This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft File: yGYvK0iswHfpWADlqpLOFtJuHeo.mft (raw, json) Hash identifier: OlAuoraQy7/2vEZi1J7OF/J1SAfloJBoAmUF4T95Jf8= Subject key identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27 Authority key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA Certificate issuer: /CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Certificate serial: 03C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft Manifest number: 03BA Signing time: Mon 19 Jan 2026 11:59:18 +0000 Manifest this update: Mon 19 Jan 2026 11:59:18 +0000 Manifest next update: Mon 19 Jan 2026 17:59:18 +0000 Files and hashes: 1: 4IPxAcBB8d60RbMzQW1q_Zk5spc.roa (hash: RSRbi+VJkcVS/ILldg1kKiHadRJWcM1Mmw3Dk4goFaM=) 2: ehTiw9rYkRpnHO8xmephp32y72U.roa (hash: ZnSUAZcJTNu5SHbMWhhDR7TcoG7T1MIVuMxVggswvaw=) 3: uW_sUHl-3HScavxDrg5eg9_INJ4.roa (hash: reqWK3fVKlZA3fra6G1lT9OteuvSXtDOZpPqJhZckac=) 4: yGYvK0iswHfpWADlqpLOFtJuHeo.crl (hash: QHU+lDAqgbEHuKTF5cIEGLtbgewhIn5h/pVaAug2eRE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 960 (0x3c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Validity Not Before: Jan 19 11:59:18 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=947CDE3614F027AFB0FD1C6D9ED9F827170D6327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:53:3e:ae:64:8f:6b:31:45:e5:ec:51:02:5b: 5b:15:41:6a:62:0e:d2:df:92:ca:34:b3:fc:9f:d4: d3:f5:93:40:bd:8e:a4:a3:4b:84:38:04:db:3a:bf: df:bb:a9:b7:7a:0f:28:7b:12:48:54:ac:52:48:55: 1e:99:93:0c:10:b7:06:0a:80:3c:0c:98:79:20:67: 1e:2d:33:c3:fb:37:8d:30:7e:ea:17:e1:f2:27:22: c0:a9:fc:2e:a1:53:e5:ac:b5:25:de:93:45:a2:b6: 1b:4a:7b:89:81:2f:32:c2:8d:98:50:f3:23:0b:22: 88:4d:77:2f:90:8b:20:e9:dd:35:35:af:8a:bb:e5: 8f:7e:50:5d:88:98:07:06:9e:3a:e2:8a:81:a7:83: 1a:9a:6b:c0:45:1d:9c:ab:18:52:d4:6d:6d:85:35: 29:a7:08:1f:00:49:4e:97:ec:43:48:f4:5f:54:6e: 0a:1e:6a:7d:a0:5e:45:e1:df:7e:85:fe:22:be:cc: 22:b3:8b:53:86:64:b7:90:c4:60:84:6f:40:a3:0f: 61:e9:29:bd:a7:44:c4:73:64:be:ba:4e:69:e2:dc: 8c:09:40:c0:00:76:9e:81:ab:17:95:d7:53:07:0f: 1f:b2:a1:b6:f7:d2:b4:54:a0:3c:31:43:82:cc:d0: 36:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27 X509v3 Authority Key Identifier: keyid:C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:0c:b7:a0:56:19:d5:24:dd:db:3f:66:75:f7:cf:80:b6:95: 6c:51:29:7b:cd:02:c5:cc:0b:68:0a:58:2f:3e:17:52:52:a6: 99:f5:f2:52:26:b1:0e:bd:47:2b:ce:58:98:1a:ff:7e:67:dc: a1:3c:6e:f8:0b:e7:61:d9:92:2e:ed:e7:d5:61:76:09:87:09: fe:bd:10:89:33:8d:f1:6a:e2:5a:69:63:16:cd:41:67:56:2f: 97:0e:04:b1:37:dd:26:7e:3c:02:9f:fc:30:9d:cd:68:2b:c9: 01:7d:7e:af:79:cf:71:56:40:bf:f4:d1:f8:84:40:8f:1f:fd: 0d:a7:d3:1c:3d:82:49:12:f7:84:80:9e:70:3d:a6:d1:aa:a6: 6f:55:89:14:a3:42:3c:b7:1a:ac:20:11:8b:0c:86:71:2e:1e: 43:3b:de:c9:8e:06:89:a0:45:48:16:f3:45:cb:fb:fe:ba:78: e1:6f:89:c7:21:5f:c2:84:f3:4f:e0:61:83:e2:2a:73:17:19: de:61:09:2a:e4:5a:b0:ab:69:1b:3d:09:4d:b0:9f:39:84:5e: c4:1f:62:59:68:ef:08:05:64:21:27:e1:fc:3b:10:b7:8a:93: 26:d2:aa:b9:80:ac:17:ac:15:31:63:00:48:a1:60:61:9d:e8: 66:e7:a0:dd -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICA8AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzg2 NjJGMkI0OEFDQzA3N0U5NTgwMEU1QUE5MkNFMTZEMjZFMURFQTAeFw0yNjAxMTkx MTU5MThaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDk0N0NERTM2MTRGMDI3 QUZCMEZEMUM2RDlFRDlGODI3MTcwRDYzMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjUz6uZI9rMUXl7FECW1sVQWpiDtLfkso0s/yf1NP1k0C9jqSj S4Q4BNs6v9+7qbd6Dyh7EkhUrFJIVR6ZkwwQtwYKgDwMmHkgZx4tM8P7N40wfuoX 4fInIsCp/C6hU+WstSXek0WithtKe4mBLzLCjZhQ8yMLIohNdy+QiyDp3TU1r4q7 5Y9+UF2ImAcGnjriioGngxqaa8BFHZyrGFLUbW2FNSmnCB8ASU6X7ENI9F9Ubgoe an2gXkXh336F/iK+zCKzi1OGZLeQxGCEb0CjD2HpKb2nRMRzZL66Tmni3IwJQMAA dp6BqxeV11MHDx+yobb30rRUoDwxQ4LM0DYtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlHzeNhTwJ6+w/Rxtntn4JxcNYycwHwYDVR0jBBgwFoAUyGYvK0iswHfpWADl qpLOFtJuHeowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3 MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3lHWXZLMGlzd0hmcFdBRGxxcExPRnRKdUhlby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzAveUdZdkswaXN3SGZw V0FEbHFwTE9GdEp1SGVvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBALEMt6BWGdUk3ds/ZnX3z4C2lWxRKXvNAsXMC2gKWC8+F1JSppn18lImsQ69 RyvOWJga/35n3KE8bvgL52HZki7t59VhdgmHCf69EIkzjfFq4lppYxbNQWdWL5cO BLE33SZ+PAKf/DCdzWgryQF9fq95z3FWQL/00fiEQI8f/Q2n0xw9gkkS94SAnnA9 ptGqpm9ViRSjQjy3GqwgEYsMhnEuHkM73smOBomgRUgW80XL+/66eOFvicchX8KE 80/gYYPiKnMXGd5hCSrkWrCraRs9CU2wnzmEXsQfYllo7wgFZCEn4fw7ELeKkybS qrmArBesFTFjAEihYGGd6GbnoN0= -----END CERTIFICATE-----Generated at Mon Jan 19 13:57:45 2026 by rpki-client