This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft (raw, json) Hash identifier: F/BnF2h6+IR7BeZLLASW8Tg1khzTWwHYi95ZEVTYF6A= Subject key identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 2313 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft Manifest number: 2307 Signing time: Sun 25 Jan 2026 07:29:08 +0000 Manifest this update: Sun 25 Jan 2026 07:29:08 +0000 Manifest next update: Sun 25 Jan 2026 13:29:08 +0000 Files and hashes: 1: DZ9goMqh1tbZJtmWmEe55G3UPM8.roa (hash: UB5MHBmQqSFhvXeEyjlx1wflR5Gqg2Tx9OCUubTS/H8=) 2: XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl (hash: 7TNZJ5K6APuoT4vWNnzDCy5LmYiRGbA89V27WNwGdZs=) 3: v77HvQ8JDbuFO6M8TtpWDePh1QU.roa (hash: mBShptqUxFMYNN76UxyduwjMIWjbI3OnoZJA06+Uy70=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 11:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8979 (0x2313) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: Jan 25 07:29:08 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=287752BEC0FDA7B793BFEC2A92AF3F53F95AC430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f8:ef:96:ea:9c:43:2a:bf:98:64:05:ae:64: 1e:c6:6c:65:ad:d5:f8:e3:52:f4:94:f2:1a:da:83: 0a:2c:1d:b9:60:41:ff:38:8d:68:a3:92:ba:1b:a0: d0:9e:35:9c:66:1b:94:26:ad:7d:c6:77:03:d7:50: a9:7b:ce:83:b7:b6:d9:19:69:5d:3e:48:90:b0:e9: fc:cb:fd:94:5d:70:d7:dd:c6:4c:0b:0d:2d:59:d3: 4a:0e:c4:fa:00:47:0f:97:93:3b:4d:7b:31:f5:70: b4:f8:59:f1:84:fb:65:10:5b:2f:c4:cd:55:94:84: b6:a2:ae:3f:95:ab:66:3f:3e:77:c3:38:91:d8:ab: 00:c4:cf:73:33:7e:e4:47:16:f9:f2:ad:07:61:f3: 20:20:17:33:02:07:4a:fb:d5:cc:3c:e4:d9:ec:ca: 3c:0d:e0:30:da:fc:a2:26:e2:8d:bb:5e:61:5a:5b: c8:e3:56:9e:73:0a:72:a6:9d:f8:18:8b:f8:f7:92: 94:5a:54:98:53:56:bc:a9:81:4d:56:db:12:ae:19: 3d:11:1e:7d:b3:fb:70:08:9e:26:60:74:26:f2:72: 4a:cc:47:bc:f0:93:07:91:cf:f8:69:fe:ec:f7:3d: 09:64:0a:69:49:2e:98:94:b2:cc:72:e9:b4:62:a9: 93:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:ab:aa:58:1d:69:25:ff:1d:8d:25:da:69:9c:88:fd:e7:90: 60:b0:a3:5f:12:88:81:f2:68:5e:56:56:91:f7:e8:7d:ac:89: c1:5d:e9:1c:40:67:e2:8c:72:2c:c1:8b:9b:6f:26:d4:eb:4d: ee:25:cd:a4:9c:4a:c6:ef:bf:32:a6:d2:01:41:23:f1:17:d9: cb:c7:40:2b:4f:1c:6b:0e:b2:f2:f6:e3:57:fc:79:6e:b2:0e: 75:a3:32:ee:40:36:5a:2f:d5:96:68:16:56:4a:c1:40:30:cc: d2:31:12:de:52:1f:dd:21:7d:35:f1:31:08:24:b0:65:4d:84: 82:37:6b:c0:c1:70:55:22:4d:57:5f:4a:b6:17:4f:92:42:14: bf:58:92:f9:43:ac:13:98:38:ae:d5:64:ae:50:6c:c8:f7:07: 06:c1:b4:a5:6d:40:21:d1:57:cf:bd:6d:11:51:52:a1:c8:a0: 0c:91:a0:9d:88:5e:5a:f8:8c:eb:50:5b:0b:52:5f:d7:ce:b8: a2:7e:bf:05:b4:cd:f6:38:56:6c:5e:3a:98:ad:12:e4:d5:3b: 92:34:a3:3b:b3:01:80:04:1f:ac:50:18:b1:c7:80:f0:12:34: be:a3:b0:73:c0:7f:f5:0a:28:f9:95:ea:ea:f4:64:9c:86:48: f1:41:5f:f0 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIxMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNjAxMjUw NzI5MDhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDI4Nzc1MkJFQzBGREE3 Qjc5M0JGRUMyQTkyQUYzRjUzRjk1QUM0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6+O+W6pxDKr+YZAWuZB7GbGWt1fjjUvSU8hragwosHblgQf84 jWijkroboNCeNZxmG5QmrX3GdwPXUKl7zoO3ttkZaV0+SJCw6fzL/ZRdcNfdxkwL DS1Z00oOxPoARw+XkztNezH1cLT4WfGE+2UQWy/EzVWUhLairj+Vq2Y/PnfDOJHY qwDEz3MzfuRHFvnyrQdh8yAgFzMCB0r71cw85NnsyjwN4DDa/KIm4o27XmFaW8jj Vp5zCnKmnfgYi/j3kpRaVJhTVrypgU1W2xKuGT0RHn2z+3AIniZgdCbyckrMR7zw kweRz/hp/uz3PQlkCmlJLpiUssxy6bRiqZN3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKHdSvsD9p7eTv+wqkq8/U/laxDAwHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvWGFDbDdNSVlMYkFP dUZ4aU1UMVh1V3RfMW80Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAIqrqlgdaSX/HY0l2mmciP3nkGCwo18SiIHyaF5WVpH36H2sicFd6RxAZ+KM cizBi5tvJtTrTe4lzaScSsbvvzKm0gFBI/EX2cvHQCtPHGsOsvL241f8eW6yDnWj Mu5ANlov1ZZoFlZKwUAwzNIxEt5SH90hfTXxMQgksGVNhII3a8DBcFUiTVdfSrYX T5JCFL9YkvlDrBOYOK7VZK5QbMj3BwbBtKVtQCHRV8+9bRFRUqHIoAyRoJ2IXlr4 jOtQWwtSX9fOuKJ+vwW0zfY4VmxeOpitEuTVO5I0ozuzAYAEH6xQGLHHgPASNL6j sHPAf/UKKPmV6ur0ZJyGSPFBX/A= -----END CERTIFICATE-----Generated at Sun Jan 25 10:41:09 2026 by rpki-client