This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft File: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft (raw, json) Hash identifier: DyOEvDhupzs97dtSbaSrIiIsHUmmYTA9AdG9PfWcrDI= Subject key identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE Authority key identifier: 69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 Certificate issuer: /CN=697447C397D18C9E110B24E505C1146CF13EA871 Certificate serial: 021B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft Manifest number: 021A Signing time: Sun 25 Jan 2026 00:56:37 +0000 Manifest this update: Sun 25 Jan 2026 00:56:37 +0000 Manifest next update: Sun 25 Jan 2026 06:56:37 +0000 Files and hashes: 1: BZUi2Cy-x-5xY8XLQ7H-sa3JIuI.roa (hash: r4NPIAsWOPVI4/TlBnHCHN0/vB3fsl6rRgv0C6aogiE=) 2: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl (hash: V7sqjxUenu4HuXJ0lg8vpvUuGePCmYSvt9ymgUU+U1A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 06:56:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 539 (0x21b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=697447C397D18C9E110B24E505C1146CF13EA871 Validity Not Before: Jan 25 00:56:37 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=AA54C733A646C84D43400EF5B3B5FE12DF33E3CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:f4:45:c8:e1:99:dc:ac:f8:b0:ab:32:f1: ec:35:60:05:c1:82:85:2a:68:82:d4:ce:52:46:71: df:ff:e3:66:54:ed:49:c4:c0:a8:e2:b7:d5:49:a2: f6:aa:aa:ca:24:79:c9:3f:7c:88:59:e6:b3:37:b9: 95:fb:98:63:34:0b:d2:a0:8c:b0:19:73:71:3a:bf: a5:b8:31:77:d3:16:14:3c:4a:26:e2:ab:4b:00:d4: ef:ae:07:ee:49:34:7c:d3:28:4c:44:47:97:7a:24: e0:dc:e8:51:bf:1b:10:74:c1:05:45:09:11:73:9d: 40:cf:c3:82:09:97:11:12:9f:89:af:f1:9f:16:f1: 0b:6f:60:17:70:07:7f:af:9b:67:58:22:e4:13:26: 7d:42:a0:eb:48:55:9f:55:bc:0e:40:5e:aa:a0:80: 64:65:f7:c0:7e:88:55:98:8d:bd:13:90:59:54:10: 34:50:03:45:73:b3:4d:40:15:9c:28:aa:fc:88:a7: c5:e6:35:82:8f:fc:90:48:77:d7:16:14:70:16:9d: d7:38:43:89:0f:d7:4b:17:d5:25:53:9b:0a:6c:b2: bd:08:f4:49:2f:16:d4:24:63:2d:9c:db:1d:56:18: 8b:bf:92:fb:e5:da:38:c1:ac:5c:a1:67:f7:e0:2f: c8:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE X509v3 Authority Key Identifier: keyid:69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:74:92:bb:11:88:ff:bd:6a:d4:03:d3:2c:82:92:00:4a:b4: f6:55:f5:65:5a:69:c3:10:7a:e9:ea:2d:09:17:84:57:11:01: 3e:7b:96:bc:62:42:09:eb:8d:37:da:96:98:aa:ca:00:51:d3: ac:37:30:b6:71:6f:06:d6:82:a6:25:c4:41:73:04:ae:ac:de: 2b:c4:a4:4d:35:10:5b:46:d2:15:62:00:72:e5:a3:6b:da:d3: f4:78:b6:37:b8:72:b2:99:14:f6:7d:cd:c1:00:38:2b:c5:55: 65:97:ed:9f:00:5d:1e:5e:78:0a:54:2d:3b:c7:5e:ce:d0:f5: 3b:0e:e9:80:ea:ce:2a:87:f7:78:fa:d4:2f:db:c5:fa:70:0a: 74:26:f5:f9:ee:d2:bf:f2:2a:86:8f:7c:35:8a:ba:85:2e:d6: 8f:a6:21:e5:4a:d4:09:7d:66:19:3c:f0:05:96:e1:bc:b0:06: 17:04:56:e7:d1:4c:09:83:0e:e6:88:b4:4d:82:9e:62:e8:5b: 83:47:6c:a6:07:ce:88:8e:63:39:3d:ef:67:53:f2:e9:d0:0b: 2e:69:00:07:b5:dc:e0:5c:c4:de:46:2c:cc:2a:b3:f6:9f:ca: 49:e5:dc:d0:05:07:dd:42:77:9d:11:6c:36:c3:37:56:d5:2a: d2:85:fc:24 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICAhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk3 NDQ3QzM5N0QxOEM5RTExMEIyNEU1MDVDMTE0NkNGMTNFQTg3MTAeFw0yNjAxMjUw MDU2MzdaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEFBNTRDNzMzQTY0NkM4 NEQ0MzQwMEVGNUIzQjVGRTEyREYzM0UzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIGfRFyOGZ3Kz4sKsy8ew1YAXBgoUqaILUzlJGcd//42ZU7UnE wKjit9VJovaqqsokeck/fIhZ5rM3uZX7mGM0C9KgjLAZc3E6v6W4MXfTFhQ8Sibi q0sA1O+uB+5JNHzTKExER5d6JODc6FG/GxB0wQVFCRFznUDPw4IJlxESn4mv8Z8W 8QtvYBdwB3+vm2dYIuQTJn1CoOtIVZ9VvA5AXqqggGRl98B+iFWYjb0TkFlUEDRQ A0Vzs01AFZwoqvyIp8XmNYKP/JBId9cWFHAWndc4Q4kP10sX1SVTmwpssr0I9Ekv FtQkYy2c2x1WGIu/kvvl2jjBrFyhZ/fgL8h9AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUqlTHM6ZGyE1DQA71s7X+Et8z484wHwYDVR0jBBgwFoAUaXRHw5fRjJ4RCyTl BcEUbPE+qHEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMx L2FYUkh3NWZSako0UkN5VGxCY0VVYlBFLXFIRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYVhSSHc1ZlJqSjRSQ3lUbEJjRVViUEUtcUhFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMxL2FYUkh3NWZSako0UkN5 VGxCY0VVYlBFLXFIRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAxdJK7EYj/vWrUA9MsgpIASrT2VfVlWmnDEHrp6i0JF4RXEQE+e5a8YkIJ6403 2paYqsoAUdOsNzC2cW8G1oKmJcRBcwSurN4rxKRNNRBbRtIVYgBy5aNr2tP0eLY3 uHKymRT2fc3BADgrxVVll+2fAF0eXngKVC07x17O0PU7DumA6s4qh/d4+tQv28X6 cAp0JvX57tK/8iqGj3w1irqFLtaPpiHlStQJfWYZPPAFluG8sAYXBFbn0UwJgw7m iLRNgp5i6FuDR2ymB86IjmM5Pe9nU/Lp0AsuaQAHtdzgXMTeRizMKrP2n8pJ5dzQ BQfdQnedEWw2wzdW1SrShfwk -----END CERTIFICATE-----Generated at Sun Jan 25 06:08:28 2026 by rpki-client