This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft File: Ab4zXmpO-5VNuniThGkpo6X2hno.mft (raw, json) Hash identifier: jC7vamNIuxO30Xw8IoeHYS3r9eD4ieXbMlINz0XMoPs= Subject key identifier: FA:83:3F:CB:2C:B6:E9:1B:02:46:73:91:50:C5:68:9D:89:84:67:09 Authority key identifier: 01:BE:33:5E:6A:4E:FB:95:4D:BA:78:93:84:69:29:A3:A5:F6:86:7A Certificate issuer: /CN=01BE335E6A4EFB954DBA7893846929A3A5F6867A Certificate serial: 01CD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft Manifest number: 01C5 Signing time: Mon 19 Jan 2026 11:57:29 +0000 Manifest this update: Mon 19 Jan 2026 11:57:29 +0000 Manifest next update: Mon 19 Jan 2026 17:57:29 +0000 Files and hashes: 1: 5LOLlAIfQshnZv-A-yit2bYPTFo.roa (hash: hxfdu9xHt7cnTvpqU3L+8tXpGulefAZyhVcuuyqv+JE=) 2: AZp661QogaamAn6kJhyEDq3lnpI.roa (hash: uVgRCC3TYs9CHxk1EXfcS4ShgRRYkecdU6L+XifaETw=) 3: Ab4zXmpO-5VNuniThGkpo6X2hno.crl (hash: g90sshKzNh4rZcwceJKztwMw+aB0ol8JIKmmPENZe0Q=) 4: TkMmlTcEcQLD7pSSb1TqYpSMWS0.roa (hash: EXUzTGbeJC8KE4XzujOoFpoduu3zvEsV8X0422gj9gE=) 5: sbu17e0QoVUI9W7RNg3UI95CtpM.roa (hash: s9gRekXs+s24fDqiGJ+uhEWtDdujVoxBCQiLjYe1MCQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 16:27:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01BE335E6A4EFB954DBA7893846929A3A5F6867A Validity Not Before: Jan 19 11:57:29 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=FA833FCB2CB6E91B0246739150C5689D89846709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a4:35:f9:4b:da:d1:4a:84:f2:7d:6d:83:80: fc:b2:9e:1a:43:bc:c5:b6:16:62:69:16:d8:f8:32: f4:fb:8a:2a:f4:f3:90:c5:2b:6e:d0:d4:52:93:2d: aa:be:11:a6:c2:a3:ef:ef:f6:e2:00:c3:89:11:50: 2e:9b:10:9b:59:45:1a:fa:cb:44:ed:7a:f5:a7:26: 46:4e:95:50:df:fb:2f:e6:a2:0b:02:d5:12:4a:aa: 16:ad:86:5f:05:1e:4d:33:a1:cf:60:ea:6c:b8:e2: c7:00:ae:12:31:09:6e:a0:4f:33:77:e6:63:1f:23: 93:46:00:db:c0:f0:ce:0b:e1:c4:16:a0:55:2b:aa: 2d:51:68:47:0b:65:27:96:45:1e:36:cd:d6:d0:1b: ca:1f:7b:b4:6f:6a:ec:aa:e3:2d:5b:b0:d5:3e:90: 56:fb:23:b4:96:ec:bb:ea:09:f1:a9:3f:da:88:02: b6:9f:d3:9b:b6:28:cc:65:54:e8:a0:52:9a:49:f8: bd:81:bb:75:35:ec:48:17:bd:95:48:65:0d:31:de: 15:1e:de:18:49:f5:95:22:01:ed:a2:92:5f:76:86: 92:64:af:36:d9:10:af:6c:2c:6d:a4:3b:96:5f:e8: 99:fb:e8:4d:6f:86:81:83:62:c5:de:d1:b9:10:73: df:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:83:3F:CB:2C:B6:E9:1B:02:46:73:91:50:C5:68:9D:89:84:67:09 X509v3 Authority Key Identifier: keyid:01:BE:33:5E:6A:4E:FB:95:4D:BA:78:93:84:69:29:A3:A5:F6:86:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:01:38:e4:ca:8a:77:80:ac:95:43:82:30:b7:89:8a:27:aa: 7b:6c:a3:c4:4a:47:2a:c1:26:0e:bc:29:61:34:d2:b5:e4:cf: 4e:fc:bd:c4:da:15:ac:f3:8a:c0:80:61:0a:9b:2d:b0:92:d1: 97:22:27:1a:fc:4e:97:53:4a:0d:53:98:5f:1d:4d:8d:0d:57: e8:5f:af:52:18:3e:10:16:a4:6d:23:a1:35:47:c5:04:ed:c2: bd:94:35:19:2d:36:33:20:f3:ac:14:17:ac:89:df:5d:7a:ce: ac:27:e9:dd:d0:4f:6b:5d:5c:e1:45:d0:2d:92:8a:e5:4e:74: 7e:72:ae:4d:d2:45:31:71:fe:55:d4:f1:8c:7f:f0:c8:c7:dd: d2:3e:16:48:98:73:8e:1f:3f:69:e5:6e:67:b6:26:4b:ec:1d: e0:88:64:92:96:eb:9f:fa:9d:1b:01:0e:45:5c:95:be:00:37: 61:18:ea:58:f7:98:f3:67:5d:3a:dc:06:10:f7:e6:b6:44:16: c2:e7:d1:23:9f:3f:2e:b6:e7:33:19:3a:2b:91:7d:fd:b6:26: c4:91:5f:4a:fb:e8:1c:1f:42:c2:da:ed:3d:36:ee:cf:9a:36: 83:a1:e2:29:ff:4f:0e:1e:6d:0a:d4:6c:f4:19:87:4f:09:ce: 3b:44:f4:17 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFC RTMzNUU2QTRFRkI5NTREQkE3ODkzODQ2OTI5QTNBNUY2ODY3QTAeFw0yNjAxMTkx MTU3MjlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEZBODMzRkNCMkNCNkU5 MUIwMjQ2NzM5MTUwQzU2ODlEODk4NDY3MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbpDX5S9rRSoTyfW2DgPyynhpDvMW2FmJpFtj4MvT7iir085DF K27Q1FKTLaq+EabCo+/v9uIAw4kRUC6bEJtZRRr6y0TtevWnJkZOlVDf+y/mogsC 1RJKqhathl8FHk0zoc9g6my44scArhIxCW6gTzN35mMfI5NGANvA8M4L4cQWoFUr qi1RaEcLZSeWRR42zdbQG8ofe7Rvauyq4y1bsNU+kFb7I7SW7LvqCfGpP9qIAraf 05u2KMxlVOigUppJ+L2Bu3U17EgXvZVIZQ0x3hUe3hhJ9ZUiAe2ikl92hpJkrzbZ EK9sLG2kO5Zf6Jn76E1vhoGDYsXe0bkQc98VAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU+oM/yyy26RsCRnORUMVonYmEZwkwHwYDVR0jBBgwFoAUAb4zXmpO+5VNuniT hGkpo6X2hnowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE5 NC9BYjR6WG1wTy01Vk51bmlUaEdrcG82WDJobm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FiNHpYbXBPLTVWTnVuaVRoR2twbzZYMmhuby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxOTQvQWI0elhtcE8tNVZO dW5pVGhHa3BvNlgyaG5vLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBACUBOOTKineArJVDgjC3iYonqntso8RKRyrBJg68KWE00rXkz078vcTaFazz isCAYQqbLbCS0ZciJxr8TpdTSg1TmF8dTY0NV+hfr1IYPhAWpG0joTVHxQTtwr2U NRktNjMg86wUF6yJ3116zqwn6d3QT2tdXOFF0C2SiuVOdH5yrk3SRTFx/lXU8Yx/ 8MjH3dI+FkiYc44fP2nlbme2JkvsHeCIZJKW65/6nRsBDkVclb4AN2EY6lj3mPNn XTrcBhD35rZEFsLn0SOfPy625zMZOiuRff22JsSRX0r76BwfQsLa7T027s+aNoOh 4in/Tw4ebQrUbPQZh08JzjtE9Bc= -----END CERTIFICATE-----Generated at Mon Jan 19 13:58:58 2026 by rpki-client