$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft File: D9EB5C6DC17682949F5243587DA38740C3EEA953.mft (raw, json) Hash identifier: lAe8JIh6XnE/RdHpvNuUnsPlYXNDIGdKvrp9LRbB2QA= Subject key identifier: BF:A3:1D:EB:3F:64:D7:BD:8A:7F:E3:07:45:C2:E9:52:2C:FB:E8:BF Authority key identifier: D9:EB:5C:6D:C1:76:82:94:9F:52:43:58:7D:A3:87:40:C3:EE:A9:53 Certificate issuer: /CN=D9EB5C6DC17682949F5243587DA38740C3EEA953 Certificate serial: 314F34F493B2428B2C7DA672D1D0D56E5235AAE8 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft Manifest number: 5A Signing time: Thu 26 Mar 2026 18:13:28 +0000 Manifest this update: Thu 26 Mar 2026 18:08:28 +0000 Manifest next update: Fri 27 Mar 2026 19:26:28 +0000 Files and hashes: 1: D9EB5C6DC17682949F5243587DA38740C3EEA953.crl (hash: Z4Tq0BpJPe9sUiQMPE9rpKYBCP/gwKZ2sZ8AvePaIy4=) 2: 323430373a393038303a3a2f33322d3634203d3e203633363331.roa (hash: RtOoe4RmLFL3YbHfpUMA6V286a2QhifPZV7nvutl6kg=) 3: 3131392e3136312e3135322e302f32312d3234203d3e203633363331.roa (hash: BBTRwX86DtfzxU9rTrkCfkvyq+j6Fyat/htWxMwmilE=) 4: 3131392e3136312e3136302e302f32312d3234203d3e203633363331.roa (hash: fm9f22URXj00X+QlA/PpQ/F1F4uphlfQee6cITcqhgg=) 5: 3131392e3136312e3133362e302f32312d3234203d3e203633363331.roa (hash: q975HSO7Atv6pgfxEXanM5WMHvz/cN828nBH1I+FNos=) 6: 3131392e3136312e3134342e302f32312d3234203d3e203633363331.roa (hash: WUSgHCOBVUebvdwfVgY5RDlp2/uC/v+NAYmc5JoVMPE=) 7: 323430373a386238303a3a2f33322d3634203d3e203633363331.roa (hash: WdIf6CkgwHhBtmwW9wC8z2X2aD7F1CPhNusCG6l7zvk=) 8: 3131392e3136312e3133382e302f32342d3234203d3e203633363331.roa (hash: TT0ksNomih+B2jCsvyApNDhVN1yErVHUo6JYmbCpCys=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.crl rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 19:26:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:4f:34:f4:93:b2:42:8b:2c:7d:a6:72:d1:d0:d5:6e:52:35:aa:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9EB5C6DC17682949F5243587DA38740C3EEA953 Validity Not Before: Mar 26 18:08:28 2026 GMT Not After : Mar 27 19:26:28 2026 GMT Subject: CN=BFA31DEB3F64D7BD8A7FE30745C2E9522CFBE8BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7c:ce:64:79:0e:b1:6d:65:70:64:5c:e4:5e: cd:6d:2f:f7:33:6a:92:39:c7:37:dc:6b:0c:fa:6f: 3a:26:23:bd:1f:75:36:5e:0e:90:0a:9b:31:65:09: 7c:f9:4e:fa:93:c1:b9:d8:c7:3f:4f:4e:a1:28:b0: 37:0f:44:ed:42:af:c8:8b:71:6d:c1:a8:2b:23:3f: 00:9d:47:f6:8b:52:0d:71:15:0c:62:0c:24:50:8e: 46:18:2f:a1:d3:03:24:c9:93:b4:ed:e3:fe:f9:13: 6f:21:d7:6b:88:d1:a7:cd:72:7a:b6:1a:c4:7a:7e: 9c:9e:23:f7:7d:6e:77:78:67:51:58:8b:a9:ac:99: 24:00:8f:63:45:97:d2:35:2a:e0:e7:93:2e:c4:46: 88:3e:97:95:42:84:07:85:c1:27:15:82:80:fd:17: 07:03:92:4f:f9:17:5a:46:90:1a:c2:39:1b:33:cb: 92:de:75:7d:c1:bd:fc:de:1b:cb:47:e6:31:38:59: 02:d8:16:43:78:8e:eb:6f:5a:d3:c3:46:7d:60:4a: 9c:4e:1c:0e:4d:ad:ee:eb:a9:6d:39:82:97:f7:32: 36:50:62:ea:51:8d:97:f2:ad:cb:df:8b:63:08:58: 42:ff:b2:10:15:38:18:21:02:b7:b7:fa:54:cb:92: bb:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:A3:1D:EB:3F:64:D7:BD:8A:7F:E3:07:45:C2:E9:52:2C:FB:E8:BF X509v3 Authority Key Identifier: keyid:D9:EB:5C:6D:C1:76:82:94:9F:52:43:58:7D:A3:87:40:C3:EE:A9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:ef:0a:29:db:92:6b:9b:54:c4:97:fb:ff:5c:1d:99:e0:03: e9:78:84:2f:3a:c9:a7:08:ed:65:98:23:f6:68:3a:27:cf:4d: 44:ff:09:ee:f0:81:ad:6b:68:1c:e3:8e:77:b9:b8:c9:11:ae: 2b:0a:16:02:1a:d0:f0:3c:cc:f6:65:5d:41:83:7a:65:15:33: 0f:95:b1:b8:44:e3:e9:d4:92:d0:22:95:b4:93:66:11:29:bd: 14:c0:16:e8:44:11:e2:fe:72:fa:e9:b4:f4:c8:29:5a:31:12: 23:fa:04:c7:39:40:8e:b0:a6:6d:77:f7:fe:fd:cf:a3:bd:1b: 61:be:b5:55:43:0f:8b:4f:89:d8:7f:77:1a:97:d2:e6:97:a2: 59:d1:78:58:b0:35:a5:a8:e4:a8:d9:ee:20:73:a8:27:82:6f: fa:28:1d:0d:44:0a:41:0b:c6:a1:b5:4c:b5:9e:46:97:84:9e: f1:d6:a7:e9:a3:14:49:11:9a:af:56:a4:aa:ef:6a:69:18:85: 5e:26:64:e5:e3:a4:c4:66:c3:2c:ba:61:ad:41:a3:e3:69:48: d5:5d:d2:10:5a:f0:df:cb:7d:53:d2:e5:c4:bf:b4:c2:36:79: 60:b4:77:64:1b:3c:39:23:74:c6:88:e4:06:86:8d:b3:c8:d0: 2a:ed:62:18 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUMU809JOyQossfaZy0dDVblI1qugwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlFQjVDNkRDMTc2ODI5NDlGNTI0MzU4N0RBMzg3NDBD M0VFQTk1MzAeFw0yNjAzMjYxODA4MjhaFw0yNjAzMjcxOTI2MjhaMDMxMTAvBgNV BAMTKEJGQTMxREVCM0Y2NEQ3QkQ4QTdGRTMwNzQ1QzJFOTUyMkNGQkU4QkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGfM5keQ6xbWVwZFzkXs1tL/cz apI5xzfcawz6bzomI70fdTZeDpAKmzFlCXz5TvqTwbnYxz9PTqEosDcPRO1Cr8iL cW3BqCsjPwCdR/aLUg1xFQxiDCRQjkYYL6HTAyTJk7Tt4/75E28h12uI0afNcnq2 GsR6fpyeI/d9bnd4Z1FYi6msmSQAj2NFl9I1KuDnky7ERog+l5VChAeFwScVgoD9 FwcDkk/5F1pGkBrCORszy5LedX3BvfzeG8tH5jE4WQLYFkN4jutvWtPDRn1gSpxO HA5Nre7rqW05gpf3MjZQYupRjZfyrcvfi2MIWEL/shAVOBghAre3+lTLkrsRAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUv6Md6z9k172Kf+MHRcLpUiz76L8wHwYDVR0j BBgwFoAU2etcbcF2gpSfUkNYfaOHQMPuqVMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4MjMzMDM0Njg2NDY0MS8wL0Q5RUI1QzZEQzE3NjgyOTQ5RjUyNDM1ODdEQTM4 NzQwQzNFRUE5NTMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDlFQjVDNkRDMTc2ODI5NDlGNTI0MzU4N0RBMzg3NDBDM0VFQTk1My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODIzMzAzNDY4NjQ2NDEvMC9EOUVCNUM2REMxNzY4 Mjk0OUY1MjQzNTg3REEzODc0MEMzRUVBOTUzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAne8KKduSa5tU xJf7/1wdmeAD6XiELzrJpwjtZZgj9mg6J89NRP8J7vCBrWtoHOOOd7m4yRGuKwoW AhrQ8DzM9mVdQYN6ZRUzD5WxuETj6dSS0CKVtJNmESm9FMAW6EQR4v5y+um09Mgp WjESI/oExzlAjrCmbXf3/v3Po70bYb61VUMPi0+J2H93GpfS5peiWdF4WLA1pajk qNnuIHOoJ4Jv+igdDUQKQQvGobVMtZ5Gl4Se8dan6aMUSRGar1akqu9qaRiFXiZk 5eOkxGbDLLphrUGj42lI1V3SEFrw38t9U9LlxL+0wjZ5YLR3ZBs8OSN0xojkBoaN s8jQKu1iGA== -----END CERTIFICATE-----Generated at Fri Mar 27 02:03:41 2026 by rpki-client