$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft File: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft (raw, json) Hash identifier: V7wD8fKYAt5q10e+wbUe1AMhP+P6KipeqRTtl10KK0Y= Subject key identifier: 33:86:73:92:18:D3:5C:CF:99:B9:C5:66:83:01:71:5A:47:BC:2C:45 Authority key identifier: 8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 Certificate issuer: /CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Certificate serial: 6573C7EC770D86C7F9323026C63AFAC3B71E5823 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft Manifest number: 59 Signing time: Thu 26 Mar 2026 11:08:28 +0000 Manifest this update: Thu 26 Mar 2026 11:03:28 +0000 Manifest next update: Fri 27 Mar 2026 14:33:28 +0000 Files and hashes: 1: 323430323a323065303a3a2f33322d3438203d3e20313531323330.roa (hash: QWUb0DzubEfKqwW//PTcn/ZJK/ak3Shs1IT7p6JBGPc=) 2: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl (hash: TfPuN6hvgshQNH9+by+EzZeWIU93VKmIjc5kvxH9Sj4=) 3: 34352e3131352e31382e302f32332d3234203d3e20313531323330.roa (hash: KFwVFV9XIdASmiH55Vrp/a+LAUtb9TpqJV9SvrwxSRc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 14:33:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:73:c7:ec:77:0d:86:c7:f9:32:30:26:c6:3a:fa:c3:b7:1e:58:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Validity Not Before: Mar 26 11:03:28 2026 GMT Not After : Mar 27 14:33:28 2026 GMT Subject: CN=3386739218D35CCF99B9C5668301715A47BC2C45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d8:40:a4:d7:b6:de:ca:49:25:aa:f5:f9:b5: 77:8e:06:c8:4f:77:20:9f:7c:dd:52:18:83:b9:e2: 5d:1f:57:60:06:cb:eb:44:88:2a:28:74:4f:37:0a: f7:35:05:ff:ea:18:33:68:05:43:3b:d7:ff:2c:ae: 45:4b:69:75:ea:b9:11:b5:6a:fb:c8:07:bf:e3:be: 92:1e:17:ba:00:45:a4:a4:b3:3b:a1:18:a8:7f:3b: 18:f4:1f:8c:12:d4:f9:46:d9:81:ac:ec:a1:17:7a: ab:18:68:15:50:3c:07:26:01:cb:73:7b:e0:ff:89: 53:99:7d:7e:be:49:fa:0a:7b:9b:f7:88:ef:ab:e2: 15:89:83:73:cb:05:cf:a5:6c:8e:e7:9e:fd:16:23: c5:08:f2:b9:82:fa:02:06:85:2a:c1:83:b7:e4:0b: 47:7e:62:c0:2a:38:1f:ab:3b:6d:b0:cb:84:c3:bc: 91:fa:82:fa:89:f1:99:99:f7:f6:0e:75:09:f0:cf: 42:36:27:8d:cf:74:9c:2f:e1:f3:79:4b:a8:af:9c: e2:2e:9e:23:6d:92:fd:39:72:e1:b0:55:05:e9:f0: c9:cc:4c:f8:a5:b1:fa:00:12:04:9a:a7:82:42:31: 30:cf:83:9e:e0:1a:4e:cc:85:fb:11:cd:e3:5f:9e: 0e:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:86:73:92:18:D3:5C:CF:99:B9:C5:66:83:01:71:5A:47:BC:2C:45 X509v3 Authority Key Identifier: keyid:8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:58:ae:07:37:e7:d1:12:f7:23:d0:fc:7c:b8:8f:6f:54:f9: 7a:41:be:fa:e1:9e:51:33:31:07:b6:a9:f8:e5:86:5f:5b:ce: c2:77:5f:47:bd:f3:e0:6b:f5:26:7f:d8:71:c9:a3:c0:6b:14: a3:63:79:33:49:8b:01:14:46:e8:94:de:55:be:c3:26:04:3d: a4:c2:ae:0d:23:6b:2b:d8:9a:8c:2a:2d:a5:ed:49:1e:ef:ec: 06:70:61:f3:94:df:d3:dc:6a:53:5f:b7:e2:f9:0d:4a:05:fb: c0:17:b6:1a:c9:5a:05:f6:4e:b0:22:72:47:c8:ae:12:5a:5b: c2:18:ef:0e:8d:1f:ff:64:d6:98:85:1b:ed:49:23:80:15:72: 50:88:96:82:a4:88:d5:46:3b:46:3e:c2:ab:fc:8c:6c:36:0a: 7d:ac:1c:d2:59:57:f5:cd:de:aa:49:c3:c0:8a:e0:86:28:67: f3:69:9b:05:9a:b1:fb:bd:fc:57:05:dd:c1:9b:12:2c:f8:6b: 48:b9:45:0a:4b:56:1a:cf:48:e8:6a:e8:f6:69:e1:e0:81:73: d8:ac:96:99:83:d3:ce:4c:5b:7f:5c:41:7c:a4:93:a1:c8:f5: 71:b9:21:16:60:85:fb:bb:32:3f:6c:ce:67:7b:a3:89:a0:59: 45:0c:fe:f0 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUZXPH7HcNhsf5MjAmxjr6w7ceWCMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0 NDVEQzNBMTAeFw0yNjAzMjYxMTAzMjhaFw0yNjAzMjcxNDMzMjhaMDMxMTAvBgNV BAMTKDMzODY3MzkyMThEMzVDQ0Y5OUI5QzU2NjgzMDE3MTVBNDdCQzJDNDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR2ECk17beykklqvX5tXeOBshP dyCffN1SGIO54l0fV2AGy+tEiCoodE83Cvc1Bf/qGDNoBUM71/8srkVLaXXquRG1 avvIB7/jvpIeF7oARaSkszuhGKh/Oxj0H4wS1PlG2YGs7KEXeqsYaBVQPAcmActz e+D/iVOZfX6+SfoKe5v3iO+r4hWJg3PLBc+lbI7nnv0WI8UI8rmC+gIGhSrBg7fk C0d+YsAqOB+rO22wy4TDvJH6gvqJ8ZmZ9/YOdQnwz0I2J43PdJwv4fN5S6ivnOIu niNtkv05cuGwVQXp8MnMTPilsfoAEgSap4JCMTDPg57gGk7MhfsRzeNfng4JAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUM4ZzkhjTXM+ZucVmgwFxWke8LEUwHwYDVR0j BBgwFoAUjUBr7EUssHTWMKvb1idbxURdw6EwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzcxNzI1MS8wLzhENDA2QkVDNDUyQ0IwNzRENjMwQUJEQkQ2Mjc1 QkM1NDQ1REMzQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0NDVEQzNBMS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc3MTcyNTEvMC84RDQwNkJFQzQ1MkNC MDc0RDYzMEFCREJENjI3NUJDNTQ0NURDM0ExLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq1iuBzfn0RL3 I9D8fLiPb1T5ekG++uGeUTMxB7ap+OWGX1vOwndfR73z4Gv1Jn/YccmjwGsUo2N5 M0mLARRG6JTeVb7DJgQ9pMKuDSNrK9iajCotpe1JHu/sBnBh85Tf09xqU1+34vkN SgX7wBe2GslaBfZOsCJyR8iuElpbwhjvDo0f/2TWmIUb7UkjgBVyUIiWgqSI1UY7 Rj7Cq/yMbDYKfawc0llX9c3eqknDwIrghihn82mbBZqx+738VwXdwZsSLPhrSLlF CktWGs9I6Gro9mnh4IFz2KyWmYPTzkxbf1xBfKSTocj1cbkhFmCF+7syP2zOZ3uj iaBZRQz+8A== -----END CERTIFICATE-----Generated at Fri Mar 27 06:21:07 2026 by rpki-client