This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft
File:                     D9EB5C6DC17682949F5243587DA38740C3EEA953.mft (raw, json)
Hash identifier:          zNRtm9647XS22u3ogxLQAUUigFV957735NW7PRHSP7M=
Subject key identifier:   38:07:53:4A:C7:C2:4F:65:1C:D1:A1:53:9B:72:40:DB:F8:01:18:6F
Authority key identifier: D9:EB:5C:6D:C1:76:82:94:9F:52:43:58:7D:A3:87:40:C3:EE:A9:53
Certificate issuer:       /CN=D9EB5C6DC17682949F5243587DA38740C3EEA953
Certificate serial:       5D93CE4C3D06AACDCB1F73A7D13EC6F87758D6B0
Authority info access:    rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft
Manifest number:          08
Signing time:             Sat 24 Jan 2026 15:40:57 +0000
Manifest this update:     Sat 24 Jan 2026 15:35:57 +0000
Manifest next update:     Sun 25 Jan 2026 16:33:57 +0000
Files and hashes:         1: 3131392e3136312e3136302e302f32312d3234203d3e203633363331.roa (hash: fm9f22URXj00X+QlA/PpQ/F1F4uphlfQee6cITcqhgg=)
                          2: D9EB5C6DC17682949F5243587DA38740C3EEA953.crl (hash: zQPM9PWdNOSLI2JUNvYm6B2PTz3pqhwFeWc1M/as/6c=)
                          3: 3131392e3136312e3135322e302f32312d3234203d3e203633363331.roa (hash: BBTRwX86DtfzxU9rTrkCfkvyq+j6Fyat/htWxMwmilE=)
                          4: 3131392e3136312e3133362e302f32312d3234203d3e203633363331.roa (hash: q975HSO7Atv6pgfxEXanM5WMHvz/cN828nBH1I+FNos=)
                          5: 3131392e3136312e3134342e302f32312d3234203d3e203633363331.roa (hash: WUSgHCOBVUebvdwfVgY5RDlp2/uC/v+NAYmc5JoVMPE=)
                          6: 323430373a393038303a3a2f33322d3634203d3e203633363331.roa (hash: RtOoe4RmLFL3YbHfpUMA6V286a2QhifPZV7nvutl6kg=)
                          7: 3131392e3136312e3133382e302f32342d3234203d3e203633363331.roa (hash: TT0ksNomih+B2jCsvyApNDhVN1yErVHUo6JYmbCpCys=)
                          8: 323430373a386238303a3a2f33322d3634203d3e203633363331.roa (hash: WdIf6CkgwHhBtmwW9wC8z2X2aD7F1CPhNusCG6l7zvk=)
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 25 Jan 2026 16:33:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:93:ce:4c:3d:06:aa:cd:cb:1f:73:a7:d1:3e:c6:f8:77:58:d6:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D9EB5C6DC17682949F5243587DA38740C3EEA953
        Validity
            Not Before: Jan 24 15:35:57 2026 GMT
            Not After : Jan 25 16:33:57 2026 GMT
        Subject: CN=3807534AC7C24F651CD1A1539B7240DBF801186F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:57:f0:5d:0e:c5:0c:96:e5:0f:e2:fd:c8:a0:
                    fc:38:d7:79:71:49:01:f4:d4:ec:f5:a8:91:8f:5f:
                    ff:47:d4:1a:ae:36:8c:a6:50:c4:78:e8:dd:55:c7:
                    0f:75:fb:0c:4c:44:34:fe:80:15:9e:bb:58:52:78:
                    3b:8e:54:1d:79:d9:9c:69:99:21:37:da:34:f0:c6:
                    1d:d2:78:d6:3c:33:99:25:1e:46:48:89:23:11:e0:
                    01:91:3e:4f:79:f7:b8:3f:73:ce:40:89:0d:aa:8b:
                    16:6b:07:91:dd:23:5e:a4:68:d3:8d:18:3f:35:16:
                    85:4b:d9:37:c3:7d:6d:fe:c4:28:28:66:b9:d3:45:
                    4a:a3:10:b9:a2:0e:c6:44:7b:61:6b:0e:af:4f:c8:
                    02:fc:bb:fa:67:de:7d:5d:19:6c:b2:2f:75:5d:a5:
                    64:84:99:42:3c:2d:1a:77:2e:3e:b5:fc:81:0a:02:
                    aa:ba:15:b3:f5:55:47:82:20:37:33:a5:34:02:35:
                    32:f2:73:cb:1a:26:c6:d5:4b:fd:79:24:a0:32:eb:
                    49:14:02:6d:32:75:7e:d4:4a:6b:4f:06:6d:1a:fe:
                    33:10:0c:1d:63:a1:2b:64:8b:62:e5:0d:7d:43:82:
                    f3:27:60:26:89:95:51:45:ad:da:ef:9f:86:8f:96:
                    fa:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:07:53:4A:C7:C2:4F:65:1C:D1:A1:53:9B:72:40:DB:F8:01:18:6F
            X509v3 Authority Key Identifier:
                keyid:D9:EB:5C:6D:C1:76:82:94:9F:52:43:58:7D:A3:87:40:C3:EE:A9:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:c4:ee:fb:8a:34:f4:d5:b2:bc:9a:12:c9:51:52:45:dc:65:
         2c:e6:7e:25:59:5c:73:71:8d:54:d5:7f:a8:ea:cd:75:45:9f:
         74:31:86:ec:7b:4f:f7:2d:d6:0b:7f:36:f3:39:05:ea:53:fd:
         dd:91:c3:06:d4:e8:98:47:de:66:65:5a:6e:5e:a4:ba:b8:8a:
         9f:90:fb:22:88:ee:c7:4b:fb:a4:e9:6a:a5:e6:7c:94:e2:1c:
         89:47:c3:93:dc:38:6e:c1:86:9d:e7:8b:73:fd:a2:39:c0:cd:
         a7:1b:19:e8:5b:f2:dd:ef:f5:b6:ca:05:18:cb:0a:3d:83:15:
         ac:e1:6c:32:82:3e:1a:cd:d7:3c:f2:6a:5b:2f:fa:28:60:ba:
         29:86:6b:1a:39:42:19:8d:39:7d:aa:4f:7b:f2:26:6a:f4:f1:
         85:03:10:64:da:06:a4:5d:e1:3e:c0:e6:a8:af:61:21:a5:61:
         52:d7:04:fa:48:cb:e9:99:08:6d:c0:18:94:78:4b:79:56:8a:
         4c:d9:ab:a1:12:e1:28:4f:2f:6e:18:4f:dd:fa:6e:94:04:c2:
         1d:71:b4:97:14:7d:98:0d:3f:48:ad:80:7a:a0:f8:9a:b4:c6:
         89:f4:48:3f:a0:4e:5e:72:95:e3:52:56:af:3f:b8:39:d5:d5:
         55:6a:b4:0f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUXZPOTD0Gqs3LH3On0T7G+HdY1rAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDlFQjVDNkRDMTc2ODI5NDlGNTI0MzU4N0RBMzg3NDBD
M0VFQTk1MzAeFw0yNjAxMjQxNTM1NTdaFw0yNjAxMjUxNjMzNTdaMDMxMTAvBgNV
BAMTKDM4MDc1MzRBQzdDMjRGNjUxQ0QxQTE1MzlCNzI0MERCRjgwMTE4NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSV/BdDsUMluUP4v3IoPw413lx
SQH01Oz1qJGPX/9H1BquNoymUMR46N1Vxw91+wxMRDT+gBWeu1hSeDuOVB152Zxp
mSE32jTwxh3SeNY8M5klHkZIiSMR4AGRPk9597g/c85AiQ2qixZrB5HdI16kaNON
GD81FoVL2TfDfW3+xCgoZrnTRUqjELmiDsZEe2FrDq9PyAL8u/pn3n1dGWyyL3Vd
pWSEmUI8LRp3Lj61/IEKAqq6FbP1VUeCIDczpTQCNTLyc8saJsbVS/15JKAy60kU
Am0ydX7USmtPBm0a/jMQDB1joStki2LlDX1DgvMnYCaJlVFFrdrvn4aPlvqvAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUOAdTSsfCT2Uc0aFTm3JA2/gBGG8wHwYDVR0j
BBgwFoAU2etcbcF2gpSfUkNYfaOHQMPuqVMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU4MjMzMDM0Njg2NDY0MS8wL0Q5RUI1QzZEQzE3NjgyOTQ5RjUyNDM1ODdEQTM4
NzQwQzNFRUE5NTMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvRDlFQjVDNkRDMTc2ODI5NDlGNTI0MzU4N0RBMzg3NDBDM0VFQTk1My5jZXIw
fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1ODIzMzAzNDY4NjQ2NDEvMC9EOUVCNUM2REMxNzY4
Mjk0OUY1MjQzNTg3REEzODc0MEMzRUVBOTUzLm1mdDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI
KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfMTu+4o09NWy
vJoSyVFSRdxlLOZ+JVlcc3GNVNV/qOrNdUWfdDGG7HtP9y3WC3828zkF6lP93ZHD
BtTomEfeZmVabl6kuriKn5D7Iojux0v7pOlqpeZ8lOIciUfDk9w4bsGGneeLc/2i
OcDNpxsZ6Fvy3e/1tsoFGMsKPYMVrOFsMoI+Gs3XPPJqWy/6KGC6KYZrGjlCGY05
fapPe/ImavTxhQMQZNoGpF3hPsDmqK9hIaVhUtcE+kjL6ZkIbcAYlHhLeVaKTNmr
oRLhKE8vbhhP3fpulATCHXG0lxR9mA0/SK2AeqD4mrTGifRIP6BOXnKV41JWrz+4
OdXVVWq0Dw==
-----END CERTIFICATE-----