This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
File:                     2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json)
Hash identifier:          3WKq7qupwg4Rhfo7M5fA5LSOkeRWFHOGvOpY/fjL7Wk=
Subject key identifier:   A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
Certificate issuer:       /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Certificate serial:       19DD
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
Manifest number:          19C7
Signing time:             Sun 25 Jan 2026 02:28:04 +0000
Manifest this update:     Sun 25 Jan 2026 02:28:04 +0000
Manifest next update:     Sun 25 Jan 2026 08:28:04 +0000
Files and hashes:         1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: O5uQSak8cluvlDk0S07LyNeykLhgU/6xiNbrfUA03sM=)
                          2: HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa (hash: 2Jp6mxuujCuZIIC04F/ARmPj+su7hSsGSy1xTvc4+Qs=)
                          3: KQ-H06YzPy6rV4AqzFO-X8dibgw.roa (hash: /RpjV4HoINs3B8RP//omgR12bSPllVR3bfI79qOU30M=)
                          4: TpvO5vdeHWVXhGkTKjH84ly_vIU.roa (hash: +f0nHjtb5Rj8798V2ToE4hnOduYhYnSw9Um3wGP6CoI=)
                          5: l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa (hash: g1JlaWRQx7eY93533lfTF3SPZVWvPqSI3xpvRqNIF7o=)
                          6: oNvneKkprq7Fup3AehiZivYiGcQ.roa (hash: WduhKcWHW4jd8W/irOIfT6Xtxvc/1kytp2QLDcGjP7I=)
                          7: wZLHpcvHrGz3tUiBMnBI6rIckCQ.roa (hash: 89jr9Ewq1iuL05K8GgrpOrKlq+vnC4Iu0FosUDNQP4g=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6621 (0x19dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
        Validity
            Not Before: Jan 25 02:28:04 2026 GMT
            Not After : Jan  9 08:23:18 2027 GMT
        Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df:
                    75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4:
                    33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a:
                    7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f:
                    18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8:
                    fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57:
                    0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d:
                    37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31:
                    53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff:
                    03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8:
                    7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c:
                    d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d:
                    05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b:
                    57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c:
                    73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb:
                    bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d:
                    9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d:
                    a7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
            X509v3 Authority Key Identifier:
                keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:55:2e:19:9f:99:68:e6:3b:97:02:0d:27:b2:0c:e3:0f:6c:
         76:78:61:5f:39:d6:0e:35:6d:ae:3b:25:f0:55:e9:34:6e:4d:
         be:d9:6a:de:7e:39:e1:4c:b3:37:5b:9d:62:85:70:57:99:85:
         1d:68:76:f1:3d:0a:06:b1:0f:d1:93:08:f1:1c:55:b9:e8:3c:
         40:5c:bf:57:d8:56:38:f4:07:30:4e:11:03:5f:5c:da:f2:3f:
         f9:d1:fb:69:fe:9b:07:27:51:88:a2:f4:bc:e5:63:78:d7:a7:
         20:cd:4d:be:3c:39:92:8b:33:1d:a9:60:e8:3c:51:1b:05:70:
         1c:37:39:46:79:75:88:ce:aa:5e:5d:7f:a4:64:16:f0:83:ef:
         60:74:34:ec:f6:f5:07:b9:5c:5d:24:2a:c1:e5:a0:3a:15:6e:
         55:0e:47:86:89:7f:79:f8:6f:06:79:c0:46:fd:ed:3b:0a:1b:
         a6:8e:8c:aa:93:0a:b7:75:c2:9e:2b:47:8b:00:0b:3f:65:99:
         97:82:51:53:fd:03:e7:9f:a4:75:63:e5:6d:f4:eb:a2:4a:64:
         f3:63:42:f2:52:e6:2c:e7:28:57:38:b6:de:06:31:b4:91:8a:
         52:8d:e9:c8:d9:ca:98:9c:37:68:61:09:0e:78:75:5a:a8:80:
         17:83:2f:12
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICGd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5
OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNjAxMjUw
MjI4MDRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1
QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng
oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau
Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v
/wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU
pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC
PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj
C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0
LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt
SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAyVS4Zn5lo5juXAg0nsgzjD2x2eGFfOdYONW2uOyXwVek0bk2+2WrefjnhTLM3
W51ihXBXmYUdaHbxPQoGsQ/RkwjxHFW56DxAXL9X2FY49AcwThEDX1za8j/50ftp
/psHJ1GIovS85WN416cgzU2+PDmSizMdqWDoPFEbBXAcNzlGeXWIzqpeXX+kZBbw
g+9gdDTs9vUHuVxdJCrB5aA6FW5VDkeGiX95+G8GecBG/e07Chumjoyqkwq3dcKe
K0eLAAs/ZZmXglFT/QPnn6R1Y+Vt9OuiSmTzY0LyUuYs5yhXOLbeBjG0kYpSjenI
2cqYnDdoYQkOeHVaqIAXgy8S
-----END CERTIFICATE-----