$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.mft File: 2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.mft (raw, json) Hash identifier: vh0U8IDZc14QNaBlGR1ouhAiZkm60ArxdkL6Lfog8u4= Subject key identifier: DC:CB:11:75:88:03:56:88:26:03:BB:18:CC:0E:2C:B6:D2:A5:4E:59 Authority key identifier: 2D:0B:C1:65:5D:17:A3:AB:09:C9:1E:43:A3:2D:E8:D8:AB:21:35:1A Certificate issuer: /CN=2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A Certificate serial: 6BB88776967761DC76196701659AECF5F2F3519F Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.mft Manifest number: 5A Signing time: Thu 26 Mar 2026 15:53:28 +0000 Manifest this update: Thu 26 Mar 2026 15:48:28 +0000 Manifest next update: Fri 27 Mar 2026 19:51:28 +0000 Files and hashes: 1: 3130332e35362e3138372e302f32342d3234203d3e203539303433.roa (hash: b93qXeOKMOA0k1Tq0lEXe8AyLgDN80wyTvETkl87my8=) 2: 3130332e35362e3138362e302f32342d3234203d3e203539303433.roa (hash: 185Jozw9t6OPsftx2I3cbH+cAXu8MqzSEVvP5Bvz/0w=) 3: 2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.crl (hash: o7BexxB22qE7az6fZCBzwFOgS621jd2bwqxxYcHWnTA=) 4: 3130332e35362e3138342e302f32342d3234203d3e203539303433.roa (hash: hmhm/J6fR0cLjZz5lcB7aw6zPjy50dHaMavZ+vQXS/E=) 5: 3130332e35362e3138352e302f32342d3234203d3e203539303433.roa (hash: H/aYJEZDszUQqZEgBSI4KYTtHU/iCJRnmxQv5XXPkG0=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 19:51:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:b8:87:76:96:77:61:dc:76:19:67:01:65:9a:ec:f5:f2:f3:51:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A Validity Not Before: Mar 26 15:48:28 2026 GMT Not After : Mar 27 19:51:28 2026 GMT Subject: CN=DCCB1175880356882603BB18CC0E2CB6D2A54E59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f7:90:a9:3d:f2:b4:26:81:f8:0c:2e:57:39: 47:0b:12:ce:2a:bd:7d:55:71:f7:f0:87:4d:00:a7: 06:17:7c:9a:9b:0a:f5:ce:c7:3f:a2:f2:2f:af:8f: a9:07:91:3f:87:c9:98:32:22:53:4c:5e:7d:07:79: 48:82:a2:1e:36:07:2b:5e:7a:64:b9:3a:0f:20:65: 7e:4e:f3:ba:20:86:e2:a3:b1:f4:9e:06:1b:18:5b: bb:61:5a:ee:f3:1d:2c:7c:21:9b:b3:2e:c1:f3:ef: 8c:93:85:db:eb:2d:b0:31:fd:cb:27:95:4b:6d:1a: 2c:a3:24:4a:cd:5f:dd:70:b7:fa:44:a4:77:97:b4: 79:91:50:02:f3:91:ac:03:56:16:bc:ca:74:10:04: 2d:cb:e6:1c:e9:57:64:ec:a5:a8:1b:37:b9:fa:41: 94:82:c4:0b:89:61:0b:af:2a:a5:59:cf:26:42:0d: f6:58:a9:ae:f0:e1:99:3b:ff:a7:1b:cb:a3:0f:d9: 9f:68:5a:b3:7c:17:c1:74:10:55:99:b0:cb:57:08: 11:26:52:77:0a:b4:fa:9b:17:5d:13:69:0d:03:2a: aa:4a:67:6c:80:85:ad:ec:db:8c:e3:43:35:eb:ea: 04:2a:00:64:f0:a1:b0:45:af:b6:57:b1:94:3b:46: ac:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:CB:11:75:88:03:56:88:26:03:BB:18:CC:0E:2C:B6:D2:A5:4E:59 X509v3 Authority Key Identifier: keyid:2D:0B:C1:65:5D:17:A3:AB:09:C9:1E:43:A3:2D:E8:D8:AB:21:35:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:74:00:da:25:a1:99:33:d4:0d:41:73:5e:94:06:69:9c:10: fa:8d:5c:6a:42:22:8d:46:f2:4e:b6:55:8d:e3:5e:60:26:13: d7:95:5f:2e:22:91:fb:12:bb:74:b5:b6:fc:5c:07:76:78:93: 17:c7:bb:d3:b3:d3:9b:61:81:5c:45:0b:b1:a5:6b:2f:bd:66: bb:c6:9e:36:2b:fa:ae:95:2a:59:15:7f:b6:b3:00:cb:ff:d7: 39:c8:f2:e3:32:58:a7:c9:19:f0:8b:6f:39:23:45:a1:d8:47: 8f:ef:a6:7d:97:1a:9f:9b:57:3d:ca:43:85:0a:88:28:67:fe: ba:2b:54:ff:3e:fe:6c:15:d0:45:03:ba:34:a4:01:d1:ef:cf: be:44:fd:1f:62:9a:70:63:64:fb:cd:4d:a4:93:09:e0:fe:e9: 9e:cd:48:55:b8:b3:4b:9b:b6:96:ff:a8:6e:b5:96:ee:57:a6: d5:f3:7e:31:63:9c:79:29:47:f1:9a:b3:4a:e4:93:a0:1a:49: bd:e8:33:fa:e0:32:14:9a:e0:6a:8b:93:55:c4:09:10:22:6d: 28:60:6f:e6:40:bb:01:b1:68:93:d3:b8:b3:4b:99:4b:df:b1: 43:b4:8a:b8:dc:da:29:76:cc:8d:6f:ec:3b:32:22:a8:ab:6e: 5e:86:dd:41 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUa7iHdpZ3Ydx2GWcBZZrs9fLzUZ8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQwQkMxNjU1RDE3QTNBQjA5QzkxRTQzQTMyREU4RDhB QjIxMzUxQTAeFw0yNjAzMjYxNTQ4MjhaFw0yNjAzMjcxOTUxMjhaMDMxMTAvBgNV BAMTKERDQ0IxMTc1ODgwMzU2ODgyNjAzQkIxOENDMEUyQ0I2RDJBNTRFNTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz95CpPfK0JoH4DC5XOUcLEs4q vX1Vcffwh00ApwYXfJqbCvXOxz+i8i+vj6kHkT+HyZgyIlNMXn0HeUiCoh42Byte emS5Og8gZX5O87oghuKjsfSeBhsYW7thWu7zHSx8IZuzLsHz74yThdvrLbAx/csn lUttGiyjJErNX91wt/pEpHeXtHmRUALzkawDVha8ynQQBC3L5hzpV2TspagbN7n6 QZSCxAuJYQuvKqVZzyZCDfZYqa7w4Zk7/6cby6MP2Z9oWrN8F8F0EFWZsMtXCBEm UncKtPqbF10TaQ0DKqpKZ2yAha3s24zjQzXr6gQqAGTwobBFr7ZXsZQ7RqwlAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU3MsRdYgDVogmA7sYzA4sttKlTlkwHwYDVR0j BBgwFoAULQvBZV0Xo6sJyR5Doy3o2KshNRowDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDcyMDI1OS8wLzJEMEJDMTY1NUQxN0EzQUIwOUM5MUU0M0EzMkRF OEQ4QUIyMTM1MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMkQwQkMxNjU1RDE3QTNBQjA5QzkxRTQzQTMyREU4RDhBQjIxMzUxQS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ3MjAyNTkvMC8yRDBCQzE2NTVEMTdB M0FCMDlDOTFFNDNBMzJERThEOEFCMjEzNTFBLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3QA2iWhmTPU DUFzXpQGaZwQ+o1cakIijUbyTrZVjeNeYCYT15VfLiKR+xK7dLW2/FwHdniTF8e7 07PTm2GBXEULsaVrL71mu8aeNiv6rpUqWRV/trMAy//XOcjy4zJYp8kZ8ItvOSNF odhHj++mfZcan5tXPcpDhQqIKGf+uitU/z7+bBXQRQO6NKQB0e/PvkT9H2KacGNk +81NpJMJ4P7pns1IVbizS5u2lv+obrWW7lem1fN+MWOceSlH8ZqzSuSToBpJvegz +uAyFJrgaouTVcQJECJtKGBv5kC7AbFok9O4s0uZS9+xQ7SKuNzaKXbMjW/sOzIi qKtuXobdQQ== -----END CERTIFICATE-----Generated at Fri Mar 27 02:01:32 2026 by rpki-client