$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft File: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft (raw, json) Hash identifier: ZruzOqL1pUCxslgx39PhvlWtjURD0QBFvlRUwKmzSRw= Subject key identifier: CB:CF:68:D4:5A:3B:35:D2:76:73:74:14:BC:D7:8D:5E:8C:CC:36:AC Authority key identifier: D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 Certificate issuer: /CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Certificate serial: 45D16112A8E86455940E4F3907A8AD759EE69C94 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft Manifest number: 59 Signing time: Thu 26 Mar 2026 11:13:28 +0000 Manifest this update: Thu 26 Mar 2026 11:08:28 +0000 Manifest next update: Fri 27 Mar 2026 12:45:28 +0000 Files and hashes: 1: 323430623a613030303a6663333a3a2f34382d3438203d3e20313531333033.roa (hash: TiSdjmUDUZ7Io/2Ke/Pu2qkV+pzBX0aVcs8lYCtTick=) 2: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl (hash: kih7GifNOyNdG803heqcpQFJydNG1bABjEnVXcdL0kE=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 12:45:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:d1:61:12:a8:e8:64:55:94:0e:4f:39:07:a8:ad:75:9e:e6:9c:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Validity Not Before: Mar 26 11:08:28 2026 GMT Not After : Mar 27 12:45:28 2026 GMT Subject: CN=CBCF68D45A3B35D276737414BCD78D5E8CCC36AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b4:39:d1:8c:fd:47:a4:d3:a2:0d:18:91:c5: 71:92:17:1b:44:b5:48:a5:c8:46:c5:ba:fe:84:a9: fe:e0:62:18:ea:ee:9e:71:c0:51:cb:ea:e1:79:f2: db:6f:5b:9e:1d:6d:3c:df:e6:66:db:25:6e:b8:2a: 4b:54:e5:47:32:21:b6:63:b5:d3:7b:17:38:37:a9: 6d:91:f5:41:8f:46:4b:f9:cf:82:f0:dd:3e:1b:3b: cd:d9:e9:be:98:eb:27:80:24:d9:6c:61:f7:68:b4: 5c:c8:03:1d:6c:cf:98:c7:c7:fa:2b:e2:32:d9:bf: ad:46:17:cf:c7:8d:44:f2:70:08:a6:42:3f:c9:f2: 2c:8f:ed:1d:9e:6e:0c:a8:28:2e:3d:b8:8f:e7:90: 0f:ee:12:32:39:1a:ba:af:d9:01:99:09:1c:d8:05: 83:5e:bf:01:68:ff:8c:1b:c5:12:a1:51:b1:8d:63: ac:36:8f:c3:2b:09:fd:dd:06:3d:c6:c4:1b:61:f9: 50:41:af:ce:1f:49:13:bf:86:8a:82:66:49:7f:65: cb:d8:9e:45:74:6a:3b:b6:ac:3f:ea:28:ff:47:68: 91:9c:b9:d8:e3:5d:79:97:95:f0:99:fc:28:6b:84: 8e:74:95:62:1f:b8:ce:d4:9a:1d:af:18:de:dd:17: 05:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:CF:68:D4:5A:3B:35:D2:76:73:74:14:BC:D7:8D:5E:8C:CC:36:AC X509v3 Authority Key Identifier: keyid:D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:da:8e:df:f3:e5:27:15:70:ed:9e:25:4c:1f:7d:e7:84:1b: dd:77:55:bb:c7:d9:76:9c:77:d5:46:2e:e1:7b:0a:c5:8a:82: 35:67:1a:7a:f4:bc:1b:1a:3b:65:da:69:95:01:f9:23:68:02: 09:f7:ab:e0:e0:1a:85:d6:56:96:03:b6:fe:87:2f:0b:00:af: 9b:4d:30:6b:b9:f3:36:92:10:27:ac:4d:33:2c:89:fc:18:7a: c2:b5:3d:86:77:1e:33:43:a1:c3:c0:5a:1f:cf:dd:01:b4:8c: f4:29:9f:4d:93:09:fa:8f:08:2a:45:52:47:05:60:bd:5b:cf: bc:3c:34:3b:5d:a4:23:57:00:07:ca:37:cc:5d:9d:4e:db:45: c0:d6:bd:d8:45:ea:d9:72:99:de:37:65:7a:40:95:92:5a:7b: 40:7f:51:c5:fa:13:a5:65:60:28:23:72:0a:bc:5c:e1:9f:d0: 97:22:68:f8:9c:aa:9b:b5:54:81:51:29:62:1b:eb:3e:40:1c: 3d:2b:13:9d:34:45:4b:7f:5c:f0:2e:2a:64:20:12:ff:ab:fa: 23:bd:e1:93:d9:f5:bc:68:95:e8:ab:9b:a3:9d:9d:04:51:d1: bb:97:ec:96:6c:e0:eb:23:a6:c5:1f:ed:1d:d3:46:1a:83:69: e1:29:57:b7 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIURdFhEqjoZFWUDk85B6itdZ7mnJQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRC Q0FEMTk0MzAeFw0yNjAzMjYxMTA4MjhaFw0yNjAzMjcxMjQ1MjhaMDMxMTAvBgNV BAMTKENCQ0Y2OEQ0NUEzQjM1RDI3NjczNzQxNEJDRDc4RDVFOENDQzM2QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0tDnRjP1HpNOiDRiRxXGSFxtE tUilyEbFuv6Eqf7gYhjq7p5xwFHL6uF58ttvW54dbTzf5mbbJW64KktU5UcyIbZj tdN7Fzg3qW2R9UGPRkv5z4Lw3T4bO83Z6b6Y6yeAJNlsYfdotFzIAx1sz5jHx/or 4jLZv61GF8/HjUTycAimQj/J8iyP7R2ebgyoKC49uI/nkA/uEjI5Grqv2QGZCRzY BYNevwFo/4wbxRKhUbGNY6w2j8MrCf3dBj3GxBth+VBBr84fSRO/hoqCZkl/ZcvY nkV0aju2rD/qKP9HaJGcudjjXXmXlfCZ/ChrhI50lWIfuM7Umh2vGN7dFwXhAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUy89o1Fo7NdJ2c3QUvNeNXozMNqwwHwYDVR0j BBgwFoAU0v8dfG3x3XdaYQaXDQX/RLytGUMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTM4OTI2NTU1MTM2MS8wL0QyRkYxRDdDNkRGMURENzc1QTYxMDY5NzBEMDVG RjQ0QkNBRDE5NDMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRCQ0FEMTk0My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU1NTEzNjEvMC9EMkZGMUQ3QzZERjFE RDc3NUE2MTA2OTcwRDA1RkY0NEJDQUQxOTQzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjtqO3/PlJxVw 7Z4lTB9954Qb3XdVu8fZdpx31UYu4XsKxYqCNWcaevS8Gxo7ZdpplQH5I2gCCfer 4OAahdZWlgO2/ocvCwCvm00wa7nzNpIQJ6xNMyyJ/Bh6wrU9hnceM0Ohw8BaH8/d AbSM9CmfTZMJ+o8IKkVSRwVgvVvPvDw0O12kI1cAB8o3zF2dTttFwNa92EXq2XKZ 3jdlekCVklp7QH9RxfoTpWVgKCNyCrxc4Z/QlyJo+Jyqm7VUgVEpYhvrPkAcPSsT nTRFS39c8C4qZCAS/6v6I73hk9n1vGiV6Kubo52dBFHRu5fslmzg6yOmxR/tHdNG GoNp4SlXtw== -----END CERTIFICATE-----Generated at Fri Mar 27 05:01:32 2026 by rpki-client