This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft File: hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft (raw, json) Hash identifier: oFMJaZ+2p2a/TrFLFS+OkeuD8RC+NJkaDUz+6bjQjcM= Subject key identifier: 91:93:97:5D:2B:2B:7A:FF:2F:AC:85:0B:C0:F7:32:23:C6:43:CB:6F Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Certificate serial: 1BDA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft Manifest number: 1BC9 Signing time: Sun 25 Jan 2026 15:56:43 +0000 Manifest this update: Sun 25 Jan 2026 15:56:43 +0000 Manifest next update: Sun 25 Jan 2026 21:56:43 +0000 Files and hashes: 1: 31f7_X2TBqLiBpRN1OnRgM8DC7Q.roa (hash: EDZq6dLm3M96Cr9vfuuCf7swYf2DAzXUcm7JKmSi2EI=) 2: 8whNrfvksK_nL7nUwlr3YQ8OCMM.roa (hash: 7A86aEeVyO9bav/9GN5OuESIKlM542uYzcxXx/yoB84=) 3: Fx26zS42ZKgHp10iH3hf0EXlPC0.roa (hash: a8XrDUhYRXFVdJn/cYGcXPHJ88eqVViVtNhyRhNrCeM=) 4: IsbkjaUAU7euQKyY1WgOzQ_ves4.roa (hash: 88yWZHpmVTvOwW8PjW5Ko+13RaT8E8srLT6pcqhzCGw=) 5: O7PXvsoQVsVCbjm80wPTdCIX_2M.roa (hash: i9dI/Y0v5xPJObMG4dUgiVFFT9xbvOLXCYys5EeEDBg=) 6: RWOom0h13zAc02rOz6i24OlEc34.roa (hash: +R6GoicznAedk6+/LwpWWdjF8MN83mh2P32QVuI/qSo=) 7: TYjGjuiRoF-hGIfULnpS3-xjoQw.roa (hash: TKhwOdjif9ZZ0EHxMGHuC1TKqyqj+utqZbNaJEnhffo=) 8: hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl (hash: p+KjYbyV3TYDDmeTVZC8AtKCeBkJ+oF8p37hMc3pJyo=) 9: tLcmaLRL5ow6ONPLFExoGrjFXUg.roa (hash: BqOnsDlye4FTFONHzDyWPpsT/GJiiF+Nkv7UT0czVVw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 21:56:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7130 (0x1bda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Validity Not Before: Jan 25 15:56:43 2026 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9193975D2B2B7AFF2FAC850BC0F73223C643CB6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:ff:9e:83:c4:e3:35:6d:08:ca:78:b4:1f:c8: 07:90:05:d1:6f:81:4c:22:55:89:ee:71:7f:dc:26: e2:1e:81:79:96:1d:a4:08:e3:29:17:47:11:44:97: b4:03:48:56:ac:47:54:54:9d:81:6f:74:9d:30:5a: 51:a1:2a:d5:80:13:c2:84:96:41:80:65:5d:9a:09: f7:f7:39:47:2b:d3:c8:b8:aa:56:9f:1f:a7:94:ca: e9:12:51:46:ca:30:9a:e7:4d:d3:ac:f0:39:d1:a7: 66:3b:0a:51:66:77:82:ed:52:08:c9:c5:08:9e:0c: f4:9c:68:49:7b:ac:e8:e8:79:de:1a:1b:46:84:c0: 1d:ea:37:ff:41:d4:eb:46:03:f0:f8:5c:6a:bd:75: d7:1f:0b:47:8a:da:1e:5d:b0:3c:c4:e1:56:3b:f5: 69:a1:dc:d5:0c:a3:5a:03:41:cf:f9:e5:81:3d:28: d0:8b:9d:a5:41:9a:9f:32:43:93:71:bc:8f:7d:ef: 2a:65:2d:72:96:4e:ae:03:16:47:2b:91:b1:e3:62: 15:c0:f0:be:b4:a7:2b:d8:b4:8a:3d:44:02:1f:f0: 14:b0:8c:bc:69:6f:6d:41:1e:09:25:b0:df:40:c0: bb:b8:37:90:f9:72:55:44:0f:24:5e:c4:57:03:4a: b6:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:93:97:5D:2B:2B:7A:FF:2F:AC:85:0B:C0:F7:32:23:C6:43:CB:6F X509v3 Authority Key Identifier: keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:01:38:52:3a:35:d6:c4:46:c9:99:a6:04:39:42:32:ad:f5: f4:10:8a:33:44:f8:b6:16:a6:5f:22:e1:f8:46:93:be:12:43: ee:56:7c:a6:37:a8:a7:54:9f:77:f0:d6:56:92:fa:31:82:03: 04:2c:34:7d:11:d0:f0:c5:38:43:96:6d:64:5e:d2:bb:42:61: 11:51:7e:9b:59:3b:55:ed:03:67:8c:6d:7f:96:2b:ff:c0:4d: 92:bc:88:06:b6:4b:98:4e:9d:bb:ee:23:6f:eb:0e:65:ed:e8: 1a:ac:8f:de:41:21:c5:46:77:78:67:b1:cf:64:69:9f:db:dd: c2:d9:cb:95:84:c0:82:58:42:b9:ff:82:5d:de:99:d0:cb:a6: 75:e0:5e:b7:66:3b:f7:dd:58:4c:27:59:54:46:5b:9c:55:37: 8c:42:25:15:fb:75:c7:ad:af:b0:a4:83:51:6f:04:8b:1a:7d: 44:0c:fa:39:f6:58:31:bf:c0:bd:58:22:af:64:99:c0:41:e0: 5b:34:f6:44:42:31:e0:39:d4:8e:90:af:c2:6a:5e:64:47:55: 19:9c:df:e7:f3:59:c8:b4:aa:14:6b:ef:c6:09:bb:f5:13:b1: 35:ad:ab:13:0d:60:95:ba:f4:14:5e:bb:52:16:4b:d2:e3:70: 2e:a1:05:be -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICG9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2 REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNjAxMjUx NTU2NDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDkxOTM5NzVEMkIyQjdB RkYyRkFDODUwQkMwRjczMjIzQzY0M0NCNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCV/56DxOM1bQjKeLQfyAeQBdFvgUwiVYnucX/cJuIegXmWHaQI 4ykXRxFEl7QDSFasR1RUnYFvdJ0wWlGhKtWAE8KElkGAZV2aCff3OUcr08i4qlaf H6eUyukSUUbKMJrnTdOs8DnRp2Y7ClFmd4LtUgjJxQieDPScaEl7rOjoed4aG0aE wB3qN/9B1OtGA/D4XGq9ddcfC0eK2h5dsDzE4VY79Wmh3NUMo1oDQc/55YE9KNCL naVBmp8yQ5NxvI997yplLXKWTq4DFkcrkbHjYhXA8L60pyvYtIo9RAIf8BSwjLxp b21BHgklsN9AwLu4N5D5clVEDyRexFcDSra5AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUkZOXXSsrev8vrIULwPcyI8ZDy28wHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU 5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL2hXMm9YNXFLS0d0bEtI RFU1SFkxX3owT2txNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCuAThSOjXWxEbJmaYEOUIyrfX0EIozRPi2FqZfIuH4RpO+EkPuVnymN6inVJ93 8NZWkvoxggMELDR9EdDwxThDlm1kXtK7QmERUX6bWTtV7QNnjG1/liv/wE2SvIgG tkuYTp277iNv6w5l7egarI/eQSHFRnd4Z7HPZGmf293C2cuVhMCCWEK5/4Jd3pnQ y6Z14F63Zjv33VhMJ1lURlucVTeMQiUV+3XHra+wpINRbwSLGn1EDPo59lgxv8C9 WCKvZJnAQeBbNPZEQjHgOdSOkK/Cal5kR1UZnN/n81nItKoUa+/GCbv1E7E1rasT DWCVuvQUXrtSFkvS43AuoQW+ -----END CERTIFICATE-----Generated at Sun Jan 25 18:14:58 2026 by rpki-client