$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217192963/0/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.mft File: CE20AD60B5FF206D53409236A11F47FD4F31ACE7.mft (raw, json) Hash identifier: 7x6Ox+anXcUE2QiAVtgRO95qrHe0sboOksenBnFDoas= Subject key identifier: 99:D7:92:1C:28:0A:53:4B:7A:A3:59:B9:85:5F:32:54:C0:57:3E:63 Authority key identifier: CE:20:AD:60:B5:FF:20:6D:53:40:92:36:A1:1F:47:FD:4F:31:AC:E7 Certificate issuer: /CN=CE20AD60B5FF206D53409236A11F47FD4F31ACE7 Certificate serial: 029460F38FB6B31885650C727825A664A201C6BD Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217192963/0/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.mft Manifest number: 5A Signing time: Thu 26 Mar 2026 11:38:28 +0000 Manifest this update: Thu 26 Mar 2026 11:33:28 +0000 Manifest next update: Fri 27 Mar 2026 13:12:28 +0000 Files and hashes: 1: 323430373a386634303a323a3a2f34382d3634203d3e2034383136.roa (hash: ytZdKkF45ks8sSi6yaCVxbx3H04n3ys0csOJRdnnNXk=) 2: 3230322e34362e3232342e302f32302d3234203d3e203337393638.roa (hash: gD6s0WeuhRIf02DzPtxzwxRWJZcIvRWmlQJwip4leBc=) 3: 3230322e34362e3232342e302f32302d3234203d3e2039383038.roa (hash: iyoDlHY31/A4gM9wUfi+CACam/Ogoja7GPLP33uj3yk=) 4: 3230322e34362e3232342e302f32302d3234203d3e20313335303631.roa (hash: SbsA4PTcJ3wiRQHn6khyisvG8rEWD+Byylxc8KTQeAE=) 5: 3230322e34362e3232342e302f32302d3234203d3e2034313334.roa (hash: RAvA3o2t61W8acXnwo8+PDMa0aTuyb7vHr0QuWLv5ks=) 6: 3230322e34362e3232342e302f32302d3234203d3e203536303430.roa (hash: Z2a1B5gCNns+2BmhvjTcFOulUeYUIxpwK5Cp54mMFuc=) 7: 3230322e34362e3232342e302f32302d3234203d3e2034383136.roa (hash: AP3LEhr9NJskIRyHLt3gZgOoccAkuzlPpcd0mfSxGok=) 8: 323430373a386634303a323a3a2f34382d3634203d3e203337393638.roa (hash: LDNK9PweFjK1wKyDe573Xy72qh4NYoOlHHEQeHBvEAY=) 9: 323430373a386634303a323a3a2f34382d3634203d3e20313335303631.roa (hash: TV5l/9iH0hJhAxcbYqBzwx9+XPgyfR2/A5t7iLIIav8=) 10: CE20AD60B5FF206D53409236A11F47FD4F31ACE7.crl (hash: yvvS7ASc+1ciSCDIEw+Crf4X76qiR/jcqi72WIApc7A=) 11: 3130332e322e3136342e302f32322d3234203d3e203337393638.roa (hash: i9AMULZIaXWZ++7WSVdr7F6StnWG0S7RqV3FJqfppGQ=) 12: 323430373a386634303a323a3a2f34382d3634203d3e2039383038.roa (hash: TR06nDz1gTNdLIM8dcIeX2BYLDVoZsmF+tqoM6cwPDs=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217192963/0/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217192963/0/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 05:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:94:60:f3:8f:b6:b3:18:85:65:0c:72:78:25:a6:64:a2:01:c6:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE20AD60B5FF206D53409236A11F47FD4F31ACE7 Validity Not Before: Mar 26 11:33:28 2026 GMT Not After : Mar 27 13:12:28 2026 GMT Subject: CN=99D7921C280A534B7AA359B9855F3254C0573E63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:52:72:a0:65:c1:30:da:05:46:fb:1a:00:75: bf:07:89:fb:07:eb:b4:bd:da:d1:32:ca:0b:dd:40: 35:65:e8:52:23:75:07:cb:32:30:17:8b:c5:aa:cb: 19:11:13:4d:56:73:b2:6d:ba:35:cc:85:1c:65:85: 99:c9:ae:c3:d7:cd:99:e9:8c:b8:d3:23:4a:36:d9: 79:db:80:87:6b:f9:19:84:64:51:66:89:3e:96:ee: 15:0a:0d:a9:f5:cf:6d:69:d0:2d:f8:af:9b:38:9f: 75:d6:ef:44:30:8a:0c:51:6c:4a:16:8e:8e:cf:07: 75:37:c5:5a:51:ca:e1:24:c3:de:ef:26:b1:55:d4: 45:9a:10:27:8d:49:30:a6:97:f6:1f:cc:e8:55:be: 0c:3d:64:78:23:b7:2b:25:d6:32:ee:63:f3:2c:1b: 6a:72:f0:18:98:98:95:9b:aa:b9:26:0a:91:d2:04: 4c:90:ac:4f:7d:9a:d6:9b:84:db:9c:1d:a5:25:b4: 19:e1:14:b7:2d:fd:ec:fa:e1:2e:2f:65:4e:00:6d: 47:5d:18:7f:fd:90:c9:e4:57:cb:90:d6:b6:db:d4: f3:d1:56:eb:3e:a4:5b:ae:c0:08:b7:52:b9:7c:1e: 76:c2:70:24:af:bf:7a:ea:29:76:c3:a9:35:59:25: 68:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:D7:92:1C:28:0A:53:4B:7A:A3:59:B9:85:5F:32:54:C0:57:3E:63 X509v3 Authority Key Identifier: keyid:CE:20:AD:60:B5:FF:20:6D:53:40:92:36:A1:1F:47:FD:4F:31:AC:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217192963/0/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217192963/0/CE20AD60B5FF206D53409236A11F47FD4F31ACE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d5:71:99:ab:40:67:69:66:6b:82:1f:81:48:18:32:b1:25:e4: f8:e5:0e:3e:bc:5e:df:69:28:95:56:9b:ba:4d:aa:93:ed:55: c5:4c:b1:76:9b:d2:2a:49:0c:e5:b9:13:80:ca:e6:9b:5a:f0: 8f:07:3b:dd:37:9c:55:6b:11:9a:72:22:d7:f5:f8:27:b9:d6: b7:a5:3c:5e:bf:29:4f:6b:07:48:d0:45:37:dd:1d:e5:2a:cb: 2a:38:ff:93:c6:62:65:98:ed:8f:83:a3:96:e4:65:ed:f0:83: d7:b8:48:c0:9f:2f:2b:bd:eb:44:ff:68:bb:57:0d:c4:a1:82: dd:d9:03:38:d0:28:22:57:16:d7:b8:a4:d3:bf:db:4e:2c:85: 19:5f:ef:36:92:cd:e8:4d:10:68:29:ba:32:1c:01:3a:9b:02: 58:22:6a:99:0d:ed:c9:8b:12:c2:35:6f:7c:34:7f:c5:5e:83: 8e:73:6c:a2:bf:1b:60:d2:e7:5d:18:80:dd:59:f1:b7:d4:7f: 19:29:ce:dd:da:45:9a:11:1c:95:fa:10:04:e8:78:20:65:b8: fe:88:8e:c5:33:39:fe:7f:5b:77:e3:88:72:db:79:2d:1c:4d: c8:d4:e9:d4:49:50:69:a5:c1:04:5c:73:7e:9c:30:fe:70:0a: 17:af:e7:06 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUApRg84+2sxiFZQxyeCWmZKIBxr0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0UyMEFENjBCNUZGMjA2RDUzNDA5MjM2QTExRjQ3RkQ0 RjMxQUNFNzAeFw0yNjAzMjYxMTMzMjhaFw0yNjAzMjcxMzEyMjhaMDMxMTAvBgNV BAMTKDk5RDc5MjFDMjgwQTUzNEI3QUEzNTlCOTg1NUYzMjU0QzA1NzNFNjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHUnKgZcEw2gVG+xoAdb8HifsH 67S92tEyygvdQDVl6FIjdQfLMjAXi8WqyxkRE01Wc7JtujXMhRxlhZnJrsPXzZnp jLjTI0o22XnbgIdr+RmEZFFmiT6W7hUKDan1z21p0C34r5s4n3XW70QwigxRbEoW jo7PB3U3xVpRyuEkw97vJrFV1EWaECeNSTCml/YfzOhVvgw9ZHgjtysl1jLuY/Ms G2py8BiYmJWbqrkmCpHSBEyQrE99mtabhNucHaUltBnhFLct/ez64S4vZU4AbUdd GH/9kMnkV8uQ1rbb1PPRVus+pFuuwAi3Url8HnbCcCSvv3rqKXbDqTVZJWhTAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUmdeSHCgKU0t6o1m5hV8yVMBXPmMwHwYDVR0j BBgwFoAUziCtYLX/IG1TQJI2oR9H/U8xrOcwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzE5Mjk2My8wL0NFMjBBRDYwQjVGRjIwNkQ1MzQwOTIzNkExMUY0 N0ZENEYzMUFDRTcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQ0UyMEFENjBCNUZGMjA2RDUzNDA5MjM2QTExRjQ3RkQ0RjMxQUNFNy5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTcxOTI5NjMvMC9DRTIwQUQ2MEI1RkYy MDZENTM0MDkyMzZBMTFGNDdGRDRGMzFBQ0U3Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1XGZq0BnaWZr gh+BSBgysSXk+OUOPrxe32kolVabuk2qk+1VxUyxdpvSKkkM5bkTgMrmm1rwjwc7 3TecVWsRmnIi1/X4J7nWt6U8Xr8pT2sHSNBFN90d5SrLKjj/k8ZiZZjtj4OjluRl 7fCD17hIwJ8vK73rRP9ou1cNxKGC3dkDONAoIlcW17ik07/bTiyFGV/vNpLN6E0Q aCm6MhwBOpsCWCJqmQ3tyYsSwjVvfDR/xV6DjnNsor8bYNLnXRiA3Vnxt9R/GSnO 3dpFmhEclfoQBOh4IGW4/oiOxTM5/n9bd+OIctt5LRxNyNTp1ElQaaXBBFxzfpww /nAKF6/nBg== -----END CERTIFICATE-----Generated at Thu Mar 26 21:14:56 2026 by rpki-client