This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft
File:                     7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft (raw, json)
Hash identifier:          uhYgLo7b9PKfHcPnwejv6LVLO/GCCl8Uu2i1wrnUVWk=
Subject key identifier:   84:B2:46:AC:88:B2:39:A0:6B:33:57:4C:E0:F4:1B:77:81:94:AA:21
Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
Certificate issuer:       /CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Certificate serial:       224B
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft
Manifest number:          2210
Signing time:             Tue 09 Dec 2025 22:49:06 +0000
Manifest this update:     Tue 09 Dec 2025 22:49:06 +0000
Manifest next update:     Wed 10 Dec 2025 04:49:06 +0000
Files and hashes:         1: 7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl (hash: /ivNVg00qFzQ2z+c1SOf6i5k2jQt7EECYFivRgOspv8=)
                          2: 8ypWC-ydp4xXcqy2gTFAqdh61HU.roa (hash: g3uVKvV3ChCu619q82Y0FOakVd+GS7pJK/pnr7R0GZo=)
                          3: IRr695QzmDBgZ8NqzXfvfrq0UR0.roa (hash: j7aSVgDTArk2OXLoDcCl1YiisNUMwRrqK4XtzD3t5RM=)
                          4: KsqHOeCiWS2Kdpys1p-sTUFqm5Y.roa (hash: 7anzXk0SCWozouKyc26QDPQMlgqO7/eiugF+fh4EXQo=)
                          5: ZtEW3mf0tOr51N-v73EgOdQmFa8.roa (hash: fujKtms1hTOgx9YDmwyQ56yd/9XZ45UpEKME+vZ6F8s=)
                          6: _WOgPad0W1kn45ia-U0MvBzC24c.roa (hash: USnlmKZvKeApDkmsw/iEDm10VzsUHxApky3Wv+X1AUo=)
                          7: bGKERT2i7Kg7erENgDhlZoQVV4U.roa (hash: w1VPC2jQipuGeYvKEgjTTSU/2tR9i/LYPMYPOPh+jSM=)
                          8: f_Vjrqe4d2JgUhcmGXzjlF0OOpI.roa (hash: 7t1s/FDaF+lAvSx83zMhNai1MQH5TkwUR13K3qHRDaw=)
                          9: lwugNpl7ON15Py-fGSFHCJofW5s.roa (hash: r0cYOwFvNoFE4I7bgdVGf5MmRu0wsVXSvz23VO8XWmk=)
                          10: o41ABfq_RN50Q6JuNOYLyZxWhyU.roa (hash: EATu2epUFhkYOfHp9GgLIt/0Hk+GwgOPAHpPCXc+Q4U=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8779 (0x224b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32
        Validity
            Not Before: Dec  9 22:49:06 2025 GMT
            Not After : Oct 23 03:01:03 2026 GMT
        Subject: CN=84B246AC88B239A06B33574CE0F41B778194AA21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d4:83:33:f7:e8:35:66:fc:41:d5:38:bf:41:
                    50:d3:bc:85:e9:5e:f3:30:72:7e:b2:f6:ee:16:86:
                    9f:78:74:fe:c0:32:1b:6c:80:33:2f:38:7e:28:9e:
                    b3:f8:13:f4:ee:0a:bc:9c:b6:65:ea:b6:61:2a:8d:
                    0f:f6:53:c3:ce:74:e5:24:43:1a:29:32:28:28:9d:
                    d8:fe:11:6b:12:4c:d0:6b:e7:81:65:c3:d5:64:9f:
                    f5:9e:0a:1e:66:94:09:c8:9f:2a:46:fb:1e:b3:22:
                    be:84:dd:bd:ec:64:b7:2e:cf:c8:de:80:d9:f8:db:
                    6e:45:aa:93:98:ec:ec:31:2d:7d:38:c5:2c:02:08:
                    fe:ca:c5:46:8e:ce:3c:9f:90:be:bc:f7:e5:0b:fe:
                    d6:48:2c:22:90:ef:3c:fb:da:e3:6f:4c:09:0f:83:
                    e6:d1:5c:cb:cd:75:30:88:3c:c6:04:1b:e0:c9:83:
                    51:79:ef:07:77:f8:81:13:b6:86:1f:80:d2:21:f8:
                    67:3a:0b:55:9f:d5:bc:93:9b:b6:45:c1:e8:b9:1f:
                    0d:8e:32:ce:f9:f9:b9:e7:2b:e1:72:14:8c:dc:b7:
                    c0:90:02:fd:0f:5c:23:7d:ae:07:b9:8d:51:9d:0a:
                    4b:7c:c5:f7:ca:9e:a0:a1:96:ce:b3:34:46:80:6c:
                    12:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B2:46:AC:88:B2:39:A0:6B:33:57:4C:E0:F4:1B:77:81:94:AA:21
            X509v3 Authority Key Identifier:
                keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:f7:4d:9e:76:b6:9d:6b:cd:71:25:72:37:62:93:ef:40:2d:
         f8:1a:a3:d0:88:25:ec:c4:0c:2c:e0:59:ce:a8:cf:42:01:65:
         7b:de:23:52:ea:c2:4b:cb:8c:91:cf:d8:4b:d4:2d:2d:22:2b:
         1e:17:5c:84:64:37:f6:3d:af:f1:6f:fb:b6:ff:43:8d:89:7b:
         e5:dd:98:42:a8:65:d9:b2:b7:c6:cf:b3:50:e3:f5:55:9c:9f:
         5c:63:8e:eb:42:b3:fb:e5:a5:af:6f:12:57:f3:40:f6:2e:73:
         15:f1:0f:8c:97:51:fc:b9:05:d8:07:ce:a5:9e:3e:65:a2:3c:
         d7:31:8f:27:16:a4:49:80:9a:a7:49:8f:70:b2:37:91:81:8b:
         b8:e2:00:0f:8c:8f:2e:d0:5f:10:49:cc:c3:0b:b6:fe:f6:4e:
         9b:8e:0a:7d:c9:a0:da:86:e1:fd:66:37:df:45:c6:37:6e:48:
         8a:22:f4:8e:32:8c:ea:bb:9b:ea:79:b1:c2:37:59:0e:7e:b0:
         47:ea:2b:b9:df:3f:9f:03:65:9b:55:a1:66:11:37:99:71:9d:
         a2:42:39:00:58:96:cb:27:14:d8:32:7b:8a:5b:0c:3a:b6:64:
         0c:03:9c:32:bc:10:d4:ac:2b:9a:2a:96:c0:54:f7:89:1d:ba:
         1b:1e:b3:84
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICIkswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx
MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTEyMDky
MjQ5MDZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDg0QjI0NkFDODhCMjM5
QTA2QjMzNTc0Q0UwRjQxQjc3ODE5NEFBMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw1IMz9+g1ZvxB1Ti/QVDTvIXpXvMwcn6y9u4Whp94dP7AMhts
gDMvOH4onrP4E/TuCryctmXqtmEqjQ/2U8POdOUkQxopMigondj+EWsSTNBr54Fl
w9Vkn/WeCh5mlAnInypG+x6zIr6E3b3sZLcuz8jegNn4225FqpOY7OwxLX04xSwC
CP7KxUaOzjyfkL689+UL/tZILCKQ7zz72uNvTAkPg+bRXMvNdTCIPMYEG+DJg1F5
7wd3+IETtoYfgNIh+Gc6C1Wf1byTm7ZFwei5Hw2OMs75+bnnK+FyFIzct8CQAv0P
XCN9rge5jVGdCkt8xffKnqChls6zNEaAbBJ/AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUhLJGrIiyOaBrM1dM4PQbd4GUqiEwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ
+wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy
OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvN0JESk5GVjFuR1dk
SzdnWi13Zl9jR1BPekRJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAI73TZ52tp1rzXElcjdik+9ALfgao9CIJezEDCzgWc6oz0IBZXveI1LqwkvL
jJHP2EvULS0iKx4XXIRkN/Y9r/Fv+7b/Q42Je+XdmEKoZdmyt8bPs1Dj9VWcn1xj
jutCs/vlpa9vElfzQPYucxXxD4yXUfy5BdgHzqWePmWiPNcxjycWpEmAmqdJj3Cy
N5GBi7jiAA+Mjy7QXxBJzMMLtv72TpuOCn3JoNqG4f1mN99FxjduSIoi9I4yjOq7
m+p5scI3WQ5+sEfqK7nfP58DZZtVoWYRN5lxnaJCOQBYlssnFNgye4pbDDq2ZAwD
nDK8ENSsK5oqlsBU94kduhses4Q=
-----END CERTIFICATE-----