This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft File: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft (raw, json) Hash identifier: kcBi9TqmmIQ+BNAIj8BIVK60KuxR5zkkEjNAzNLjJ3Y= Subject key identifier: 55:F2:25:83:02:B8:45:CB:C0:C3:DC:7C:09:3E:BF:DC:C1:A4:E1:28 Authority key identifier: 8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 Certificate issuer: /CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Certificate serial: 38394BC8978C3D9D2D201B1D3134D684870B7813 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft Manifest number: 09 Signing time: Sun 25 Jan 2026 10:36:02 +0000 Manifest this update: Sun 25 Jan 2026 10:31:02 +0000 Manifest next update: Mon 26 Jan 2026 13:19:02 +0000 Files and hashes: 1: 34352e3131352e31382e302f32332d3234203d3e20313531323330.roa (hash: KFwVFV9XIdASmiH55Vrp/a+LAUtb9TpqJV9SvrwxSRc=) 2: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl (hash: 4p7N4knsg8f9er7gLzLomazRJoKHA3asGhcoRUt7Fnc=) 3: 323430323a323065303a3a2f33322d3438203d3e20313531323330.roa (hash: QWUb0DzubEfKqwW//PTcn/ZJK/ak3Shs1IT7p6JBGPc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 13:19:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:39:4b:c8:97:8c:3d:9d:2d:20:1b:1d:31:34:d6:84:87:0b:78:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Validity Not Before: Jan 25 10:31:02 2026 GMT Not After : Jan 26 13:19:02 2026 GMT Subject: CN=55F2258302B845CBC0C3DC7C093EBFDCC1A4E128 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:34:97:c8:61:6e:d3:e6:e5:40:47:bd:a3:5a: 34:51:fd:1f:85:fd:f1:55:68:fa:91:cb:d0:0c:1b: a1:e2:d2:c6:24:aa:80:86:b9:f5:dd:d1:31:14:89: d5:37:b3:57:ce:35:7f:52:02:8e:df:b7:f3:e9:45: 44:cf:6c:97:43:06:bf:6b:42:ea:76:64:94:d1:b8: 36:f5:7d:ae:b2:f2:07:57:32:13:72:84:05:b7:e7: d7:68:72:53:e3:f1:93:3e:7b:3e:a7:66:2c:2e:45: 59:a7:25:4c:d5:1c:32:86:13:8b:4c:9b:78:8a:71: 16:92:7e:86:d5:8f:19:73:54:11:96:67:6e:5f:18: b1:66:1f:c6:2c:4a:6b:dc:c3:38:43:8b:c6:e5:f7: 41:08:e6:2f:23:04:a6:37:22:3a:4b:f0:79:9b:32: 30:87:74:0d:4f:ad:0c:85:16:27:c1:a9:ce:48:04: 5b:6c:5a:35:32:14:ad:1b:5a:11:13:40:58:e2:a7: 25:a0:32:a7:3e:39:ef:93:60:fa:fa:53:3d:f3:61: 63:7f:74:a6:81:a9:a1:74:41:12:87:c0:a7:34:01: 32:96:6c:77:7c:d3:ff:03:c8:ed:57:6b:7b:ef:e6: c7:f7:b7:1e:0e:80:a4:18:6e:a0:c3:32:f1:da:59: 9d:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:F2:25:83:02:B8:45:CB:C0:C3:DC:7C:09:3E:BF:DC:C1:A4:E1:28 X509v3 Authority Key Identifier: keyid:8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:21:61:00:21:46:3f:42:dc:74:76:1b:f7:2b:b2:12:14:46: f1:64:ec:7c:74:47:41:72:c3:81:88:42:07:70:ef:7f:f2:f3: 43:7a:fc:9f:7a:da:00:7a:76:9e:f3:4d:e7:c5:a5:b6:5e:dc: 39:48:e2:e0:4f:db:8d:de:a0:dd:c6:d9:b0:79:95:aa:6a:81: 4c:8e:d4:20:f6:ee:82:4c:ef:5d:fb:c9:03:a8:0d:82:96:b4: 20:83:09:9a:df:87:7e:15:dd:74:77:d7:de:ef:e8:46:18:2e: d0:db:ea:6b:fb:76:ee:c8:1f:ff:74:7b:02:9c:ee:3d:71:25: 4c:4b:49:47:f7:d3:64:84:dc:68:2c:9a:02:dd:8b:ef:1b:d4: ad:a6:73:ad:4d:ca:6d:ee:bc:13:07:5b:76:60:b6:d6:d5:46: a4:95:09:65:b6:2d:7e:86:13:38:b7:07:87:2b:a7:6a:fc:64: bf:ca:ef:09:73:cb:67:5a:f3:bf:2a:c4:8f:15:26:ee:f1:84: b0:3f:c0:88:ea:ca:b9:e0:42:da:c5:ac:25:70:91:51:e6:91: 4d:45:5e:c9:7d:04:62:e3:bd:2f:f6:42:87:63:9e:5e:18:48: 93:f3:68:f9:90:64:da:4d:e7:12:9f:43:f8:39:98:f9:f6:99: 25:85:cf:7d -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUODlLyJeMPZ0tIBsdMTTWhIcLeBMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0 NDVEQzNBMTAeFw0yNjAxMjUxMDMxMDJaFw0yNjAxMjYxMzE5MDJaMDMxMTAvBgNV BAMTKDU1RjIyNTgzMDJCODQ1Q0JDMEMzREM3QzA5M0VCRkRDQzFBNEUxMjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDANJfIYW7T5uVAR72jWjRR/R+F /fFVaPqRy9AMG6Hi0sYkqoCGufXd0TEUidU3s1fONX9SAo7ft/PpRUTPbJdDBr9r Qup2ZJTRuDb1fa6y8gdXMhNyhAW359doclPj8ZM+ez6nZiwuRVmnJUzVHDKGE4tM m3iKcRaSfobVjxlzVBGWZ25fGLFmH8YsSmvcwzhDi8bl90EI5i8jBKY3IjpL8Hmb MjCHdA1PrQyFFifBqc5IBFtsWjUyFK0bWhETQFjipyWgMqc+Oe+TYPr6Uz3zYWN/ dKaBqaF0QRKHwKc0ATKWbHd80/8DyO1Xa3vv5sf3tx4OgKQYbqDDMvHaWZ2/AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUVfIlgwK4RcvAw9x8CT6/3MGk4SgwHwYDVR0j BBgwFoAUjUBr7EUssHTWMKvb1idbxURdw6EwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzcxNzI1MS8wLzhENDA2QkVDNDUyQ0IwNzRENjMwQUJEQkQ2Mjc1 QkM1NDQ1REMzQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0NDVEQzNBMS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc3MTcyNTEvMC84RDQwNkJFQzQ1MkNC MDc0RDYzMEFCREJENjI3NUJDNTQ0NURDM0ExLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSFhACFGP0Lc dHYb9yuyEhRG8WTsfHRHQXLDgYhCB3Dvf/LzQ3r8n3raAHp2nvNN58Wltl7cOUji 4E/bjd6g3cbZsHmVqmqBTI7UIPbugkzvXfvJA6gNgpa0IIMJmt+HfhXddHfX3u/o Rhgu0Nvqa/t27sgf/3R7ApzuPXElTEtJR/fTZITcaCyaAt2L7xvUraZzrU3Kbe68 EwdbdmC21tVGpJUJZbYtfoYTOLcHhyunavxkv8rvCXPLZ1rzvyrEjxUm7vGEsD/A iOrKueBC2sWsJXCRUeaRTUVeyX0EYuO9L/ZCh2OeXhhIk/No+ZBk2k3nEp9D+DmY +faZJYXPfQ== -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:19 2026 by rpki-client