This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft File: 1JQPURo42VRNSLTFxsObBYH4kf4.mft (raw, json) Hash identifier: UAhm5F8sgppCWyCCN63GJdq7HrwW3ibnaOkE/7BGgwI= Subject key identifier: 14:AB:6B:DC:F1:DE:B6:17:49:DD:01:29:29:6C:74:EC:90:D5:45:97 Authority key identifier: D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE Certificate issuer: /CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE Certificate serial: 02B5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft Manifest number: 02B3 Signing time: Mon 19 Jan 2026 11:58:19 +0000 Manifest this update: Mon 19 Jan 2026 11:58:19 +0000 Manifest next update: Mon 19 Jan 2026 17:58:19 +0000 Files and hashes: 1: 1JQPURo42VRNSLTFxsObBYH4kf4.crl (hash: rihthwobMYPtsvSq9PIY3XCuW0hPcLH7ebDbBc/m1SY=) 2: XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa (hash: i76OhCIwCGUrBdnZ6U6M1/woB4YGh0bDGaiEq4xZxAA=) 3: o0yhMvDIOHV-tmQVctXjhUcSRiI.roa (hash: SLL3IhXfo60djFS/eMKmcoL3aMmfcJgrvUvuHnpcZXg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 693 (0x2b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE Validity Not Before: Jan 19 11:58:19 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=14AB6BDCF1DEB61749DD0129296C74EC90D54597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e8:68:2c:b2:b8:bc:c5:b5:48:c0:a1:a5:53: 9f:cd:0b:3c:dc:35:37:92:98:86:ac:f8:a1:a5:c5: 4a:2c:d0:75:56:67:8b:bc:33:ed:9a:28:d5:16:83: ef:b0:a5:10:c1:44:98:da:c5:c0:75:ec:ed:72:f2: ce:1f:3f:23:0e:e6:a8:8e:88:ed:9a:62:30:f9:93: 4f:48:b2:8f:68:48:69:ad:c5:c8:f0:de:dd:60:19: e5:26:c7:52:54:f9:1f:31:43:12:1f:25:0c:53:0a: e8:16:c7:0b:30:67:70:d9:d0:a0:74:3e:df:fe:51: 1e:e9:1f:2b:20:a2:0e:89:18:ad:53:ec:08:0f:7f: 67:74:05:81:b5:11:8c:d3:8f:fa:d8:93:cb:61:5d: f0:a5:47:44:4b:5a:b0:25:5e:93:63:79:3c:51:cd: 3d:54:2d:1e:c6:4c:f5:11:65:65:95:b1:7b:9d:c7: 63:bd:ae:ec:11:16:fd:8a:30:ed:3c:8d:6f:3b:69: 56:d4:a2:c0:5a:a9:a8:13:ef:c5:36:22:86:71:65: 31:16:9b:2d:a1:29:d0:9f:46:b4:1c:be:0b:8a:05: d0:45:05:d4:52:62:a0:5d:96:af:ee:e6:e6:3d:51: 7d:b3:0e:67:82:3b:20:cc:ac:c2:fb:a8:36:36:2a: b2:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:AB:6B:DC:F1:DE:B6:17:49:DD:01:29:29:6C:74:EC:90:D5:45:97 X509v3 Authority Key Identifier: keyid:D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:ae:3f:65:21:5f:cb:9d:37:d7:47:d0:a9:ca:78:e0:cb:7d: eb:2e:cb:a4:34:dd:07:6c:a3:7b:5b:22:fe:0b:74:a2:56:95: 09:56:10:d4:81:11:e5:0a:aa:98:c3:1b:f3:de:c4:c3:21:1a: f7:d6:b9:b3:aa:fd:da:dc:a2:99:63:69:eb:60:4e:05:c6:62: e5:ee:ec:fb:e0:1a:13:a3:34:78:f8:c7:2e:7d:38:dd:d8:41: 1b:11:84:54:73:87:ce:7f:49:16:c6:0e:11:e4:05:a8:54:2e: 8d:53:ee:72:b7:bb:ae:2a:86:ad:b2:a2:c5:c3:18:9e:c9:93: cb:54:1c:4e:e2:ff:14:2d:57:07:da:51:05:2c:c7:3e:e9:7f: f1:73:b5:3b:bf:09:c8:51:29:74:da:b6:25:90:c6:ef:0f:08: 52:6a:dd:2e:ac:85:6c:85:16:0e:ae:6d:1a:a4:9b:12:f1:a3: 38:aa:6f:b1:fa:0b:a3:93:0e:57:6d:fa:0c:85:af:e5:ad:ce: 41:28:2b:a9:08:64:13:8c:e5:35:02:0e:70:cc:ee:84:d7:e3: f6:0f:10:7f:f6:77:fa:d7:dc:22:b6:dd:49:e7:24:ec:6d:40: 06:df:ed:fe:e8:fc:57:6b:a5:12:64:eb:21:d6:95:7f:af:3b: f8:bf:fc:00 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICArUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDQ5 NDBGNTExQTM4RDk1NDRENDhCNEM1QzZDMzlCMDU4MUY4OTFGRTAeFw0yNjAxMTkx MTU4MTlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDE0QUI2QkRDRjFERUI2 MTc0OUREMDEyOTI5NkM3NEVDOTBENTQ1OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB6Ggssri8xbVIwKGlU5/NCzzcNTeSmIas+KGlxUos0HVWZ4u8 M+2aKNUWg++wpRDBRJjaxcB17O1y8s4fPyMO5qiOiO2aYjD5k09Iso9oSGmtxcjw 3t1gGeUmx1JU+R8xQxIfJQxTCugWxwswZ3DZ0KB0Pt/+UR7pHysgog6JGK1T7AgP f2d0BYG1EYzTj/rYk8thXfClR0RLWrAlXpNjeTxRzT1ULR7GTPURZWWVsXudx2O9 ruwRFv2KMO08jW87aVbUosBaqagT78U2IoZxZTEWmy2hKdCfRrQcvguKBdBFBdRS YqBdlq/u5uY9UX2zDmeCOyDMrML7qDY2KrLPAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUFKtr3PHethdJ3QEpKWx07JDVRZcwHwYDVR0jBBgwFoAU1JQPURo42VRNSLTF xsObBYH4kf4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY4 OC8xSlFQVVJvNDJWUk5TTFRGeHNPYkJZSDRrZjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzFKUVBVUm80MlZSTlNMVEZ4c09iQllINGtmNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2ODgvMUpRUFVSbzQyVlJO U0xURnhzT2JCWUg0a2Y0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABeuP2UhX8udN9dH0KnKeODLfesuy6Q03Qdso3tbIv4LdKJWlQlWENSBEeUK qpjDG/PexMMhGvfWubOq/drcopljaetgTgXGYuXu7PvgGhOjNHj4xy59ON3YQRsR hFRzh85/SRbGDhHkBahULo1T7nK3u64qhq2yosXDGJ7Jk8tUHE7i/xQtVwfaUQUs xz7pf/FztTu/CchRKXTatiWQxu8PCFJq3S6shWyFFg6ubRqkmxLxoziqb7H6C6OT Dldt+gyFr+WtzkEoK6kIZBOM5TUCDnDM7oTX4/YPEH/2d/rX3CK23UnnJOxtQAbf 7f7o/FdrpRJk6yHWlX+vO/i//AA= -----END CERTIFICATE-----Generated at Mon Jan 19 13:58:56 2026 by rpki-client