This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft File: qP3wu66meVNpOJbHY_Ep2jtBg-s.mft (raw, json) Hash identifier: HSBpRmUl8LWXwJOMuI1bt0tEBAg+kKf9NtvVSJ6aj2c= Subject key identifier: 81:42:3B:A7:7A:B7:08:72:49:D6:8E:24:98:CC:5E:6A:24:72:0A:E3 Authority key identifier: A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB Certificate issuer: /CN=A8FDF0BBAEA67953693896C763F129DA3B4183EB Certificate serial: 0302 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft Manifest number: 02F9 Signing time: Mon 26 Jan 2026 02:58:31 +0000 Manifest this update: Mon 26 Jan 2026 02:58:31 +0000 Manifest next update: Mon 26 Jan 2026 08:58:31 +0000 Files and hashes: 1: 3gLZcEB9b6CcG88DthuUvQzuMng.roa (hash: sTik18vjb2qG/NYnXK3uG9tY/DL8xWE+DymUfLAIlnE=) 2: F0kSGnAIagivcV8g5cUdsyi-f3E.roa (hash: UcsToYzGinH+LaJVhXhSb5v+g/uBThplPaSlnEqw7FM=) 3: RXJSANHbZrdpPxa1bsPmTvjO39Q.roa (hash: 95CUp/VfY7PSkOcAscjkDxH3xv1Hjai/9RJJgyl0Hqs=) 4: WC1nHAg0yIPcV3WIpCTCZDMOWmM.roa (hash: aYTc6ZXigj8FqXcD/bFRpNLNct9j8zBZNjugMTj8hX8=) 5: qP3wu66meVNpOJbHY_Ep2jtBg-s.crl (hash: ACqAdEqZFhRKvLnUswxUTOhm3wxtHUh6+y0dNJUT9Js=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 08:58:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 770 (0x302) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A8FDF0BBAEA67953693896C763F129DA3B4183EB Validity Not Before: Jan 26 02:58:31 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=81423BA77AB7087249D68E2498CC5E6A24720AE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a7:40:c5:41:bc:f5:4e:9b:62:5d:a9:4a:2d: 3f:e6:d7:ce:78:ff:60:eb:5a:fc:45:18:10:55:5e: 31:48:05:87:80:17:55:a9:d6:e3:b2:13:d4:23:9e: f0:f4:51:84:ae:af:07:95:68:71:29:21:c8:1f:ac: 40:95:69:f7:c8:cd:b5:9f:bd:cf:9d:60:1b:03:8e: 6e:12:c1:53:bd:31:df:c5:b5:e0:67:df:39:04:60: 25:5f:3c:a5:5b:d9:61:9b:01:1f:4c:7e:ee:a7:00: e3:07:dd:69:a7:83:82:e5:99:f9:57:24:6d:1d:a9: 5b:0f:ee:45:21:3f:b4:b1:d9:d5:72:c3:6e:59:19: b9:d0:b7:46:65:b9:04:eb:e6:9d:d7:c8:10:1e:66: a2:ad:3f:07:5b:2f:a8:74:79:1a:9a:7b:fd:1e:7f: f2:a4:33:61:4a:4f:ad:8b:30:d4:b5:fe:a2:77:b0: de:f2:85:76:d2:1d:33:e1:08:f4:b5:9d:53:5e:3a: ae:67:ec:cb:a2:d3:39:ad:47:b5:1c:c4:90:a5:ea: 55:4e:24:55:e5:1a:e2:e2:0f:e3:77:2c:3f:4d:e6: 50:99:a8:4b:bb:fd:81:0d:12:db:31:1e:5c:20:69: ba:16:09:96:4a:0a:3c:f3:f1:c2:8b:2f:fc:7e:b9: 1a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:42:3B:A7:7A:B7:08:72:49:D6:8E:24:98:CC:5E:6A:24:72:0A:E3 X509v3 Authority Key Identifier: keyid:A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:b4:9f:75:54:09:88:cd:07:f0:62:6d:d3:52:e3:cd:91:f9: 9a:da:2f:7d:44:1a:ac:83:61:38:fd:57:40:fb:b0:c6:65:8b: 37:3a:80:ee:2e:13:63:1d:7e:8a:ad:19:33:16:38:0b:aa:b1: 8c:ed:ed:08:61:7e:25:cb:59:c6:bd:f4:7b:cf:2e:b7:1e:f7: de:ec:3f:2b:17:53:21:d8:21:38:b9:41:de:63:db:50:fb:54: 00:76:98:c2:b1:b9:a6:02:e4:2b:a8:05:df:9a:22:76:5d:53: c0:d8:07:49:98:8c:ec:6b:ca:f3:10:d6:25:e7:6b:61:7f:d4: 09:73:cd:3d:66:1d:7a:e9:5a:c7:52:ab:27:ba:e6:cc:1d:0a: a3:8a:8e:a0:8a:6a:50:ad:ca:46:c0:1d:94:f9:19:94:45:e1: f6:73:11:d5:8f:7d:8a:e7:e1:2b:b4:a9:a7:9c:44:50:4b:9f: 9d:f0:f3:3b:d8:72:be:3e:73:b3:f4:0e:e4:8a:07:31:1e:73: 9f:46:a0:a0:89:17:a4:ac:25:3f:00:ee:d0:1e:2f:0e:b9:aa: 8d:f4:f1:0b:1c:aa:be:ce:7d:b1:c4:ec:c1:1e:b0:ca:47:de: d8:23:57:bb:49:07:3e:54:8b:82:ae:02:ee:83:83:8e:67:32: 7e:56:9f:80 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICAwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQThG REYwQkJBRUE2Nzk1MzY5Mzg5NkM3NjNGMTI5REEzQjQxODNFQjAeFw0yNjAxMjYw MjU4MzFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDgxNDIzQkE3N0FCNzA4 NzI0OUQ2OEUyNDk4Q0M1RTZBMjQ3MjBBRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyp0DFQbz1TptiXalKLT/m1854/2DrWvxFGBBVXjFIBYeAF1Wp 1uOyE9QjnvD0UYSurweVaHEpIcgfrECVaffIzbWfvc+dYBsDjm4SwVO9Md/FteBn 3zkEYCVfPKVb2WGbAR9Mfu6nAOMH3Wmng4LlmflXJG0dqVsP7kUhP7Sx2dVyw25Z GbnQt0ZluQTr5p3XyBAeZqKtPwdbL6h0eRqae/0ef/KkM2FKT62LMNS1/qJ3sN7y hXbSHTPhCPS1nVNeOq5n7Mui0zmtR7UcxJCl6lVOJFXlGuLiD+N3LD9N5lCZqEu7 /YENEtsxHlwgaboWCZZKCjzz8cKLL/x+uRqZAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUgUI7p3q3CHJJ1o4kmMxeaiRyCuMwHwYDVR0jBBgwFoAUqP3wu66meVNpOJbH Y/Ep2jtBg+swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTg1 L3FQM3d1NjZtZVZOcE9KYkhZX0VwMmp0Qmctcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcVAzd3U2Nm1lVk5wT0piSFlfRXAyanRCZy1zLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTg1L3FQM3d1NjZtZVZOcE9K YkhZX0VwMmp0Qmctcy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQActJ91VAmIzQfwYm3TUuPNkfma2i99RBqsg2E4/VdA+7DGZYs3OoDuLhNjHX6K rRkzFjgLqrGM7e0IYX4ly1nGvfR7zy63Hvfe7D8rF1Mh2CE4uUHeY9tQ+1QAdpjC sbmmAuQrqAXfmiJ2XVPA2AdJmIzsa8rzENYl52thf9QJc809Zh166VrHUqsnuubM HQqjio6gimpQrcpGwB2U+RmUReH2cxHVj32K5+ErtKmnnERQS5+d8PM72HK+PnOz 9A7kigcxHnOfRqCgiRekrCU/AO7QHi8OuaqN9PELHKq+zn2xxOzBHrDKR97YI1e7 SQc+VIuCrgLug4OOZzJ+Vp+A -----END CERTIFICATE-----Generated at Mon Jan 26 08:22:42 2026 by rpki-client