$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft File: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft (raw, json) Hash identifier: fWfvIn2M9E2/pNSKDdYLmPRspExYOQhWXA86w4G27jk= Subject key identifier: 73:99:E6:1E:6B:A5:12:28:C1:A1:1F:05:17:D4:C5:61:42:FE:EB:38 Authority key identifier: 67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 Certificate issuer: /CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Certificate serial: 1B0455DF30D9D1DC3DA392F2CC158E0B5D32ED4A Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft Manifest number: 5B Signing time: Thu 26 Mar 2026 14:28:28 +0000 Manifest this update: Thu 26 Mar 2026 14:23:28 +0000 Manifest next update: Fri 27 Mar 2026 17:31:28 +0000 Files and hashes: 1: 3130332e3134302e31342e302f32332d3332203d3e203137363231.roa (hash: 2cWU5UH8whnz87agI1VludkKe4lf2cSxtmFnl04vmyI=) 2: 3130332e3134302e31342e302f32332d3332203d3e20313339303931.roa (hash: Dm1g3UjQyhGbjlFkBoWW9J4T2d5S6s8go1jP82Lkdfk=) 3: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl (hash: hmvmw4Q7ipTbqmC9planLS6ihlp+o+P+orkq8LC0f0E=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 05:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:04:55:df:30:d9:d1:dc:3d:a3:92:f2:cc:15:8e:0b:5d:32:ed:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Validity Not Before: Mar 26 14:23:28 2026 GMT Not After : Mar 27 17:31:28 2026 GMT Subject: CN=7399E61E6BA51228C1A11F0517D4C56142FEEB38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:64:c4:75:b0:68:9f:2f:d3:40:57:38:52:d4: 59:0f:24:dc:ca:28:a4:d3:a6:5e:a8:8e:8b:f7:0e: f9:fe:70:9d:9d:72:7c:c2:70:10:d4:d4:08:68:a4: d9:4e:12:98:3f:b0:13:45:40:a0:84:cd:ba:6e:ed: 3f:8a:10:91:44:7e:5a:7a:c8:98:b5:c8:7f:12:f0: b5:87:85:c9:09:0b:59:cd:02:20:f4:53:ab:6b:ec: ab:ba:34:92:ac:a8:34:76:6c:12:c7:14:b6:c4:57: 03:a7:10:4a:46:41:58:90:0a:15:d4:9b:59:1c:da: 00:be:7f:31:8b:e4:ce:b8:ef:bc:d9:e4:cc:06:91: ac:ce:3d:92:f2:4d:99:e7:52:a4:70:dc:83:55:18: 84:2b:d3:fe:60:16:03:86:43:71:b8:c0:16:b8:cc: 55:c2:85:86:dd:74:cb:d7:54:19:2f:4b:f7:ea:56: 07:c5:68:5a:67:0a:ee:bf:3f:cf:3e:ba:31:53:b5: 49:f8:0f:1a:72:5a:e2:ad:17:01:79:bc:2f:56:6f: 31:16:44:ed:51:2d:de:46:bb:fe:95:e7:f1:a0:38: cb:19:dd:80:3c:5f:ac:71:4f:f1:1e:18:93:0f:35: 40:a8:7d:37:34:ed:8b:2f:f0:3a:7b:cd:11:66:5b: bc:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:99:E6:1E:6B:A5:12:28:C1:A1:1F:05:17:D4:C5:61:42:FE:EB:38 X509v3 Authority Key Identifier: keyid:67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:53:87:3a:96:7b:8b:58:bf:17:36:21:e1:2c:b7:f7:59:44: 18:1b:b4:26:93:84:27:f5:c6:8c:5d:18:f4:d0:90:15:75:03: 62:a8:a6:9a:a7:94:70:ee:e2:ad:57:93:09:24:30:91:64:d8: 58:39:68:46:07:1c:c9:70:bc:54:68:01:b7:21:ce:de:99:a6: cd:79:a1:13:56:10:8c:50:a9:a9:59:db:c0:3c:27:8b:62:27: 60:3b:27:ac:91:8f:33:0d:af:b2:06:00:6e:c2:0c:ed:33:d3: a5:e3:f9:49:3a:5d:03:53:c6:8c:ed:f0:f1:14:13:d5:b5:88: f9:63:07:fa:36:db:c3:f4:ba:92:b4:d1:35:65:6d:c7:0e:f3: d0:67:19:14:70:8c:cd:73:41:06:19:ae:99:06:26:1b:cf:d6: c4:df:9b:10:2c:d6:e7:4c:87:fe:09:9b:56:90:a7:b0:19:fa: e2:ff:5d:12:be:ab:57:c3:a0:ad:31:92:20:07:09:c1:5b:cf: cd:56:53:06:a8:80:9b:ef:be:e8:01:5d:21:d3:bc:f0:51:e0: 13:fd:de:b7:af:cc:f2:a0:03:40:26:09:6b:41:b6:7d:c6:71: 56:1c:2b:7e:14:14:09:b7:3f:d7:b6:8a:72:5e:a3:b3:12:e1: fc:16:8c:1d -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUGwRV3zDZ0dw9o5LyzBWOC10y7UowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZF MEEyNTMxNjAeFw0yNjAzMjYxNDIzMjhaFw0yNjAzMjcxNzMxMjhaMDMxMTAvBgNV BAMTKDczOTlFNjFFNkJBNTEyMjhDMUExMUYwNTE3RDRDNTYxNDJGRUVCMzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcZMR1sGifL9NAVzhS1FkPJNzK KKTTpl6ojov3Dvn+cJ2dcnzCcBDU1AhopNlOEpg/sBNFQKCEzbpu7T+KEJFEflp6 yJi1yH8S8LWHhckJC1nNAiD0U6tr7Ku6NJKsqDR2bBLHFLbEVwOnEEpGQViQChXU m1kc2gC+fzGL5M6477zZ5MwGkazOPZLyTZnnUqRw3INVGIQr0/5gFgOGQ3G4wBa4 zFXChYbddMvXVBkvS/fqVgfFaFpnCu6/P88+ujFTtUn4DxpyWuKtFwF5vC9WbzEW RO1RLd5Gu/6V5/GgOMsZ3YA8X6xxT/EeGJMPNUCofTc07Ysv8Dp7zRFmW7xlAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUc5nmHmulEijBoR8FF9TFYUL+6zgwHwYDVR0j BBgwFoAUZ5ZtNO+/TLz7AM+cIEU5v+CiUxYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4Mjc0MTU3Nzg1OTA3NC8wLzY3OTY2RDM0RUZCRjRDQkNGQjAwQ0Y5QzIwNDUz OUJGRTBBMjUzMTYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZFMEEyNTMxNi5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODI3NDE1Nzc4NTkwNzQvMC82Nzk2NkQzNEVGQkY0 Q0JDRkIwMENGOUMyMDQ1MzlCRkUwQTI1MzE2Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVOHOpZ7i1i/ FzYh4Sy391lEGBu0JpOEJ/XGjF0Y9NCQFXUDYqimmqeUcO7irVeTCSQwkWTYWDlo RgccyXC8VGgBtyHO3pmmzXmhE1YQjFCpqVnbwDwni2InYDsnrJGPMw2vsgYAbsIM 7TPTpeP5STpdA1PGjO3w8RQT1bWI+WMH+jbbw/S6krTRNWVtxw7z0GcZFHCMzXNB BhmumQYmG8/WxN+bECzW50yH/gmbVpCnsBn64v9dEr6rV8OgrTGSIAcJwVvPzVZT BqiAm+++6AFdIdO88FHgE/3et6/M8qADQCYJa0G2fcZxVhwrfhQUCbc/17aKcl6j sxLh/BaMHQ== -----END CERTIFICATE-----Generated at Thu Mar 26 22:31:48 2026 by rpki-client