This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.


Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.mft
File:                     E2o5x2MKPHSRBQ0-nb1bb3kG_XU.mft (raw, json)
Hash identifier:          oOgwG/vqYjh64UmwPkQSSvuR6/627vLVF+e9gr7y78o=
Subject key identifier:   B9:43:8C:55:06:FC:B9:C4:7B:7F:7F:60:BA:4C:12:3B:FB:48:4F:87
Authority key identifier: 13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75
Certificate issuer:       /CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75
Certificate serial:       10C3
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.mft
Manifest number:          10BF
Signing time:             Sun 25 Jan 2026 15:58:30 +0000
Manifest this update:     Sun 25 Jan 2026 15:58:30 +0000
Manifest next update:     Sun 25 Jan 2026 21:58:30 +0000
Files and hashes:         1: E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl (hash: W77rdgu+bf/YwdwoU1O95Ki6U46tWH+DAu3GXm/SuZs=)
                          2: aoCzfRxZ2-L1gM2xlNnF5TJocgc.roa (hash: 5UBuha1VpzUGgTtdOzk2lSCl0/m1ejK0SAA7aTXxIU4=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4291 (0x10c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75
        Validity
            Not Before: Jan 25 15:58:30 2026 GMT
            Not After : Jan  9 08:23:18 2027 GMT
        Subject: CN=B9438C5506FCB9C47B7F7F60BA4C123BFB484F87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:01:84:3c:bc:71:4c:46:3d:ab:2e:d8:52:f4:
                    b7:ec:1a:b2:26:2c:91:04:ab:9d:e5:db:17:1c:5a:
                    30:36:89:dd:3e:9a:0f:9a:16:e5:8b:34:05:67:0f:
                    da:fe:e5:81:1b:06:9d:46:f5:de:30:76:34:a6:34:
                    ce:34:e5:88:0b:72:dd:0c:e7:11:59:cb:06:28:04:
                    be:61:e0:cf:8a:93:47:cc:16:df:d1:94:62:f7:60:
                    26:f4:c5:25:97:28:90:96:0e:51:0b:f4:56:0b:87:
                    b5:28:e8:ff:45:69:e9:35:08:5c:a5:91:c5:6b:a5:
                    c2:07:fe:f2:c3:6f:cb:44:ec:25:1f:36:e2:4e:de:
                    60:ab:54:cd:87:10:48:68:cb:88:62:d0:f5:4f:4f:
                    ac:92:4b:7a:a6:a4:4e:ee:68:0e:67:4f:f1:2a:36:
                    0e:f1:43:e0:3a:da:78:ee:ca:89:a0:dc:88:54:c6:
                    04:f5:1e:a2:58:04:04:85:8b:8a:b0:9e:21:b8:61:
                    66:42:61:84:53:f6:ef:4f:45:9c:f8:a5:83:ad:9b:
                    9a:1c:a4:0b:1d:63:b8:9e:67:c0:4f:8a:e0:d2:02:
                    88:84:91:d9:06:b0:1c:b3:1e:ed:54:d8:34:e5:34:
                    50:4e:c8:2e:4f:7c:1c:74:a0:e4:65:a5:f7:a5:8e:
                    c9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:43:8C:55:06:FC:B9:C4:7B:7F:7F:60:BA:4C:12:3B:FB:48:4F:87
            X509v3 Authority Key Identifier:
                keyid:13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:5c:29:2f:c6:fc:80:bc:26:55:8c:54:5d:75:3b:d0:dd:05:
         7f:cd:48:83:32:9f:32:19:8b:75:a9:93:45:9b:86:f7:37:f8:
         af:cb:c1:39:fe:a5:0f:9b:5d:06:7b:d1:c1:db:10:3e:5f:07:
         48:ec:b5:94:85:b7:91:76:95:a1:e5:7e:56:cf:c5:02:0b:4f:
         3f:23:04:a7:28:06:40:f7:fb:4e:19:a6:7e:d3:f8:f1:98:ed:
         4a:d3:fe:25:d8:90:a7:15:4c:4d:52:08:18:5d:0f:ad:12:b1:
         c7:b9:dc:6e:fd:6c:2e:17:3f:16:19:9e:73:b2:64:c7:e9:cb:
         f4:09:5c:35:90:e5:da:38:86:30:4b:5d:fd:c6:ca:5d:54:d2:
         78:6d:c6:32:67:64:ca:79:77:bc:ff:c5:84:27:3c:1c:cd:97:
         e3:9a:73:d2:41:76:41:26:58:36:de:36:d6:38:be:2d:81:75:
         d0:20:d7:5b:8f:9f:ff:69:7e:93:60:d4:fc:7f:77:bb:98:db:
         3e:01:9b:78:0a:ed:2b:3a:09:e9:37:47:31:e2:26:65:b6:09:
         21:04:b8:53:d7:5c:09:43:12:5b:23:c5:8d:c7:18:cd:5c:34:
         ac:77:81:55:8b:bc:cc:9a:b6:f3:b8:ce:54:1d:a0:86:f5:32:
         a8:a3:b6:50
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICEMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTM2
QTM5Qzc2MzBBM0M3NDkxMDUwRDNFOURCRDVCNkY3OTA2RkQ3NTAeFw0yNjAxMjUx
NTU4MzBaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEI5NDM4QzU1MDZGQ0I5
QzQ3QjdGN0Y2MEJBNEMxMjNCRkI0ODRGODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1AYQ8vHFMRj2rLthS9LfsGrImLJEEq53l2xccWjA2id0+mg+a
FuWLNAVnD9r+5YEbBp1G9d4wdjSmNM405YgLct0M5xFZywYoBL5h4M+Kk0fMFt/R
lGL3YCb0xSWXKJCWDlEL9FYLh7Uo6P9Faek1CFylkcVrpcIH/vLDb8tE7CUfNuJO
3mCrVM2HEEhoy4hi0PVPT6ySS3qmpE7uaA5nT/EqNg7xQ+A62njuyomg3IhUxgT1
HqJYBASFi4qwniG4YWZCYYRT9u9PRZz4pYOtm5ocpAsdY7ieZ8BPiuDSAoiEkdkG
sByzHu1U2DTlNFBOyC5PfBx0oORlpfeljsnzAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUuUOMVQb8ucR7f39gukwSO/tIT4cwHwYDVR0jBBgwFoAUE2o5x2MKPHSRBQ0+
nb1bb3kG/XUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE4
MS9FMm81eDJNS1BIU1JCUTAtbmIxYmIza0dfWFUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0UybzV4Mk1LUEhTUkJRMC1uYjFiYjNrR19YVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxODEvRTJvNXgyTUtQSFNS
QlEwLW5iMWJiM2tHX1hVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAKpcKS/G/IC8JlWMVF11O9DdBX/NSIMynzIZi3Wpk0Wbhvc3+K/LwTn+pQ+b
XQZ70cHbED5fB0jstZSFt5F2laHlflbPxQILTz8jBKcoBkD3+04Zpn7T+PGY7UrT
/iXYkKcVTE1SCBhdD60Ssce53G79bC4XPxYZnnOyZMfpy/QJXDWQ5do4hjBLXf3G
yl1U0nhtxjJnZMp5d7z/xYQnPBzNl+Oac9JBdkEmWDbeNtY4vi2BddAg11uPn/9p
fpNg1Px/d7uY2z4Bm3gK7Ss6Cek3RzHiJmW2CSEEuFPXXAlDElsjxY3HGM1cNKx3
gVWLvMyatvO4zlQdoIb1MqijtlA=
-----END CERTIFICATE-----
Generated at Sun Jan 25 23:08:36 2026 by rpki-client