$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft File: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft (raw, json) Hash identifier: STGQazxO0HJW13OzJx/GQs7slObE3152IwFc371qdl4= Subject key identifier: 1D:E6:30:EF:CB:DA:65:E2:D4:F7:F9:75:C6:C0:B0:A2:F6:C4:AD:87 Authority key identifier: 8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 Certificate issuer: /CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Certificate serial: 5755E5F3981D64DF9137776274EAD77AEA0CCA8B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft Manifest number: 99 Signing time: Wed 13 May 2026 12:46:04 +0000 Manifest this update: Wed 13 May 2026 12:41:04 +0000 Manifest next update: Thu 14 May 2026 13:49:04 +0000 Files and hashes: 1: 34352e3131352e31382e302f32332d3234203d3e20313531323330.roa (hash: KFwVFV9XIdASmiH55Vrp/a+LAUtb9TpqJV9SvrwxSRc=) 2: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl (hash: izn1zcu0+QCsFGFrWdy/LKSkO/9TT1nwNquksMybNKw=) 3: 323430323a323065303a3a2f33322d3438203d3e20313531323330.roa (hash: QWUb0DzubEfKqwW//PTcn/ZJK/ak3Shs1IT7p6JBGPc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 11:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:55:e5:f3:98:1d:64:df:91:37:77:62:74:ea:d7:7a:ea:0c:ca:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Validity Not Before: May 13 12:41:04 2026 GMT Not After : May 14 13:49:04 2026 GMT Subject: CN=1DE630EFCBDA65E2D4F7F975C6C0B0A2F6C4AD87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:f0:18:14:bb:94:f6:f4:6a:d4:6e:6f:1c:8e: c3:00:d6:b9:6d:bb:20:4e:14:0d:d5:c9:db:0b:7a: 74:2a:0c:bb:98:62:29:72:38:32:22:84:43:59:cc: c4:75:fd:dc:44:3f:9a:cb:6a:7d:14:3c:21:b1:0e: 3a:86:12:60:4a:ff:a3:f0:6e:be:9f:15:98:56:30: f1:89:4c:3d:e5:fb:bf:ad:79:e9:30:e2:3c:bd:a1: 2a:7a:b9:0b:ed:1b:ec:b0:80:0e:4d:9f:33:df:6b: a4:18:ff:78:84:66:47:3f:fb:7d:c4:b9:bb:bd:f1: 9a:d6:98:f6:bd:0d:39:89:7f:67:89:fd:f0:d9:9b: 46:31:42:e0:75:c3:f8:9d:4f:cc:b9:4b:e5:7c:5b: 60:fa:c8:a6:dc:11:84:74:35:84:b6:3d:e7:2d:1b: 55:a2:5c:1d:09:03:e5:9a:da:2c:81:b6:7f:fa:1c: 00:d4:fc:c8:5a:80:d2:24:f5:1d:e5:c7:07:64:8d: cf:db:44:22:bc:6e:7e:d2:e6:d3:a2:d9:b5:7f:fc: 5f:2d:72:b6:bb:e0:5c:f6:79:99:c2:4d:f4:dd:fc: da:b4:12:20:fb:e3:d6:f5:08:b6:b6:64:73:ca:b0: a2:86:a2:63:4a:34:0a:8f:77:65:7b:45:85:c9:44: dd:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:E6:30:EF:CB:DA:65:E2:D4:F7:F9:75:C6:C0:B0:A2:F6:C4:AD:87 X509v3 Authority Key Identifier: keyid:8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:be:ee:fb:ce:5c:d5:aa:b8:0e:5c:8a:2f:b5:a5:f7:c6:4e: 8b:c4:3e:e7:a8:0d:b7:72:33:1b:ba:27:93:a2:00:2a:f7:8c: 73:21:1b:3d:b3:c6:c5:c8:e4:64:c6:50:e8:7d:e6:4d:83:4d: f6:d7:b4:3a:96:e2:50:09:5f:9e:31:d1:df:07:a7:27:ec:d7: 72:18:97:7f:2b:f4:e5:79:b5:55:d1:0f:34:0f:01:dc:e4:29: b4:e3:de:2e:5d:10:44:48:29:6a:33:93:9d:03:ff:b5:a9:89: 24:92:ad:b7:5a:75:53:2e:1e:a0:1a:06:2b:46:16:df:92:27: 78:34:02:fa:1d:c9:d2:bb:0d:12:b1:ac:7e:7f:da:a7:0d:23: 08:ac:97:a5:6f:6f:2e:7f:1e:bf:4d:b7:f0:a3:4d:6e:ac:cb: 81:cc:9e:8b:4a:8f:13:24:a0:a5:89:2a:4d:02:e0:4d:4b:2c: bb:0a:36:08:fe:04:3d:2a:b3:60:7b:84:83:3f:a1:e2:c5:ae: 5b:cd:14:59:3b:ad:11:95:5e:a8:ff:83:06:e1:44:b6:18:93: 3d:f2:8b:0a:dd:ec:8d:98:0f:68:43:d8:8d:e2:4c:0e:f7:67: 3b:ae:64:5a:22:69:63:b3:23:b2:44:eb:8f:61:f8:f9:f1:9b: 73:90:29:c7 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUV1Xl85gdZN+RN3didOrXeuoMyoswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0 NDVEQzNBMTAeFw0yNjA1MTMxMjQxMDRaFw0yNjA1MTQxMzQ5MDRaMDMxMTAvBgNV BAMTKDFERTYzMEVGQ0JEQTY1RTJENEY3Rjk3NUM2QzBCMEEyRjZDNEFEODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa8BgUu5T29GrUbm8cjsMA1rlt uyBOFA3VydsLenQqDLuYYilyODIihENZzMR1/dxEP5rLan0UPCGxDjqGEmBK/6Pw br6fFZhWMPGJTD3l+7+teekw4jy9oSp6uQvtG+ywgA5NnzPfa6QY/3iEZkc/+33E ubu98ZrWmPa9DTmJf2eJ/fDZm0YxQuB1w/idT8y5S+V8W2D6yKbcEYR0NYS2Pect G1WiXB0JA+Wa2iyBtn/6HADU/MhagNIk9R3lxwdkjc/bRCK8bn7S5tOi2bV//F8t cra74Fz2eZnCTfTd/Nq0EiD749b1CLa2ZHPKsKKGomNKNAqPd2V7RYXJRN07AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUHeYw78vaZeLU9/l1xsCwovbErYcwHwYDVR0j BBgwFoAUjUBr7EUssHTWMKvb1idbxURdw6EwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzcxNzI1MS8wLzhENDA2QkVDNDUyQ0IwNzRENjMwQUJEQkQ2Mjc1 QkM1NDQ1REMzQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0NDVEQzNBMS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc3MTcyNTEvMC84RDQwNkJFQzQ1MkNC MDc0RDYzMEFCREJENjI3NUJDNTQ0NURDM0ExLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcL7u+85c1aq4 DlyKL7Wl98ZOi8Q+56gNt3IzG7onk6IAKveMcyEbPbPGxcjkZMZQ6H3mTYNN9te0 OpbiUAlfnjHR3wenJ+zXchiXfyv05Xm1VdEPNA8B3OQptOPeLl0QREgpajOTnQP/ tamJJJKtt1p1Uy4eoBoGK0YW35IneDQC+h3J0rsNErGsfn/apw0jCKyXpW9vLn8e v0238KNNbqzLgcyei0qPEySgpYkqTQLgTUssuwo2CP4EPSqzYHuEgz+h4sWuW80U WTutEZVeqP+DBuFEthiTPfKLCt3sjZgPaEPYjeJMDvdnO65kWiJpY7MjskTrj2H4 +fGbc5Apxw== -----END CERTIFICATE-----Generated at Wed May 13 21:35:37 2026 by rpki-client