This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft File: h2aIiphaWvBfbvEvvU9k8h9SYYg.mft (raw, json) Hash identifier: MJpzz7X1RG0D91/1LYNkHt0zwRJ1yVIkHLGzqdRlUPY= Subject key identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 Authority key identifier: 87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 Certificate issuer: /CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Certificate serial: 0E9B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft Manifest number: 0E9B Signing time: Mon 12 Jan 2026 08:55:53 +0000 Manifest this update: Mon 12 Jan 2026 08:55:53 +0000 Manifest next update: Mon 12 Jan 2026 14:55:53 +0000 Files and hashes: 1: h2aIiphaWvBfbvEvvU9k8h9SYYg.crl (hash: /gmimOy32ZdP+QhSJ+YjXPBtZkvs3AFY4H+a0JqZtG4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 Jan 2026 14:55:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3739 (0xe9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Validity Not Before: Jan 12 08:55:53 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=D8678AA95370861C4193AE13A081E75CD1C41BD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c0:ff:85:04:90:e9:70:da:7d:d0:ea:7d:8b: f6:99:03:3a:0b:5c:4f:4b:1d:e7:7c:aa:93:12:9b: 33:7a:64:7a:38:d4:29:2c:60:d6:c5:0d:77:99:c0: e4:16:48:ab:00:f5:64:65:d8:0a:ec:21:39:34:6b: b5:43:4d:93:7c:a3:75:4d:a4:6c:bb:0a:28:9f:f1: 78:f1:e1:5f:91:17:0b:da:4f:2f:1d:56:e4:24:b0: 7e:af:5e:6b:11:88:36:ec:f0:b6:9a:83:90:cb:da: 27:0b:e9:17:93:48:fe:4e:e1:ce:2a:50:b6:91:8c: 3a:00:a3:d5:53:9d:5f:52:f5:d2:4e:d2:6e:67:31: ef:4c:91:28:a1:30:5b:37:15:cd:90:4f:f1:ba:64: f0:24:57:f3:d8:5e:d7:c8:26:d4:b9:15:7d:07:1c: 45:c4:03:72:96:41:c5:f4:fe:d9:00:51:8f:1e:4f: c7:e3:d8:15:9e:1d:0f:86:07:5e:f1:e1:70:cb:65: 14:6e:8a:c9:eb:fc:b0:2b:e7:ba:ca:53:c2:c8:00: f3:bd:b9:96:55:5a:52:26:d8:aa:3d:40:75:57:15: a0:69:dc:7e:c8:81:d1:0e:e0:1c:c6:78:3a:f5:09: 9a:8f:3f:21:84:bc:b4:6b:ef:da:46:f4:ea:38:f8: 7c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 X509v3 Authority Key Identifier: keyid:87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:79:0c:16:38:d0:68:fd:87:5f:a9:e8:74:1a:7c:68:d3:87: 1c:f6:95:1c:73:7d:2b:7b:4a:15:97:0a:13:48:e3:09:80:8b: c2:1e:4a:7c:82:b7:1b:97:48:7d:19:b7:8a:47:61:bc:1f:1e: a4:f2:38:d2:90:57:eb:c1:71:38:70:d7:68:8c:98:f1:d0:fb: a8:a7:e1:d0:fd:18:bf:97:ab:66:9b:46:38:9c:ac:24:00:1d: 2a:94:47:fa:8e:92:7c:a0:86:99:d4:40:04:f2:a3:2c:36:a2: 31:17:c0:cf:4f:50:33:6b:41:55:66:c8:f6:cf:2f:b1:b6:4e: a0:e4:7c:88:65:fd:0c:a3:d4:a4:66:6e:8c:62:46:8c:b8:6f: ba:1c:57:8c:a4:36:0c:bd:e3:06:33:1a:37:d5:f8:b1:80:41: db:9a:82:0b:b4:17:ec:54:0a:f1:01:f1:29:ec:dc:99:f5:ce: 1c:be:04:52:8d:e2:6d:4a:0f:e3:15:21:3a:bb:cc:d4:7e:84: 34:4e:98:47:95:5c:1b:cc:9a:6b:3d:c4:b8:ee:b6:04:38:56: 2a:fc:f0:43:3b:98:a9:54:1b:91:a8:b1:9c:c2:79:70:a6:92: 4a:53:c1:94:ee:f6:99:2b:31:29:bd:a2:78:60:08:28:3a:49: 06:cf:fd:ef -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDpswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODc2 Njg4OEE5ODVBNUFGMDVGNkVGMTJGQkQ0RjY0RjIxRjUyNjE4ODAeFw0yNjAxMTIw ODU1NTNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEQ4Njc4QUE5NTM3MDg2 MUM0MTkzQUUxM0EwODFFNzVDRDFDNDFCRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJwP+FBJDpcNp90Op9i/aZAzoLXE9LHed8qpMSmzN6ZHo41Cks YNbFDXeZwOQWSKsA9WRl2ArsITk0a7VDTZN8o3VNpGy7Ciif8Xjx4V+RFwvaTy8d VuQksH6vXmsRiDbs8Laag5DL2icL6ReTSP5O4c4qULaRjDoAo9VTnV9S9dJO0m5n Me9MkSihMFs3Fc2QT/G6ZPAkV/PYXtfIJtS5FX0HHEXEA3KWQcX0/tkAUY8eT8fj 2BWeHQ+GB17x4XDLZRRuisnr/LAr57rKU8LIAPO9uZZVWlIm2Ko9QHVXFaBp3H7I gdEO4BzGeDr1CZqPPyGEvLRr79pG9Oo4+HwVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2GeKqVNwhhxBk64ToIHnXNHEG9cwHwYDVR0jBBgwFoAUh2aIiphaWvBfbvEv vU9k8h9SYYgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgx Ny9oMmFJaXBoYVd2QmZidkV2dlU5azhoOVNZWWcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2gyYUlpcGhhV3ZCZmJ2RXZ2VTlrOGg5U1lZZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MTcvaDJhSWlwaGFXdkJm YnZFdnZVOWs4aDlTWVlnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJZ5DBY40Gj9h1+p6HQafGjThxz2lRxzfSt7ShWXChNI4wmAi8IeSnyCtxuX SH0Zt4pHYbwfHqTyONKQV+vBcThw12iMmPHQ+6in4dD9GL+Xq2abRjicrCQAHSqU R/qOknyghpnUQATyoyw2ojEXwM9PUDNrQVVmyPbPL7G2TqDkfIhl/Qyj1KRmboxi Roy4b7ocV4ykNgy94wYzGjfV+LGAQduaggu0F+xUCvEB8Sns3Jn1zhy+BFKN4m1K D+MVITq7zNR+hDROmEeVXBvMmms9xLjutgQ4Vir88EM7mKlUG5GosZzCeXCmkkpT wZTu9pkrMSm9onhgCCg6SQbP/e8= -----END CERTIFICATE-----Generated at Mon Jan 12 13:44:05 2026 by rpki-client