This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft File: Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft (raw, json) Hash identifier: js6C0IRgUb/EvnLvDJauX8wITs+DjY24uLjK21oKXFc= Subject key identifier: 5B:62:CF:F4:F2:DA:D3:3E:A2:7E:8C:3A:5E:DC:F5:33:45:C0:5A:25 Authority key identifier: 43:E6:FD:AB:0F:15:0E:E9:C4:3C:F5:A2:BB:76:58:8A:7E:5F:85:02 Certificate issuer: /CN=43E6FDAB0F150EE9C43CF5A2BB76588A7E5F8502 Certificate serial: D5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft Manifest number: D2 Signing time: Sun 25 Jan 2026 10:58:35 +0000 Manifest this update: Sun 25 Jan 2026 10:58:35 +0000 Manifest next update: Sun 25 Jan 2026 16:58:35 +0000 Files and hashes: 1: 7qqfCczVpqzPAfV0rFSiOaInTZo.roa (hash: He/3RBMb/hdGBTYVCyG/HVT/wnrhQ3TGFKE110yMwhM=) 2: Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl (hash: NBvWN4d+X16rOYUP52DVr9o8/cgD69pdshlwf4qtp3Q=) 3: zyd9sNtiUGWk-rPMxkaAwd-jMjU.roa (hash: gJ4z3p20OCkd5sduSBhdXm57HvoUXImlRN+QEWanG2A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 15:57:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43E6FDAB0F150EE9C43CF5A2BB76588A7E5F8502 Validity Not Before: Jan 25 10:58:35 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=5B62CFF4F2DAD33EA27E8C3A5EDCF53345C05A25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:d3:9d:79:41:41:05:98:86:d6:7d:6c:95:6c: 5f:44:23:23:51:d9:6e:da:c9:b3:b1:2d:fc:e9:e2: f5:e0:be:d6:b2:90:ef:27:c5:aa:29:ec:10:fb:2a: 56:d1:a8:27:d6:03:99:49:44:3c:ef:ad:8d:1f:1b: ac:6c:50:43:f4:6c:d0:dc:a7:f4:94:66:81:f7:b2: 30:8a:cb:fb:17:6f:5f:3a:44:85:d4:dc:d3:7d:6b: d2:4f:56:f5:da:df:e2:46:81:53:c4:55:1d:44:8d: 02:56:cd:3a:c5:28:bd:c2:18:93:d6:47:2d:ca:c6: 8d:06:79:05:66:e8:4d:fa:60:a6:8d:18:a4:98:37: 65:34:87:92:e9:2d:93:25:18:a7:61:91:1c:af:08: 5c:20:d7:76:f8:63:d4:36:a8:95:55:c0:dc:c4:8c: 5a:49:bf:47:d1:f5:0c:f7:fa:49:e4:d3:c4:fc:a1: a4:0c:eb:c1:29:db:e3:20:ba:8f:17:98:cd:8c:d4: 7c:a7:8d:44:dd:82:61:f4:ac:7b:61:92:66:fe:68: 83:a1:8e:0b:de:9b:cc:b4:f9:a2:2b:7e:d8:00:db: 30:56:f7:bd:e0:e4:74:4e:f6:2b:c7:cf:45:73:1c: 53:b0:fd:4f:f0:54:9a:b8:c9:dd:9d:51:5b:f1:56: 7b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:62:CF:F4:F2:DA:D3:3E:A2:7E:8C:3A:5E:DC:F5:33:45:C0:5A:25 X509v3 Authority Key Identifier: keyid:43:E6:FD:AB:0F:15:0E:E9:C4:3C:F5:A2:BB:76:58:8A:7E:5F:85:02 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:ce:dd:c5:3d:99:3c:5c:c4:dd:d4:2a:80:4a:95:65:19:f7: 1e:98:37:4c:b6:d3:57:b1:a2:4b:08:58:1b:5f:08:22:36:93: c2:dd:8a:a0:2e:5d:fe:14:08:4a:88:7b:7b:f6:aa:ca:91:be: 48:04:7c:64:8a:a2:57:92:cf:c8:b7:c2:9c:56:9c:50:34:4e: 6b:f0:8d:d8:05:46:75:13:dd:22:51:07:4a:f4:08:46:4d:bb: 0d:f5:34:97:07:8b:82:e2:33:a8:44:86:2a:3e:b4:6a:e6:d8: fd:ef:72:92:63:04:be:2d:28:93:bb:38:38:bd:49:d1:06:a6: f4:79:4b:35:3d:a4:1a:ba:c7:04:41:29:37:7d:eb:f8:64:b2: 9b:f3:85:28:21:b4:0c:d3:4a:6c:f8:27:61:7e:c5:73:92:8b: 31:91:72:59:44:37:f7:14:d1:62:e3:30:9f:dc:98:ba:24:21: 0b:c0:2c:ef:a3:e5:c7:0e:84:58:0c:0a:20:a8:4b:67:e6:f2: b6:de:c2:6d:83:d9:a9:aa:9a:7f:d4:a3:1d:61:54:11:39:08: a5:04:54:62:a0:f5:ce:df:25:97:a6:0b:0a:e0:9d:db:4b:f8: f7:d7:e3:08:aa:9a:c1:26:4c:89:83:44:05:09:4f:86:95:84: c5:f1:a1:40 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICANUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDNF NkZEQUIwRjE1MEVFOUM0M0NGNUEyQkI3NjU4OEE3RTVGODUwMjAeFw0yNjAxMjUx MDU4MzVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVCNjJDRkY0RjJEQUQz M0VBMjdFOEMzQTVFRENGNTMzNDVDMDVBMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDV0515QUEFmIbWfWyVbF9EIyNR2W7aybOxLfzp4vXgvtaykO8n xaop7BD7KlbRqCfWA5lJRDzvrY0fG6xsUEP0bNDcp/SUZoH3sjCKy/sXb186RIXU 3NN9a9JPVvXa3+JGgVPEVR1EjQJWzTrFKL3CGJPWRy3Kxo0GeQVm6E36YKaNGKSY N2U0h5LpLZMlGKdhkRyvCFwg13b4Y9Q2qJVVwNzEjFpJv0fR9Qz3+knk08T8oaQM 68Ep2+Mguo8XmM2M1HynjUTdgmH0rHthkmb+aIOhjgvem8y0+aIrftgA2zBW973g 5HRO9ivHz0VzHFOw/U/wVJq4yd2dUVvxVntzAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUW2LP9PLa0z6ifow6Xtz1M0XAWiUwHwYDVR0jBBgwFoAUQ+b9qw8VDunEPPWi u3ZYin5fhQIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx Ny9RLWI5cXc4VkR1bkVQUFdpdTNaWWluNWZoUUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1EtYjlxdzhWRHVuRVBQV2l1M1pZaW41ZmhRSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0MTcvUS1iOXF3OFZEdW5F UFBXaXUzWllpbjVmaFFJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHbO3cU9mTxcxN3UKoBKlWUZ9x6YN0y201exoksIWBtfCCI2k8LdiqAuXf4U CEqIe3v2qsqRvkgEfGSKoleSz8i3wpxWnFA0TmvwjdgFRnUT3SJRB0r0CEZNuw31 NJcHi4LiM6hEhio+tGrm2P3vcpJjBL4tKJO7ODi9SdEGpvR5SzU9pBq6xwRBKTd9 6/hkspvzhSghtAzTSmz4J2F+xXOSizGRcllEN/cU0WLjMJ/cmLokIQvALO+j5ccO hFgMCiCoS2fm8rbewm2D2amqmn/Uox1hVBE5CKUEVGKg9c7fJZemCwrgndtL+PfX 4wiqmsEmTImDRAUJT4aVhMXxoUA= -----END CERTIFICATE-----Generated at Sun Jan 25 13:46:30 2026 by rpki-client