$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394982403/1/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.mft File: BA443CFDA40373E3F27A14B414EC248A46A7DF6D.mft (raw, json) Hash identifier: gspI87DDZTFNMPdGwhyB5pyAXHaRywxZBneldyDOzY0= Subject key identifier: D2:C8:34:7B:FC:7C:ED:71:C4:49:A7:4F:21:EA:B3:A9:E3:C3:29:76 Authority key identifier: BA:44:3C:FD:A4:03:73:E3:F2:7A:14:B4:14:EC:24:8A:46:A7:DF:6D Certificate issuer: /CN=BA443CFDA40373E3F27A14B414EC248A46A7DF6D Certificate serial: 46188B502786B02D54FDA18857F2290FFE12E580 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394982403/1/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.mft Manifest number: 5C Signing time: Wed 25 Mar 2026 21:03:28 +0000 Manifest this update: Wed 25 Mar 2026 20:58:28 +0000 Manifest next update: Thu 26 Mar 2026 22:55:28 +0000 Files and hashes: 1: 3136312e3138392e302e302f31362d3234203d3e20313335363239.roa (hash: VArv7wtcC799gjidJmBBAegNoq7R1zV2WHiORYAIAis=) 2: 36392e3233302e3139322e302f31382d3234203d3e20313335363239.roa (hash: /uf0g79WaYYKp8U6K7QwR/TfIar6CyVBAf2iICVpTWY=) 3: BA443CFDA40373E3F27A14B414EC248A46A7DF6D.crl (hash: 3clIWjU2gNwuRLl0vDDOEXIpea6+yzuU8xggRu5+P7k=) 4: 36392e3233342e3139322e302f31382d3234203d3e20313335363239.roa (hash: 2JgPRqzChL6aRN2HHWJ+liAA49OceEMdwqv4mL4g3TA=) 5: 35322e38322e302e302f31352d3234203d3e20313335363239.roa (hash: BKfKRfeGnTe+uCfmNH8LGxHMZkSFP82yHfMi+FwAgaw=) 6: 36382e37392e302e302f31382d3234203d3e20313335363239.roa (hash: xBimZBgddQkxVZ4hekblEfEIhExEpMzz0u8+4zAsM8o=) 7: 36392e3233312e3132382e302f31382d3234203d3e20313335363239.roa (hash: i3tzGoy9z14VYKRZErV4ccYrCvQWVU9YyKnJBvsNCy4=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394982403/1/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394982403/1/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ywIUpcQE1vhAQzsSDKy7W4xZ5hM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 22:55:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:18:8b:50:27:86:b0:2d:54:fd:a1:88:57:f2:29:0f:fe:12:e5:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BA443CFDA40373E3F27A14B414EC248A46A7DF6D Validity Not Before: Mar 25 20:58:28 2026 GMT Not After : Mar 26 22:55:28 2026 GMT Subject: CN=D2C8347BFC7CED71C449A74F21EAB3A9E3C32976 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:47:28:c7:05:6d:f7:f8:df:4b:3f:9d:d7:53: c8:22:c1:df:71:85:b2:ec:0e:b6:c4:43:9d:41:52: 23:bd:a2:3b:32:2e:69:3c:10:1d:05:40:f0:84:fa: a0:35:4d:4b:e7:a8:44:03:38:3c:77:84:ab:00:82: 99:b0:a4:97:5d:a8:33:8a:20:eb:6c:ba:be:7e:47: 02:70:1f:aa:8b:b6:a5:76:32:64:74:aa:4c:5d:90: d9:b1:b8:c5:4a:97:19:0e:3e:c1:0d:b6:fe:97:92: 19:a6:a4:95:4f:6f:6d:cc:dc:9c:00:4c:65:3f:c2: fd:dc:9d:c0:f1:fa:0e:63:18:c9:95:06:e7:41:33: 36:cf:28:92:7c:45:17:46:73:85:a9:ac:02:e5:bd: 40:63:69:e6:f3:e4:ed:6d:de:3e:b3:5e:0f:9f:08: 54:27:7a:11:5e:89:03:99:e7:f5:68:30:94:19:9d: fd:12:a5:2f:3b:e2:f8:a4:45:18:7a:ee:ee:71:d0: a3:dc:64:a2:ce:62:4c:f8:08:74:83:7c:f0:2d:fc: e2:81:9e:25:99:6f:4a:56:a4:00:e3:5a:22:94:bf: 1b:4f:f7:4c:41:22:46:2c:50:e6:45:1d:15:e1:4b: e5:57:b1:d4:86:a7:bf:01:e4:30:3a:8d:ad:66:dd: 54:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:C8:34:7B:FC:7C:ED:71:C4:49:A7:4F:21:EA:B3:A9:E3:C3:29:76 X509v3 Authority Key Identifier: keyid:BA:44:3C:FD:A4:03:73:E3:F2:7A:14:B4:14:EC:24:8A:46:A7:DF:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394982403/1/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394982403/1/BA443CFDA40373E3F27A14B414EC248A46A7DF6D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:ad:a2:e8:83:4b:50:96:49:22:c3:d7:4f:86:8e:d6:fe:2a: db:27:af:9f:16:44:69:69:c4:8c:95:db:92:ee:35:9b:9b:e3: f2:00:6a:c7:d7:09:b9:2b:15:13:4a:7e:39:24:3b:5c:a2:fc: 45:ba:37:a6:53:0e:56:09:85:42:56:ed:27:7a:1a:b8:34:85: 6d:01:25:bc:52:59:d4:30:e3:4e:f1:e0:a5:be:18:a1:38:f2: 37:63:6e:96:5b:2b:46:79:b0:a3:24:a8:13:45:c0:ad:10:1a: 85:ce:7f:26:42:3f:6e:4f:e9:68:1a:dd:f4:ff:5e:0c:db:d8: 8a:c4:41:cb:98:d5:39:ef:b9:31:61:9a:e7:3e:fe:65:1c:d0: 18:f8:1f:d8:49:dc:0f:93:77:0e:8b:d3:9a:36:9f:07:fd:b8: f7:41:70:fe:14:a1:3d:eb:05:32:1a:87:dc:06:76:54:4d:1d: 96:5b:e1:5a:39:6a:fe:39:8a:af:85:ce:0f:31:25:6d:ba:58: 8c:5d:50:58:35:a3:db:c1:c0:1a:3a:69:74:95:12:cd:14:d8: 80:64:54:13:20:b2:17:d5:96:ce:38:0e:df:1f:76:07:e7:a9: f9:6a:d0:04:31:0c:a2:c3:7c:1e:4c:10:e1:b9:11:d8:58:19: 3a:fc:bf:a3 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIURhiLUCeGsC1U/aGIV/IpD/4S5YAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkE0NDNDRkRBNDAzNzNFM0YyN0ExNEI0MTRFQzI0OEE0 NkE3REY2RDAeFw0yNjAzMjUyMDU4MjhaFw0yNjAzMjYyMjU1MjhaMDMxMTAvBgNV BAMTKEQyQzgzNDdCRkM3Q0VENzFDNDQ5QTc0RjIxRUFCM0E5RTNDMzI5NzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrRyjHBW33+N9LP53XU8giwd9x hbLsDrbEQ51BUiO9ojsyLmk8EB0FQPCE+qA1TUvnqEQDODx3hKsAgpmwpJddqDOK IOtsur5+RwJwH6qLtqV2MmR0qkxdkNmxuMVKlxkOPsENtv6XkhmmpJVPb23M3JwA TGU/wv3cncDx+g5jGMmVBudBMzbPKJJ8RRdGc4WprALlvUBjaebz5O1t3j6zXg+f CFQnehFeiQOZ5/VoMJQZnf0SpS874vikRRh67u5x0KPcZKLOYkz4CHSDfPAt/OKB niWZb0pWpADjWiKUvxtP90xBIkYsUOZFHRXhS+VXsdSGp78B5DA6ja1m3VS3AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU0sg0e/x87XHESadPIeqzqePDKXYwHwYDVR0j BBgwFoAUukQ8/aQDc+PyehS0FOwkikan320wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDk4MjQwMy8xL0JBNDQzQ0ZEQTQwMzczRTNGMjdBMTRCNDE0RUMy NDhBNDZBN0RGNkQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzAvQkE0NDNDRkRBNDAzNzNFM0YyN0ExNEI0MTRFQzI0OEE0NkE3REY2RC5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ5ODI0MDMvMS9CQTQ0M0NGREE0MDM3 M0UzRjI3QTE0QjQxNEVDMjQ4QTQ2QTdERjZELm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR62i6INLUJZJ IsPXT4aO1v4q2yevnxZEaWnEjJXbku41m5vj8gBqx9cJuSsVE0p+OSQ7XKL8Rbo3 plMOVgmFQlbtJ3oauDSFbQElvFJZ1DDjTvHgpb4YoTjyN2NullsrRnmwoySoE0XA rRAahc5/JkI/bk/paBrd9P9eDNvYisRBy5jVOe+5MWGa5z7+ZRzQGPgf2EncD5N3 DovTmjafB/2490Fw/hShPesFMhqH3AZ2VE0dllvhWjlq/jmKr4XODzElbbpYjF1Q WDWj28HAGjppdJUSzRTYgGRUEyCyF9WWzjgO3x92B+ep+WrQBDEMosN8HkwQ4bkR 2FgZOvy/ow== -----END CERTIFICATE-----Generated at Thu Mar 26 10:03:23 2026 by rpki-client