This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft File: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft (raw, json) Hash identifier: 1ZZI/BT+IdtM2mysJ8nq5NsRxliwuDmb4j4YeduKxY8= Subject key identifier: C4:1C:1B:D7:D3:F2:2A:79:7A:93:9E:A3:29:68:91:A1:14:B7:34:F4 Authority key identifier: 67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 Certificate issuer: /CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Certificate serial: 487D20ABB6E2A8E2C12184B11C2F925C51691B68 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft Manifest number: 0B Signing time: Mon 26 Jan 2026 13:26:02 +0000 Manifest this update: Mon 26 Jan 2026 13:21:02 +0000 Manifest next update: Tue 27 Jan 2026 13:32:02 +0000 Files and hashes: 1: 3130332e3134302e31342e302f32332d3332203d3e203137363231.roa (hash: 2cWU5UH8whnz87agI1VludkKe4lf2cSxtmFnl04vmyI=) 2: 3130332e3134302e31342e302f32332d3332203d3e20313339303931.roa (hash: Dm1g3UjQyhGbjlFkBoWW9J4T2d5S6s8go1jP82Lkdfk=) 3: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl (hash: esRdh8WxRQywNMrhVqSVu4H92spcfrhjbTzrf7Wdy+A=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 27 Jan 2026 09:32:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:7d:20:ab:b6:e2:a8:e2:c1:21:84:b1:1c:2f:92:5c:51:69:1b:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Validity Not Before: Jan 26 13:21:02 2026 GMT Not After : Jan 27 13:32:02 2026 GMT Subject: CN=C41C1BD7D3F22A797A939EA3296891A114B734F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8e:92:6f:dd:af:de:eb:1d:76:d9:b8:63:90: c2:83:dd:57:3f:80:3a:ae:3c:c4:6f:65:91:cf:3c: e0:2a:d6:e1:da:df:da:78:8a:72:c6:cd:5b:60:ac: 64:c2:6a:53:f3:fb:27:c3:67:e7:a1:9e:cf:ef:ee: 25:13:87:be:9e:83:90:30:56:9c:72:57:fc:27:75: 24:34:10:b6:ca:39:31:6b:71:de:4d:2e:b3:d8:da: 5c:18:3e:e0:bb:be:e0:ac:a2:96:19:75:bb:fe:9d: b3:5a:91:11:ca:9b:82:12:05:a3:46:e7:81:00:0a: 2a:8f:1b:cc:3a:ee:f8:54:e4:7e:88:6a:8c:ee:be: 7d:13:52:68:d5:ba:33:89:87:d7:bf:7a:9e:e2:e1: 03:49:a3:7b:1e:9c:d6:34:82:f4:7f:d9:11:31:3e: d7:a4:04:ed:52:32:53:2f:f7:57:99:34:47:4a:32: 1d:d2:03:0f:5f:f0:76:ac:aa:5e:a7:6f:11:74:2b: bd:71:b0:a4:6d:8a:f4:a1:29:b1:5e:1e:aa:6c:e1: ad:50:61:67:d0:de:10:43:ab:26:92:58:75:46:92: b3:db:86:91:a2:e0:a6:9a:2b:6f:94:59:ea:36:0b: 9c:4b:eb:e0:d2:a3:d2:c4:75:7c:a6:cd:9b:6b:ff: c2:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:1C:1B:D7:D3:F2:2A:79:7A:93:9E:A3:29:68:91:A1:14:B7:34:F4 X509v3 Authority Key Identifier: keyid:67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:71:a4:f8:3f:c4:56:f5:46:22:b0:7f:4d:7b:d6:7e:b4:9d: c4:ab:37:7b:a3:31:48:12:3f:17:60:e5:c7:20:de:a3:83:a4: 08:16:4d:9f:e9:22:3c:ef:64:cb:b2:d3:f9:cc:fe:33:52:e5: a6:48:47:e5:d4:dc:68:b4:58:5b:0e:e8:43:55:75:db:1f:ec: fb:93:4e:de:0e:e8:c1:cc:e5:1e:24:4f:86:46:e6:34:1f:de: 80:1b:e2:5a:8c:4b:73:ae:68:de:c8:47:c2:41:fa:07:d3:ac: ff:31:03:3a:6c:e7:d7:24:8c:0b:4c:ec:03:19:33:0e:3b:57: 9a:22:46:32:7b:f8:96:a5:3d:9b:77:b3:b0:63:28:49:60:7f: 7a:52:0b:1e:84:eb:85:2b:10:d5:44:f1:72:9e:0d:59:c4:08: b9:3f:c8:c7:d7:52:af:66:ee:91:09:ee:0a:42:28:72:f1:ef: a1:ef:01:61:f3:86:2e:79:4d:e0:07:95:58:91:de:db:13:ff: 2a:3d:4f:4a:81:ab:a9:ce:e2:8e:ac:60:f6:52:72:a2:c5:9c: c7:b0:92:ad:78:67:0a:79:3a:e4:b5:42:b9:96:7a:09:fc:c2: ac:e4:09:21:1c:86:0b:bb:e4:7c:a3:71:90:4c:a1:96:4f:bf: 5d:c3:1d:8c -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUSH0gq7biqOLBIYSxHC+SXFFpG2gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZF MEEyNTMxNjAeFw0yNjAxMjYxMzIxMDJaFw0yNjAxMjcxMzMyMDJaMDMxMTAvBgNV BAMTKEM0MUMxQkQ3RDNGMjJBNzk3QTkzOUVBMzI5Njg5MUExMTRCNzM0RjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwjpJv3a/e6x122bhjkMKD3Vc/ gDquPMRvZZHPPOAq1uHa39p4inLGzVtgrGTCalPz+yfDZ+ehns/v7iUTh76eg5Aw VpxyV/wndSQ0ELbKOTFrcd5NLrPY2lwYPuC7vuCsopYZdbv+nbNakRHKm4ISBaNG 54EACiqPG8w67vhU5H6Iaozuvn0TUmjVujOJh9e/ep7i4QNJo3senNY0gvR/2REx PtekBO1SMlMv91eZNEdKMh3SAw9f8Hasql6nbxF0K71xsKRtivShKbFeHqps4a1Q YWfQ3hBDqyaSWHVGkrPbhpGi4KaaK2+UWeo2C5xL6+DSo9LEdXymzZtr/8JfAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUxBwb19PyKnl6k56jKWiRoRS3NPQwHwYDVR0j BBgwFoAUZ5ZtNO+/TLz7AM+cIEU5v+CiUxYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4Mjc0MTU3Nzg1OTA3NC8wLzY3OTY2RDM0RUZCRjRDQkNGQjAwQ0Y5QzIwNDUz OUJGRTBBMjUzMTYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZFMEEyNTMxNi5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODI3NDE1Nzc4NTkwNzQvMC82Nzk2NkQzNEVGQkY0 Q0JDRkIwMENGOUMyMDQ1MzlCRkUwQTI1MzE2Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXGk+D/EVvVG IrB/TXvWfrSdxKs3e6MxSBI/F2DlxyDeo4OkCBZNn+kiPO9ky7LT+cz+M1LlpkhH 5dTcaLRYWw7oQ1V12x/s+5NO3g7owczlHiRPhkbmNB/egBviWoxLc65o3shHwkH6 B9Os/zEDOmzn1ySMC0zsAxkzDjtXmiJGMnv4lqU9m3ezsGMoSWB/elILHoTrhSsQ 1UTxcp4NWcQIuT/Ix9dSr2bukQnuCkIocvHvoe8BYfOGLnlN4AeVWJHe2xP/Kj1P SoGrqc7ijqxg9lJyosWcx7CSrXhnCnk65LVCuZZ6CfzCrOQJIRyGC7vkfKNxkEyh lk+/XcMdjA== -----END CERTIFICATE-----Generated at Mon Jan 26 22:31:53 2026 by rpki-client