This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft File: Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft (raw, json) Hash identifier: nprSVRnTt6/M9xmqU+OJbHxKjPflf+N5Acqzh9dJDGc= Subject key identifier: 5B:62:CF:F4:F2:DA:D3:3E:A2:7E:8C:3A:5E:DC:F5:33:45:C0:5A:25 Authority key identifier: 43:E6:FD:AB:0F:15:0E:E9:C4:3C:F5:A2:BB:76:58:8A:7E:5F:85:02 Certificate issuer: /CN=43E6FDAB0F150EE9C43CF5A2BB76588A7E5F8502 Certificate serial: 23 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft Manifest number: 20 Signing time: Sat 20 Dec 2025 17:38:51 +0000 Manifest this update: Sat 20 Dec 2025 17:38:51 +0000 Manifest next update: Sat 20 Dec 2025 23:38:51 +0000 Files and hashes: 1: 7qqfCczVpqzPAfV0rFSiOaInTZo.roa (hash: He/3RBMb/hdGBTYVCyG/HVT/wnrhQ3TGFKE110yMwhM=) 2: Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl (hash: Y7homyI5wrpDnRn3Tvaua7DjLZBVbEeTtWiJqWoXzS0=) 3: zyd9sNtiUGWk-rPMxkaAwd-jMjU.roa (hash: gJ4z3p20OCkd5sduSBhdXm57HvoUXImlRN+QEWanG2A=) Validation: Failed, CRL has expired Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43E6FDAB0F150EE9C43CF5A2BB76588A7E5F8502 Validity Not Before: Dec 20 17:38:51 2025 GMT Not After : Dec 12 07:10:43 2026 GMT Subject: CN=5B62CFF4F2DAD33EA27E8C3A5EDCF53345C05A25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:d3:9d:79:41:41:05:98:86:d6:7d:6c:95:6c: 5f:44:23:23:51:d9:6e:da:c9:b3:b1:2d:fc:e9:e2: f5:e0:be:d6:b2:90:ef:27:c5:aa:29:ec:10:fb:2a: 56:d1:a8:27:d6:03:99:49:44:3c:ef:ad:8d:1f:1b: ac:6c:50:43:f4:6c:d0:dc:a7:f4:94:66:81:f7:b2: 30:8a:cb:fb:17:6f:5f:3a:44:85:d4:dc:d3:7d:6b: d2:4f:56:f5:da:df:e2:46:81:53:c4:55:1d:44:8d: 02:56:cd:3a:c5:28:bd:c2:18:93:d6:47:2d:ca:c6: 8d:06:79:05:66:e8:4d:fa:60:a6:8d:18:a4:98:37: 65:34:87:92:e9:2d:93:25:18:a7:61:91:1c:af:08: 5c:20:d7:76:f8:63:d4:36:a8:95:55:c0:dc:c4:8c: 5a:49:bf:47:d1:f5:0c:f7:fa:49:e4:d3:c4:fc:a1: a4:0c:eb:c1:29:db:e3:20:ba:8f:17:98:cd:8c:d4: 7c:a7:8d:44:dd:82:61:f4:ac:7b:61:92:66:fe:68: 83:a1:8e:0b:de:9b:cc:b4:f9:a2:2b:7e:d8:00:db: 30:56:f7:bd:e0:e4:74:4e:f6:2b:c7:cf:45:73:1c: 53:b0:fd:4f:f0:54:9a:b8:c9:dd:9d:51:5b:f1:56: 7b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:62:CF:F4:F2:DA:D3:3E:A2:7E:8C:3A:5E:DC:F5:33:45:C0:5A:25 X509v3 Authority Key Identifier: keyid:43:E6:FD:AB:0F:15:0E:E9:C4:3C:F5:A2:BB:76:58:8A:7E:5F:85:02 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:dc:e6:b9:7a:43:4a:b8:c4:ff:a2:30:29:89:ba:6c:a6:92: 5c:4a:d7:e5:4d:52:fe:4b:2b:17:61:b0:c0:ff:97:a0:e4:20: fd:af:9a:eb:6b:44:5f:95:91:d4:6e:a0:47:37:db:ba:7a:0a: 20:9b:21:53:c3:0e:f2:be:4f:8b:44:5a:fa:9c:c5:b1:dc:cc: 8c:6e:bf:5b:3b:1e:0a:52:14:eb:4e:53:71:96:f3:f3:2b:1c: 6b:7d:68:91:46:6c:fe:e3:d0:df:a9:b5:b9:21:46:15:67:1b: ec:88:44:b0:93:98:8c:ea:ef:26:88:92:23:f1:12:5e:99:e5: 07:a1:87:c4:fe:59:62:53:81:cf:8d:5b:b7:87:57:a6:34:f4: 1d:32:5a:7a:f7:7f:10:40:7d:98:56:68:e2:29:ed:b5:5b:b9: 6a:75:31:57:76:36:9a:03:f4:f8:28:8f:aa:81:4b:d0:99:5f: 9d:99:62:c2:13:03:14:79:fe:f2:7d:b2:34:49:80:08:00:7b: 43:3b:7c:26:7f:17:db:25:f2:a3:94:98:a1:81:fc:17:69:53: 11:91:39:7c:88:a4:28:30:b1:53:dc:65:0f:ae:25:1d:ab:a1: 66:eb:bd:d6:2e:29:9f:26:59:04:98:02:2e:5e:70:13:19:18: ef:7b:84:a6 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIBIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0M0U2 RkRBQjBGMTUwRUU5QzQzQ0Y1QTJCQjc2NTg4QTdFNUY4NTAyMB4XDTI1MTIyMDE3 Mzg1MVoXDTI2MTIxMjA3MTA0M1owMzExMC8GA1UEAxMoNUI2MkNGRjRGMkRBRDMz RUEyN0U4QzNBNUVEQ0Y1MzM0NUMwNUEyNTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANXTnXlBQQWYhtZ9bJVsX0QjI1HZbtrJs7Et/Oni9eC+1rKQ7yfF qinsEPsqVtGoJ9YDmUlEPO+tjR8brGxQQ/Rs0Nyn9JRmgfeyMIrL+xdvXzpEhdTc 031r0k9W9drf4kaBU8RVHUSNAlbNOsUovcIYk9ZHLcrGjQZ5BWboTfpgpo0YpJg3 ZTSHkuktkyUYp2GRHK8IXCDXdvhj1DaolVXA3MSMWkm/R9H1DPf6SeTTxPyhpAzr wSnb4yC6jxeYzYzUfKeNRN2CYfSse2GSZv5og6GOC96bzLT5oit+2ADbMFb3veDk dE72K8fPRXMcU7D9T/BUmrjJ3Z1RW/FWe3MCAwEAAaOCAgwwggIIMB0GA1UdDgQW BBRbYs/08trTPqJ+jDpe3PUzRcBaJTAfBgNVHSMEGDAWgBRD5v2rDxUO6cQ89aK7 dliKfl+FAjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zNDE3 L1EtYjlxdzhWRHVuRVBQV2l1M1pZaW41ZmhRSS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUS1iOXF3OFZEdW5FUFBXaXUzWllpbjVmaFFJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxNy9RLWI5cXc4VkR1bkVQ UFdpdTNaWWluNWZoUUkubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAutzmuXpDSrjE/6IwKYm6bKaSXErX5U1S/ksrF2GwwP+XoOQg/a+a62tEX5WR 1G6gRzfbunoKIJshU8MO8r5Pi0Ra+pzFsdzMjG6/WzseClIU605TcZbz8ysca31o kUZs/uPQ36m1uSFGFWcb7IhEsJOYjOrvJoiSI/ESXpnlB6GHxP5ZYlOBz41bt4dX pjT0HTJaevd/EEB9mFZo4inttVu5anUxV3Y2mgP0+CiPqoFL0JlfnZliwhMDFHn+ 8n2yNEmACAB7Qzt8Jn8X2yXyo5SYoYH8F2lTEZE5fIikKDCxU9xlD64lHauhZuu9 1i4pnyZZBJgCLl5wExkY73uEpg== -----END CERTIFICATE-----Generated at Sat Dec 20 23:52:39 2025 by rpki-client