This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
File:                     2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json)
Hash identifier:          TilFhfWu2mMjVQlY6LWjPFuJweoimoH0TqUX+fhxy2c=
Subject key identifier:   A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
Certificate issuer:       /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Certificate serial:       18E8
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
Manifest number:          18D2
Signing time:             Sat 06 Dec 2025 16:18:31 +0000
Manifest this update:     Sat 06 Dec 2025 16:18:31 +0000
Manifest next update:     Sat 06 Dec 2025 22:18:31 +0000
Files and hashes:         1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: LWeptJbQC/jIkTYXUMrUBSkUOswNG5CYt4abknzARX0=)
                          2: HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa (hash: 2Jp6mxuujCuZIIC04F/ARmPj+su7hSsGSy1xTvc4+Qs=)
                          3: KQ-H06YzPy6rV4AqzFO-X8dibgw.roa (hash: /RpjV4HoINs3B8RP//omgR12bSPllVR3bfI79qOU30M=)
                          4: TpvO5vdeHWVXhGkTKjH84ly_vIU.roa (hash: +f0nHjtb5Rj8798V2ToE4hnOduYhYnSw9Um3wGP6CoI=)
                          5: l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa (hash: g1JlaWRQx7eY93533lfTF3SPZVWvPqSI3xpvRqNIF7o=)
                          6: oNvneKkprq7Fup3AehiZivYiGcQ.roa (hash: WduhKcWHW4jd8W/irOIfT6Xtxvc/1kytp2QLDcGjP7I=)
                          7: wZLHpcvHrGz3tUiBMnBI6rIckCQ.roa (hash: 89jr9Ewq1iuL05K8GgrpOrKlq+vnC4Iu0FosUDNQP4g=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6376 (0x18e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
        Validity
            Not Before: Dec  6 16:18:31 2025 GMT
            Not After : Oct 23 03:01:03 2026 GMT
        Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df:
                    75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4:
                    33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a:
                    7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f:
                    18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8:
                    fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57:
                    0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d:
                    37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31:
                    53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff:
                    03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8:
                    7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c:
                    d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d:
                    05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b:
                    57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c:
                    73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb:
                    bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d:
                    9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d:
                    a7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
            X509v3 Authority Key Identifier:
                keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:ac:70:dd:12:c9:c2:57:a2:cb:0e:3e:07:90:17:16:eb:8a:
         a2:0c:0d:2e:d0:40:0a:f7:f2:35:08:ce:23:b5:2b:eb:ba:8f:
         c5:d2:ab:cb:33:1c:64:0e:cf:91:9a:38:26:8f:3b:5d:de:6b:
         78:ea:12:f0:e6:91:29:27:b2:12:e2:2d:a5:12:b1:ef:c9:35:
         b3:ce:c9:04:40:b0:45:93:ba:20:f1:bb:dc:b9:95:95:8f:e8:
         21:74:a0:59:cc:86:15:3b:8b:28:80:a6:19:e6:55:32:98:10:
         78:5c:55:a2:ab:ff:d3:28:18:26:60:04:b3:93:c6:5c:93:4a:
         b6:98:45:73:4a:94:42:4f:02:24:79:41:c2:3e:20:6c:fd:fa:
         d1:aa:6a:09:8a:b8:fa:09:6e:85:5d:ca:5d:8b:a8:6e:51:91:
         8f:1a:dd:99:c2:f9:3e:77:f4:9f:d6:5a:c0:1c:f0:ec:32:78:
         92:05:66:29:7e:87:17:46:d0:7c:08:c3:0d:2b:16:5a:cf:fe:
         d5:83:69:64:c2:9e:4f:ab:1c:b1:03:bd:3d:06:b4:b5:55:bd:
         fa:b2:10:48:26:28:13:f5:5c:68:0a:58:a9:a0:37:6c:db:51:
         4f:d5:30:4f:87:fa:4d:b8:c4:73:e1:a5:fa:31:00:6c:be:ad:
         ca:65:eb:b5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICGOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5
OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTEyMDYx
NjE4MzFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1
QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng
oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau
Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v
/wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU
pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC
PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj
C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0
LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt
SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQCtrHDdEsnCV6LLDj4HkBcW64qiDA0u0EAK9/I1CM4jtSvruo/F0qvLMxxkDs+R
mjgmjztd3mt46hLw5pEpJ7IS4i2lErHvyTWzzskEQLBFk7og8bvcuZWVj+ghdKBZ
zIYVO4sogKYZ5lUymBB4XFWiq//TKBgmYASzk8Zck0q2mEVzSpRCTwIkeUHCPiBs
/frRqmoJirj6CW6FXcpdi6huUZGPGt2Zwvk+d/Sf1lrAHPDsMniSBWYpfocXRtB8
CMMNKxZaz/7Vg2lkwp5PqxyxA709BrS1Vb36shBIJigT9VxoClipoDds21FP1TBP
h/pNuMRz4aX6MQBsvq3KZeu1
-----END CERTIFICATE-----