$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft File: 8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft (raw, json) Hash identifier: VSTRaN0PPRsZGkQ2o7bFPVFoxNWdGhTFctflIbzoIeI= Subject key identifier: 3A:2B:10:1E:0C:AA:0D:20:A7:78:26:91:2C:52:26:A3:6A:60:DC:D9 Authority key identifier: 8B:D8:35:B2:E2:15:D6:86:F2:4F:B3:1A:8A:EC:EE:E4:4F:BD:BD:C8 Certificate issuer: /CN=8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8 Certificate serial: 4FB51DFCBAE0E41B32DF7BFE081CEFBE8FD6496C Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft Manifest number: 59 Signing time: Thu 26 Mar 2026 12:48:28 +0000 Manifest this update: Thu 26 Mar 2026 12:43:28 +0000 Manifest next update: Fri 27 Mar 2026 16:18:28 +0000 Files and hashes: 1: 3136312e3234382e38342e302f32332d3234203d3e20323134343332.roa (hash: mlTgfa8G8bpPl2rXhrQPOT+Ph5gV0rocuvelVPbWKdk=) 2: 8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.crl (hash: 55H9w1M3hPKC4voApuQQjKwPLJVaraDKc48Qko60GbE=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ywIUpcQE1vhAQzsSDKy7W4xZ5hM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 04:45:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:b5:1d:fc:ba:e0:e4:1b:32:df:7b:fe:08:1c:ef:be:8f:d6:49:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8 Validity Not Before: Mar 26 12:43:28 2026 GMT Not After : Mar 27 16:18:28 2026 GMT Subject: CN=3A2B101E0CAA0D20A77826912C5226A36A60DCD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:95:3c:84:8b:a7:ad:44:b0:95:fe:d6:ee:18: 14:51:f4:41:a5:70:60:6b:11:79:c8:8a:3e:e2:49: 2c:b0:46:5a:ef:0d:fa:ee:41:c4:a1:eb:78:dd:8c: f1:81:e0:02:bf:f2:5b:2b:73:18:fb:01:0e:7b:90: 2d:1a:12:6d:75:e3:f6:a1:f2:4a:71:2a:66:08:c7: 47:6f:b5:bb:a5:82:70:65:fc:e1:3d:d2:06:ed:9f: bc:e8:8a:42:be:cb:3e:d6:2b:69:40:f2:09:31:ac: 39:6c:72:29:17:d5:c2:8e:5a:68:86:a1:e7:d9:02: cc:5b:ac:b8:b7:71:b3:d2:ca:b2:bb:97:32:7b:30: c1:2b:25:72:f9:47:f6:b0:e7:ad:f5:71:a0:4a:0b: ef:91:b6:61:84:46:08:a2:16:f3:ed:ce:f0:a0:ab: 51:05:68:c0:29:f6:dd:88:21:43:77:61:5b:59:77: 98:f5:19:47:6d:dd:c7:9c:41:34:75:89:14:2b:25: b3:8c:16:b9:9e:0d:ff:4e:60:c8:46:35:5a:c2:87: 6c:05:7c:0a:ee:a6:e9:7c:41:82:be:2e:79:38:44: 2f:26:60:8a:25:10:25:1e:15:15:6e:9b:26:b4:79: 16:fa:64:d2:3f:a9:7a:35:0c:7c:82:fe:9e:d7:05: 1a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:2B:10:1E:0C:AA:0D:20:A7:78:26:91:2C:52:26:A3:6A:60:DC:D9 X509v3 Authority Key Identifier: keyid:8B:D8:35:B2:E2:15:D6:86:F2:4F:B3:1A:8A:EC:EE:E4:4F:BD:BD:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:46:69:88:21:ce:4b:3c:3f:33:d6:2f:35:41:ed:20:1d:9e: bc:fa:db:71:5c:f9:f1:f6:ef:bb:fb:b9:56:6c:4f:1b:a4:d5: 40:b8:6b:13:1b:7a:8f:ed:86:26:7b:15:ab:e5:62:72:3b:46: b7:16:a8:33:a9:54:f2:c7:4a:f2:84:f5:29:75:13:c5:4d:96: 57:c9:8f:1c:a0:2e:10:c7:8a:c9:66:45:d6:29:1d:fb:2d:c2: a5:1c:72:61:b8:e3:dc:9f:57:7b:be:40:4f:a5:4d:37:fa:de: 7c:31:79:1e:5b:fc:b0:60:c4:8e:ec:36:72:78:9e:fe:2c:7f: f1:c4:9e:94:1f:0f:9d:85:8b:d6:67:e6:d7:62:e9:0e:af:cd: da:9f:ae:b0:8b:c5:c2:af:04:44:65:eb:b3:4a:49:00:6e:ee: 43:d9:88:22:9f:35:e7:6e:2c:85:cd:68:6d:19:70:b5:f0:f6: 4d:ca:54:ec:0d:03:fb:6b:9b:39:3a:cc:8b:d9:61:ae:ef:19: 74:91:06:b6:9d:42:8c:eb:f2:1a:2f:98:11:dd:51:10:f3:1b: 42:66:d9:a7:1c:1c:8c:c9:d9:99:50:4e:59:c2:e0:32:7f:57: 83:03:13:22:e4:bc:bb:4a:d7:b9:18:3e:a0:64:5a:3a:26:7f: 7a:8b:b8:16 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUT7Ud/Lrg5Bsy33v+CBzvvo/WSWwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJEODM1QjJFMjE1RDY4NkYyNEZCMzFBOEFFQ0VFRTQ0 RkJEQkRDODAeFw0yNjAzMjYxMjQzMjhaFw0yNjAzMjcxNjE4MjhaMDMxMTAvBgNV BAMTKDNBMkIxMDFFMENBQTBEMjBBNzc4MjY5MTJDNTIyNkEzNkE2MERDRDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdlTyEi6etRLCV/tbuGBRR9EGl cGBrEXnIij7iSSywRlrvDfruQcSh63jdjPGB4AK/8lsrcxj7AQ57kC0aEm114/ah 8kpxKmYIx0dvtbulgnBl/OE90gbtn7zoikK+yz7WK2lA8gkxrDlscikX1cKOWmiG oefZAsxbrLi3cbPSyrK7lzJ7MMErJXL5R/aw5631caBKC++RtmGERgiiFvPtzvCg q1EFaMAp9t2IIUN3YVtZd5j1GUdt3cecQTR1iRQrJbOMFrmeDf9OYMhGNVrCh2wF fArupul8QYK+Lnk4RC8mYIolECUeFRVumya0eRb6ZNI/qXo1DHyC/p7XBRqxAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUOisQHgyqDSCneCaRLFImo2pg3NkwHwYDVR0j BBgwFoAUi9g1suIV1obyT7Maiuzu5E+9vcgwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzU4NjE3OS8xLzhCRDgzNUIyRTIxNUQ2ODZGMjRGQjMxQThBRUNF RUU0NEZCREJEQzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzAvOEJEODM1QjJFMjE1RDY4NkYyNEZCMzFBOEFFQ0VFRTQ0RkJEQkRDOC5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc1ODYxNzkvMS84QkQ4MzVCMkUyMTVE Njg2RjI0RkIzMUE4QUVDRUVFNDRGQkRCREM4Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgkZpiCHOSzw/ M9YvNUHtIB2evPrbcVz58fbvu/u5VmxPG6TVQLhrExt6j+2GJnsVq+VicjtGtxao M6lU8sdK8oT1KXUTxU2WV8mPHKAuEMeKyWZF1ikd+y3CpRxyYbjj3J9Xe75AT6VN N/refDF5Hlv8sGDEjuw2cnie/ix/8cSelB8PnYWL1mfm12LpDq/N2p+usIvFwq8E RGXrs0pJAG7uQ9mIIp81524shc1obRlwtfD2TcpU7A0D+2ubOTrMi9lhru8ZdJEG tp1CjOvyGi+YEd1REPMbQmbZpxwcjMnZmVBOWcLgMn9XgwMTIuS8u0rXuRg+oGRa OiZ/eou4Fg== -----END CERTIFICATE-----Generated at Thu Mar 26 18:01:19 2026 by rpki-client