This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft File: 5W2kwnXzzMktCGICoe2neD8MPQ0.mft (raw, json) Hash identifier: 7MiHKurx6nhnZ/ghLyom+zZbnUIoVXaalS5xbU0drqc= Subject key identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A Authority key identifier: E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D Certificate issuer: /CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Certificate serial: 264E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft Manifest number: 2640 Signing time: Mon 19 Jan 2026 07:28:43 +0000 Manifest this update: Mon 19 Jan 2026 07:28:43 +0000 Manifest next update: Mon 19 Jan 2026 13:28:43 +0000 Files and hashes: 1: 5W2kwnXzzMktCGICoe2neD8MPQ0.crl (hash: blQgv4Pgg/5QdSCSWDEmFr3mxZF3rG8AyAAWm2IjMaY=) 2: YNqcA70QNDIL-1f-HxZVMTRIsBs.roa (hash: QFl0FbaZRakp+GDoHuDV/S/9eyi8/F7xjhbaAHfVv+o=) 3: _jo-OpB0a2QqJWmzSg_T-s-buhA.roa (hash: MVdXgaSblUpx++jZOW0IupDe0oNmWrAZls5J44Lx+jk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 Jan 2026 11:28:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9806 (0x264e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Validity Not Before: Jan 19 07:28:43 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0CCBB5AC4A4BDEAC4C767960951843F5247A1D7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ea:bf:55:b5:b2:2a:34:a3:a3:ce:e5:87:48: 68:50:c4:78:dd:a6:a2:af:92:c0:5f:7b:cf:2f:c8: cc:60:4b:df:f7:3d:d8:34:9d:a0:ff:6b:f5:ea:e0: e9:b9:61:d3:29:63:95:9c:fe:ae:d5:1c:af:5e:92: 5a:90:62:f7:01:56:0d:1a:76:da:ce:c0:30:a8:fa: d3:4a:ca:2d:3a:3e:3b:97:80:03:58:33:2c:67:5b: 37:ac:97:0a:2e:fa:7a:07:d1:78:ef:5e:a0:e3:5b: 4d:cf:f6:6b:14:06:6f:56:00:5e:31:59:73:09:0b: ca:af:d1:f7:a5:31:86:20:c8:48:f4:93:a3:25:3a: 15:b1:cb:21:e8:43:23:24:ca:f8:5d:c2:7d:f3:b7: bc:96:ac:08:32:11:e6:bd:b8:80:37:f8:5e:ea:52: 5e:ad:14:78:d4:13:4a:d2:98:06:2c:ca:7b:99:ec: 7e:a8:e1:55:66:9c:a7:27:be:75:aa:43:e1:62:7a: 85:0c:e5:a5:de:b9:5e:94:9f:8d:5d:89:cf:57:21: 41:ff:9b:2c:0e:a0:5c:1d:de:17:ff:98:d0:39:e9: a4:b5:1b:ac:25:ff:96:fe:12:1a:72:0d:86:5e:44: 0a:4a:41:7e:0a:39:67:d7:8f:07:9f:96:96:e7:1f: 16:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A X509v3 Authority Key Identifier: keyid:E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:34:78:d3:cf:67:55:a5:9e:2b:4b:f6:11:b4:79:72:9c:b3: c4:00:f8:93:69:c7:ad:4e:17:1d:e7:88:8c:63:f7:c8:e5:98: a3:bc:60:67:48:3b:ff:c1:05:7c:73:a7:9b:37:ef:48:db:48: c2:b0:91:3c:41:fb:e3:c3:47:61:70:06:c7:88:35:e5:0e:87: 31:73:f3:ff:66:f9:ee:7f:b2:7f:14:7d:b3:46:d5:31:01:2e: 38:41:27:a1:4f:6f:5c:68:2b:b9:db:ad:ff:ca:b1:39:b3:ed: 68:7e:21:01:6a:77:34:91:0d:58:cc:7b:c4:aa:82:97:5b:0a: c6:96:70:bd:06:bd:af:24:84:9d:a0:ff:8c:1a:dc:ef:8c:e5: 68:0a:11:f2:9a:6d:55:fb:ae:93:ac:6e:47:05:ea:f1:19:06: 1d:99:42:d9:e0:7d:ab:2a:c5:5d:66:14:11:fd:c0:65:5b:0c: 54:da:a1:01:96:d0:f1:c0:8e:fd:82:bf:53:df:f7:bf:0c:ea: 7f:2a:d7:d1:9f:4f:b3:11:ea:fb:f8:08:4b:b5:c8:5c:ec:84: c9:89:9d:2c:d3:30:e8:f6:e7:6c:81:e9:52:8c:71:e4:9a:d0: ea:14:40:11:a5:78:db:e2:24:8e:cd:c4:d6:46:d3:80:b6:1f: 41:b2:6a:b1 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICJk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTU2 REE0QzI3NUYzQ0NDOTJEMDg2MjAyQTFFREE3NzgzRjBDM0QwRDAeFw0yNjAxMTkw NzI4NDNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBDQ0JCNUFDNEE0QkRF QUM0Qzc2Nzk2MDk1MTg0M0Y1MjQ3QTFEN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF6r9VtbIqNKOjzuWHSGhQxHjdpqKvksBfe88vyMxgS9/3Pdg0 naD/a/Xq4Om5YdMpY5Wc/q7VHK9eklqQYvcBVg0adtrOwDCo+tNKyi06PjuXgANY MyxnWzeslwou+noH0XjvXqDjW03P9msUBm9WAF4xWXMJC8qv0felMYYgyEj0k6Ml OhWxyyHoQyMkyvhdwn3zt7yWrAgyEea9uIA3+F7qUl6tFHjUE0rSmAYsynuZ7H6o 4VVmnKcnvnWqQ+FieoUM5aXeuV6Un41dic9XIUH/mywOoFwd3hf/mNA56aS1G6wl /5b+EhpyDYZeRApKQX4KOWfXjweflpbnHxY7AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDMu1rEpL3qxMdnlglRhD9SR6HXowHwYDVR0jBBgwFoAU5W2kwnXzzMktCGIC oe2neD8MPQ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIx LzVXMmt3blh6ek1rdENHSUNvZTJuZUQ4TVBRMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNVcya3duWHp6TWt0Q0dJQ29lMm5lRDhNUFEwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIxLzVXMmt3blh6ek1rdENH SUNvZTJuZUQ4TVBRMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCgNHjTz2dVpZ4rS/YRtHlynLPEAPiTacetThcd54iMY/fI5ZijvGBnSDv/wQV8 c6ebN+9I20jCsJE8Qfvjw0dhcAbHiDXlDocxc/P/Zvnuf7J/FH2zRtUxAS44QSeh T29caCu5263/yrE5s+1ofiEBanc0kQ1YzHvEqoKXWwrGlnC9Br2vJISdoP+MGtzv jOVoChHymm1V+66TrG5HBerxGQYdmULZ4H2rKsVdZhQR/cBlWwxU2qEBltDxwI79 gr9T3/e/DOp/KtfRn0+zEer7+AhLtchc7ITJiZ0s0zDo9udsgelSjHHkmtDqFEAR pXjb4iSOzcTWRtOAth9Bsmqx -----END CERTIFICATE-----Generated at Mon Jan 19 10:38:54 2026 by rpki-client