This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft File: zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft (raw, json) Hash identifier: qeZ8C+ffkK5ksNbTXD8p3bWzDUMMUrZgUrMqz17WaHo= Subject key identifier: D9:0F:49:1C:61:59:31:CF:27:C8:24:A9:36:F3:B6:68:54:9D:CB:5A Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Certificate serial: 1B3A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft Manifest number: 1B27 Signing time: Sun 21 Dec 2025 01:43:25 +0000 Manifest this update: Sun 21 Dec 2025 01:43:25 +0000 Manifest next update: Sun 21 Dec 2025 07:43:25 +0000 Files and hashes: 1: 4h-LRt98vDXOaWTvbULeZ6UN1Bo.roa (hash: ok9VRiaU8zGdubEx8U4bFwcbntxv+qOMj38yML8Z3+4=) 2: RlRL4KZJS1S-LvgS5fqfgwnlzBM.roa (hash: UrlXEeAgie4ovsfXf8HEj900Xbst7Ejer/YtzxZsYB4=) 3: x5QVZDphAkH7CzFBCzLgL2MjOd0.roa (hash: 6A34zx0W2QnUlb/xF7z1XN5nspBMkkv6MUauraQMbQQ=) 4: zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl (hash: rvGlSkwQ8OU6vS5ZZU2qqPVcTOGxq6+L3mdLs6YLKXc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 05:39:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6970 (0x1b3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Validity Not Before: Dec 21 01:43:25 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D90F491C615931CF27C824A936F3B668549DCB5A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d1:3e:5a:ef:50:5a:1d:e9:df:e4:0a:b7:2a: 45:ed:fd:04:a8:d5:a9:7d:29:4c:81:11:c0:d7:7d: 41:02:eb:96:ff:7e:da:03:56:0c:33:37:34:88:32: a0:11:1a:fe:a2:b0:00:b8:64:0e:e6:69:2d:b5:fe: 39:19:18:9f:72:e1:f3:94:29:a8:8c:38:3d:32:af: 42:5b:b8:a2:9b:1b:5a:59:4b:d5:b7:58:3f:b8:55: 5b:1a:47:8b:16:29:24:22:ae:d0:08:9c:d3:fd:be: 77:4e:c5:e8:bd:60:8b:2c:76:93:92:b0:c7:e7:d0: 30:fc:6b:fe:24:2f:00:59:7b:b8:fc:34:ef:ec:b0: 12:f9:0b:5c:e3:ab:a5:d2:04:c1:f8:02:e7:c7:45: 42:17:c4:26:bb:03:1d:e3:a7:6f:1d:b0:52:b4:61: c3:45:17:5a:4e:40:de:02:17:cc:37:e7:fe:fb:2d: d8:97:70:9e:8c:2c:67:ac:ee:01:df:d4:4d:35:cf: de:19:5f:05:b4:c2:67:7c:e8:3f:2d:54:51:fe:8f: 90:c2:9b:2d:e2:8a:d8:b5:f7:f8:68:6f:ef:6e:f8: a7:50:1d:92:0c:f7:8b:2a:04:6d:0b:43:0e:e5:ad: 86:c9:ea:2f:4a:15:f8:ff:e8:6d:f2:de:67:ed:76: 15:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:0F:49:1C:61:59:31:CF:27:C8:24:A9:36:F3:B6:68:54:9D:CB:5A X509v3 Authority Key Identifier: keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:a1:a5:21:37:59:f2:1f:ab:07:14:7e:4d:46:cb:c1:a4:41: d6:2b:d4:0a:7f:11:08:25:88:0f:ec:fd:58:b7:94:4f:1b:0d: 35:9a:1d:91:b5:3f:c1:aa:fc:d0:cc:d5:58:1f:e7:6a:ef:be: 32:9e:9c:f9:38:29:7f:c4:cb:74:c9:01:e0:18:ce:17:c9:9d: 4d:a8:62:46:04:a8:0c:cf:a8:15:ad:55:be:09:4c:a0:8e:f7: 88:75:63:09:e2:84:e8:dd:12:00:21:7c:7a:a1:37:be:1b:4b: 6e:86:d3:09:d5:90:a3:d9:e3:a1:cb:db:e7:bc:51:b3:a0:c3: fb:f9:51:82:43:08:ef:84:6c:93:3b:63:0f:63:e4:04:2e:64: e7:a6:3d:a1:f5:5a:63:cb:35:38:ce:0b:36:41:c8:a1:52:83: c3:b5:2c:8c:49:08:38:0c:67:54:2c:9d:e9:ee:b2:9f:75:f6: 38:ed:bf:5c:93:8f:42:d3:b7:2e:dd:61:ca:95:bf:9b:72:73: 9f:7b:f1:62:c7:96:68:52:4d:be:64:e5:14:56:5a:66:53:92: 9a:bf:f9:67:5a:bb:1e:f2:46:fc:0a:47:86:48:76:7f:a0:4f: 8b:19:fa:75:bf:f3:92:af:16:c1:3e:c0:f7:38:8f:17:d7:23: 16:46:ec:c9 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNTEyMjEw MTQzMjVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ5MEY0OTFDNjE1OTMx Q0YyN0M4MjRBOTM2RjNCNjY4NTQ5RENCNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC10T5a71BaHenf5Aq3KkXt/QSo1al9KUyBEcDXfUEC65b/ftoD VgwzNzSIMqARGv6isAC4ZA7maS21/jkZGJ9y4fOUKaiMOD0yr0JbuKKbG1pZS9W3 WD+4VVsaR4sWKSQirtAInNP9vndOxei9YIssdpOSsMfn0DD8a/4kLwBZe7j8NO/s sBL5C1zjq6XSBMH4AufHRUIXxCa7Ax3jp28dsFK0YcNFF1pOQN4CF8w35/77LdiX cJ6MLGes7gHf1E01z94ZXwW0wmd86D8tVFH+j5DCmy3iiti19/hob+9u+KdQHZIM 94sqBG0LQw7lrYbJ6i9KFfj/6G3y3mftdhUJAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU2Q9JHGFZMc8nyCSpNvO2aFSdy1owHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/ uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3pncWNzQ2szdFgzT1px Rl91RUlXMTZ2blpEUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBWoaUhN1nyH6sHFH5NRsvBpEHWK9QKfxEIJYgP7P1Yt5RPGw01mh2RtT/BqvzQ zNVYH+dq774ynpz5OCl/xMt0yQHgGM4XyZ1NqGJGBKgMz6gVrVW+CUygjveIdWMJ 4oTo3RIAIXx6oTe+G0tuhtMJ1ZCj2eOhy9vnvFGzoMP7+VGCQwjvhGyTO2MPY+QE LmTnpj2h9VpjyzU4zgs2QcihUoPDtSyMSQg4DGdULJ3p7rKfdfY47b9ck49C07cu 3WHKlb+bcnOfe/Fix5ZoUk2+ZOUUVlpmU5Kav/lnWrse8kb8CkeGSHZ/oE+LGfp1 v/OSrxbBPsD3OI8X1yMWRuzJ -----END CERTIFICATE-----Generated at Sun Dec 21 05:07:31 2025 by rpki-client