 97:00:73:9b -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAawwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjdC NkM3OTZGODkxMDM1OTBGRjFDQzkwNzFERkU0QzBERjM4RkQ0RDAeFw0yNTEyMjEw NjM4NTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDU5RUFDRjgyM0IzRTE1 RjY5Q0Q2MjU1RjU0MjQzQkM0MTVFQjgwNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtxQT7WBTa43i0IegP/q3QCixqQOdKWd/kutScBh0Dz7jD6sOr 9dl382qMb+uKgE23qe594BT+5Dze/HYeecVL0KOSpq24wHiETqOz5nT/IMXo7Tpl TbxE+Y9o7TGWRUoqPTVOJy/7NlWOxR7HCcSWJTkUzz1+B3WpliTVoq/PMAmpSJHX QbVsekzqMTpDFoDgtU6sSt0LpZ8HvcKLvOROLpJ0aAUEHfyArOqwB1ErTzUqledS XXtlUktgxSUoKzhaLXo4xeRKkeUdziYeSLkAxMPSPUydRdZqwJlmq71b/IZNl+ay npCq5cw8nsEbL710jSNluAOFh/HDJqA3SgWPAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUWerPgjs+Ffac1iVfVCQ7xBXrgGowHwYDVR0jBBgwFoAUZ7bHlviRA1kP8cyQ cd/kwN84/U0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM5 Ni9aN2JIbHZpUkExa1A4Y3lRY2Rfa3dOODRfVTAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1o3YkhsdmlSQTFrUDhjeVFjZF9rd044NF9VMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzOTYvWjdiSGx2aVJBMWtQ OGN5UWNkX2t3Tjg0X1UwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABKEqh1tZ+ZQYgRzbTTZ/7FO4WRPaFu54oJIm7N5VWzlwUfj2Qb/eD7CBFl9 8oTkBDM/80KuMOIpYeJB4wPv2rRkeD+YGI88w6fkYR8Bx3c604MyzZsOfwhMHEMC USO6RMZg0ThfH/G6SodV6g4dFWzPlQQZp+pgwD7YYXLgU5n+yprvt5ORmY1E3HHm OrdKX+gTF1gTXp2XvbD6kyaAZfPP0KuIw1CYpWCtMsJ7xWCbivsDMFCg7HR9i5Lq FqWXHUmq32BJm78WMnn6U79an0r/DhQDnUqRVqp9I2N2qq/yPt6n1nTmuPQ/GvLj Xx/aWv05nlr/dP1ccDWrGpcAc5s= -----END CERTIFICATE-----Generated at Sun Dec 21 10:04:53 2025 by rpki-client