This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft (raw, json) Hash identifier: /0mpWuIxDU3CQhV4ZmRwFNUwXDfUiRBTm+xGoWKgLOo= Subject key identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50 Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Certificate serial: 0711 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft Manifest number: 06FA Signing time: Sun 21 Dec 2025 16:42:40 +0000 Manifest this update: Sun 21 Dec 2025 16:42:40 +0000 Manifest next update: Sun 21 Dec 2025 22:42:40 +0000 Files and hashes: 1: 0ER4jMdxaZc8TtHdyMtb0Tt8wH4.roa (hash: OyqTw7UdQe7wf3n+Uzbs30m7FnEu/Oyfl7FMQebch84=) 2: 1QD9kVjRPFCJatRIwWROIBy8kVA.roa (hash: 8yUL/WPq3yLWhpQ6U2I4iSZV3rfZD+tNqromWAbFU2A=) 3: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl (hash: 1IaLfQ07sYSQ2gVD+DhfjkheSuWkOYBqmO0r6fKGstk=) 4: 4h8nPy8hJOHOAa-6OIJFbGy0Y3s.roa (hash: DB7h2YUI+Oio0qI5Nqa3BL07cl+qYyI5JCXOvTAAIKA=) 5: C6K3jC5XM9ASI6FKufijhi7adTg.roa (hash: u3XsDQJkYk2HyM52oU60Q0OQDYgDvEqy89GCu9/wm1o=) 6: DJTGjsyfob-daem2cuBLKXMPXu4.roa (hash: M4E1GeUXPpycDhV5NP95GP5xj7vcM1t0QAwwd9IHOtA=) 7: F9-agplvYbReLwEVvLXqsxs3-aE.roa (hash: wWH2qISgzTmkfxLxaoXYzF2y6aKSWvCtcm+iTvXKCgI=) 8: FsNjJzs1Yu8J3RzTy5_mOby8TFw.roa (hash: 6r4baApbFlPunzlUjPwIrxGY8Ee79UnFpHBGgAOA+To=) 9: HRTwxgISQAmHmdsgldlFy9VsDfE.roa (hash: g6WGfqvUj1zzde8Rhwh8PepCNVDdY2F4smGEucl/PgY=) 10: HVWLPpvTveXfFw_tmXwJ2SYZ4Y4.roa (hash: qdU4Yq4NVuIp5c9Pca8DjLQ7oTJyTbwH9SDB0ouV5VU=) 11: I2TJPU72SpSJBAm_wQfPP-piEeg.roa (hash: 6pXkzBsFD6PhVp7wOtmgLqSyacRrKRLWCWMnHXBLGW8=) 12: UgW99oa8FvERx8BX7lrm-6FWEOE.roa (hash: w1HTgwfnTWC81wVgKs+vXq8ga2BzDZ9rHWI5XJm9mvk=) 13: Y8kgU48kiNGqzq2nK5O5WiksDSk.roa (hash: 07wZbAajdfbJQDwAmVTQXXjUMgif2AwVmPfdEekWRyA=) 14: aV7Ri-lUYzB8dhFblTd71eGtEEg.roa (hash: CFuKIxDGpbjtt0HUmXbA/K6k/ZpYa3Z3aMgKu5AtAPY=) 15: ckh1WTl4f1_gVSLhSUBk8RsfFi4.roa (hash: 5queQWpVBXn7exbHvpky1MLt+h9a11+sZq2dFGFxGkw=) 16: nbePnKzqWYXckdwHzmenc50MYCw.roa (hash: C7r8zvcAPxto9wXb2DRqahJYPDZzJ5zBLJ1sGPIzvcA=) 17: qW6Bv7uoL_195H1MB_jChMWMSvo.roa (hash: AnbkRBuOTQcpm4hcUi0EemyrsDvNd2UATJd1hS1A14Q=) 18: tKqDxDPGtgTgElv65DlcSr-X_T4.roa (hash: cHCd9pprNMNd8KhcFuXBWl+YG4k0Bv7a9xzKCVTOqlg=) 19: wAnT0H3Exwuh0puPOa84PkUo7jw.roa (hash: 9bqRSUm0pia4VbU9iB77Hvh6P5hej4AYTWlO3ngwdEw=) 20: zCAu8bQkxhNq1UyLI-UHPkMUgi0.roa (hash: rkNIbIaIMcy8iXZo7RC1Aj8Owgsiv0QiyLgPgoyEC/k=) 21: zDsF_ocr-Vhn7g0PuK3Nfa0PpnQ.roa (hash: ACjLAHtSQnr5lM2TkMPAk5riK/6jJk80g1efX+v02Dw=) 22: zr0OFwbZ2F5cmZc-6VFRH2avvFg.roa (hash: PVklNp9GSoeIuS+Ad4ZbIw0p9RPoglbHk2bAgL58PbU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 22:40:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1809 (0x711) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Validity Not Before: Dec 21 16:42:40 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DB95FB8737A881A696B5CDC72CC288908BE41D50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e9:7d:c0:59:21:5f:82:8b:b4:e8:c7:3a:d8: ad:f4:27:ab:b2:5e:43:7d:45:18:3d:70:51:e1:fc: 6c:0e:7d:48:91:30:42:39:d5:ce:a6:ff:f9:8f:60: b1:49:8d:39:1e:f1:4e:54:f5:2c:ee:3c:bb:8d:11: 17:af:8f:ce:09:4c:47:59:d5:a6:35:73:48:c7:5e: 33:39:dc:c0:64:58:a1:eb:5f:d5:67:6a:58:9e:37: 34:57:4d:d8:ec:a3:a4:51:85:f4:ba:18:f6:0d:98: bf:0e:d3:2a:22:ed:ce:5d:ee:71:18:80:ae:9d:a2: 9c:dc:58:bc:a9:2f:83:e5:b6:b7:3e:aa:ad:db:85: 2a:c2:f6:a6:b7:98:11:91:e4:6e:9b:ea:02:52:10: e7:f8:4a:cd:91:9b:47:0f:3c:aa:88:25:be:d2:12: 90:3f:ce:f8:a1:cd:d4:0c:a0:54:0b:71:59:1b:88: b3:91:84:2c:2a:67:68:5d:7b:4f:dd:5f:05:bc:74: 42:b9:73:00:90:c5:44:0e:c9:66:4b:90:75:50:6c: d2:29:c5:48:85:ff:bf:87:81:fb:6f:ac:61:cc:e1: b4:5e:a4:1d:a4:d6:57:55:9b:68:0b:67:8a:05:e6: ac:19:ec:7d:9b:51:c9:52:1d:aa:e3:54:71:23:61: 49:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50 X509v3 Authority Key Identifier: keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:e4:6f:e9:6e:e0:f8:92:41:c1:71:c9:08:53:fc:3e:4a:e8: 65:ec:e3:fb:20:da:43:3c:d2:18:08:41:a5:69:a1:82:b3:9d: d4:24:b9:45:5b:46:a5:23:aa:31:00:6a:17:ba:b1:96:75:cf: 69:53:ac:33:66:4c:cd:db:c2:0e:ec:ed:be:05:69:77:e8:24: 9d:fd:46:96:b0:e3:2f:e9:58:1b:db:f0:bb:e9:22:32:b4:23: 5b:dc:ae:93:89:86:6b:a3:df:25:56:09:2f:b7:ad:f8:2b:2b: 75:3c:ab:00:17:8d:9c:0f:67:39:a6:17:9f:be:72:fd:15:4c: a2:05:85:d2:29:61:63:4a:46:4c:05:68:2d:a1:41:28:9f:bb: 8a:45:ee:c7:5a:4e:a5:ed:88:86:d2:5a:20:6a:09:39:8f:0c: 73:e1:2e:02:cc:8b:d3:f0:47:9e:13:9a:56:14:07:dd:13:f2: 5f:45:e2:dc:e4:74:3a:d9:0d:09:1e:69:fd:28:13:74:b4:1b: 28:58:ff:2a:61:ff:15:be:88:a3:c4:6a:ab:a2:ec:f2:02:fa: c1:11:50:d0:92:e7:c7:7c:d8:f0:78:fb:a0:61:56:3f:98:96: 36:82:c9:94:28:fa:be:b0:2d:3a:13:fb:02:27:a1:99:c1:6b: ef:49:92:2f -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNTEyMjEx NjQyNDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERCOTVGQjg3MzdBODgx QTY5NkI1Q0RDNzJDQzI4ODkwOEJFNDFENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH6X3AWSFfgou06Mc62K30J6uyXkN9RRg9cFHh/GwOfUiRMEI5 1c6m//mPYLFJjTke8U5U9SzuPLuNERevj84JTEdZ1aY1c0jHXjM53MBkWKHrX9Vn alieNzRXTdjso6RRhfS6GPYNmL8O0yoi7c5d7nEYgK6dopzcWLypL4Pltrc+qq3b hSrC9qa3mBGR5G6b6gJSEOf4Ss2Rm0cPPKqIJb7SEpA/zvihzdQMoFQLcVkbiLOR hCwqZ2hde0/dXwW8dEK5cwCQxUQOyWZLkHVQbNIpxUiF/7+HgftvrGHM4bRepB2k 1ldVm2gLZ4oF5qwZ7H2bUclSHarjVHEjYUm7AgMBAAGjggIIMIICBDAdBgNVHQ4E FgQU25X7hzeogaaWtc3HLMKIkIvkHVAwHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8yaDJyN1BHVVhmOVR0aURn dHNRUTZSNUVjYkUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA juRv6W7g+JJBwXHJCFP8PkroZezj+yDaQzzSGAhBpWmhgrOd1CS5RVtGpSOqMQBq F7qxlnXPaVOsM2ZMzdvCDuztvgVpd+gknf1GlrDjL+lYG9vwu+kiMrQjW9yuk4mG a6PfJVYJL7et+CsrdTyrABeNnA9nOaYXn75y/RVMogWF0ilhY0pGTAVoLaFBKJ+7 ikXux1pOpe2IhtJaIGoJOY8Mc+EuAsyL0/BHnhOaVhQH3RPyX0Xi3OR0OtkNCR5p /SgTdLQbKFj/KmH/Fb6Io8Rqq6Ls8gL6wRFQ0JLnx3zY8Hj7oGFWP5iWNoLJlCj6 vrAtOhP7AiehmcFr70mSLw== -----END CERTIFICATE-----Generated at Sun Dec 21 18:19:30 2025 by rpki-client