This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft File: zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft (raw, json) Hash identifier: K68WiqZFwR7/mu5SrvT7mFWCgzjinpeITA28gBe+HO8= Subject key identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 Authority key identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 Certificate issuer: /CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Certificate serial: 1920 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft Manifest number: 1920 Signing time: Sun 21 Dec 2025 16:40:16 +0000 Manifest this update: Sun 21 Dec 2025 16:40:16 +0000 Manifest next update: Sun 21 Dec 2025 22:40:16 +0000 Files and hashes: 1: zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl (hash: cYI6J6ksAg2DNpSMd1aM/cHUsdSuBQVtwLx+OIbSVEc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6432 (0x1920) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Validity Not Before: Dec 21 16:40:16 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2138FFFC8AF59D1AAB0DF92BBB31E23E8ACC5293 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:23:a3:31:f7:55:c2:81:3d:f1:f6:5d:15:b4: 1c:43:09:ec:a0:49:5e:74:40:a7:c8:4a:c8:bb:71: 1b:db:d5:a9:40:3b:f9:7a:60:6a:bb:84:8c:51:9c: fe:7a:94:61:a4:f6:5f:c7:c6:5e:9d:97:39:8a:71: be:e4:c6:0d:a5:d1:de:2a:1c:c3:56:fa:da:29:1a: fe:fb:49:f9:53:27:ee:40:8d:5b:50:2b:d7:af:3e: 4a:d9:36:ac:b3:f0:62:77:a9:2e:7e:07:bb:41:bd: b5:35:4a:bc:bd:78:35:13:4a:3e:15:d6:9e:13:58: bc:70:dd:fe:d2:ae:58:24:09:50:97:95:3f:53:4f: 07:dd:0e:e6:d8:14:4e:01:94:d5:4b:a4:ad:da:e6: a7:e6:9f:1c:ca:47:f9:1f:38:a2:fe:ff:a1:f0:41: 91:c9:8f:e5:07:9c:e9:49:33:3b:53:d7:d0:ef:91: 64:53:a6:d6:e4:9f:a7:52:cd:51:5a:b8:4f:eb:b6: da:9a:d3:f9:4d:de:9b:43:04:d8:ad:ed:50:c6:ff: 08:c4:a6:24:7e:4a:cb:72:5f:cf:6d:5c:8b:e4:34: 6e:1b:86:20:29:b7:e2:91:7f:ec:20:48:d0:e2:45: 4a:96:bf:b9:46:31:0f:1c:8b:b0:fe:e5:42:eb:fc: 2a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 X509v3 Authority Key Identifier: keyid:CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:83:48:4b:6c:9d:eb:f6:dd:62:04:4f:4c:69:df:91:04:f0: 95:46:7a:b1:9d:50:07:01:7b:8c:d3:93:32:82:d9:cc:8b:b8: b3:08:01:cf:db:97:00:fa:9d:70:ff:4b:23:b5:c6:9c:0c:06: ec:b2:09:9e:ea:66:e6:bb:d6:64:cc:b0:39:53:16:2a:34:ef: 29:ed:49:ba:44:cf:fc:40:f6:7c:e0:fd:f8:b9:eb:22:ac:24: 31:e7:df:0c:88:25:49:14:b4:60:cf:07:ff:e5:a2:3d:ab:bd: 0d:6b:d6:35:b6:0b:d4:dc:44:61:bc:0a:0f:8a:44:e3:1b:9a: 46:e5:f9:a1:98:48:a9:3a:ee:c0:e2:db:a4:1f:b0:c2:b3:fe: d0:96:7e:8d:26:83:2a:46:1d:5c:62:fa:60:81:57:bb:af:84: 17:3b:63:a0:ee:e8:f5:ec:75:cb:fc:25:54:7d:d6:80:df:13: bb:e5:24:fa:4d:ba:87:bd:83:94:0c:29:98:05:c3:4f:9c:c9: c1:a3:31:da:d0:ba:2d:e5:c2:22:ef:5d:b6:bf:0a:db:2d:49: 65:64:92:13:85:7c:53:fa:f1:76:12:5f:61:32:ff:fb:0c:bd: 14:db:fc:24:23:99:d2:e2:a4:5a:fe:9d:7a:fc:23:3b:2a:de: b2:dc:af:35 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NB M0E3MUQzMjY2RUVCRkU2RjE4OURFRUU0MjlFQTlFMDQzQTRFNzAeFw0yNTEyMjEx NjQwMTZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDIxMzhGRkZDOEFGNTlE MUFBQjBERjkyQkJCMzFFMjNFOEFDQzUyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaI6Mx91XCgT3x9l0VtBxDCeygSV50QKfISsi7cRvb1alAO/l6 YGq7hIxRnP56lGGk9l/Hxl6dlzmKcb7kxg2l0d4qHMNW+topGv77SflTJ+5AjVtQ K9evPkrZNqyz8GJ3qS5+B7tBvbU1Sry9eDUTSj4V1p4TWLxw3f7SrlgkCVCXlT9T TwfdDubYFE4BlNVLpK3a5qfmnxzKR/kfOKL+/6HwQZHJj+UHnOlJMztT19DvkWRT ptbkn6dSzVFauE/rttqa0/lN3ptDBNit7VDG/wjEpiR+SstyX89tXIvkNG4bhiAp t+KRf+wgSNDiRUqWv7lGMQ8ci7D+5ULr/CpfAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUITj//Ir1nRqrDfkruzHiPorMUpMwHwYDVR0jBBgwFoAUzKOnHTJm7r/m8Yne 7kKeqeBDpOcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDcz L3pLT25IVEptN3JfbThZbmU3a0tlcWVCRHBPYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvektPbkhUSm03cl9tOFluZTdrS2VxZUJEcE9jLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDczL3pLT25IVEptN3JfbThZ bmU3a0tlcWVCRHBPYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBKg0hLbJ3r9t1iBE9Mad+RBPCVRnqxnVAHAXuM05MygtnMi7izCAHP25cA+p1w /0sjtcacDAbssgme6mbmu9ZkzLA5UxYqNO8p7Um6RM/8QPZ84P34uesirCQx598M iCVJFLRgzwf/5aI9q70Na9Y1tgvU3ERhvAoPikTjG5pG5fmhmEipOu7A4tukH7DC s/7Qln6NJoMqRh1cYvpggVe7r4QXO2Og7uj17HXL/CVUfdaA3xO75ST6TbqHvYOU DCmYBcNPnMnBozHa0Lot5cIi7122vwrbLUllZJIThXxT+vF2El9hMv/7DL0U2/wk I5nS4qRa/p16/CM7Kt6y3K81 -----END CERTIFICATE-----Generated at Sun Dec 21 18:25:53 2025 by rpki-client