$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft File: 528FB7389148F9961BE07564A1BCC28DE1440954.mft (raw, json) Hash identifier: t/KwqbjKCKkOCrrm23hgrM2CPf1N2/HtGDIkpC33Rlk= Subject key identifier: DE:32:3E:70:06:E0:8C:20:B2:F1:3F:1D:A0:51:51:3D:8A:50:68:51 Authority key identifier: 52:8F:B7:38:91:48:F9:96:1B:E0:75:64:A1:BC:C2:8D:E1:44:09:54 Certificate issuer: /CN=528FB7389148F9961BE07564A1BCC28DE1440954 Certificate serial: 1874B9848485A4428A24F7A23FA091679FB678C6 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/528FB7389148F9961BE07564A1BCC28DE1440954.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft Manifest number: 5A Signing time: Thu 26 Mar 2026 22:23:28 +0000 Manifest this update: Thu 26 Mar 2026 22:18:28 +0000 Manifest next update: Fri 27 Mar 2026 23:10:28 +0000 Files and hashes: 1: 3130332e3135322e3234372e302f32342d3234203d3e20313335333931.roa (hash: EcqA+WlWeIsBbUwVfChqaarTFSzboqSnaqEftxipkFg=) 2: 528FB7389148F9961BE07564A1BCC28DE1440954.crl (hash: cidaMcarl+vh/EN40WB4yZYmCrSisScRqylLdKxYHbo=) 3: 3130332e3135322e3234372e302f32342d3234203d3e20313532343735.roa (hash: phf4Dfqb5M3Ykxs2j+sNy+Y1lZxL1CrzZ7fuUfc1kQM=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.crl rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/528FB7389148F9961BE07564A1BCC28DE1440954.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 22:39:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:74:b9:84:84:85:a4:42:8a:24:f7:a2:3f:a0:91:67:9f:b6:78:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=528FB7389148F9961BE07564A1BCC28DE1440954 Validity Not Before: Mar 26 22:18:28 2026 GMT Not After : Mar 27 23:10:28 2026 GMT Subject: CN=DE323E7006E08C20B2F13F1DA051513D8A506851 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:07:cc:1c:39:2a:dd:ed:25:08:e5:16:b6:04: 6d:9e:3c:65:b3:9f:2a:c7:9b:87:39:91:86:0f:ac: 5a:da:8d:01:83:69:65:4c:24:b5:7f:19:78:39:32: 6d:bf:b0:7e:0a:22:47:67:48:3b:43:d9:f2:d7:4c: 90:85:5f:c5:0c:ce:e0:2f:1e:bb:00:7c:c4:4d:5e: 25:a9:45:83:47:08:92:91:bb:fc:ac:ba:16:14:b1: 66:dc:94:15:4e:26:b8:f0:70:41:1e:ec:fa:be:e9: f1:9d:7e:a2:8f:34:5d:67:ce:c1:4a:48:1d:00:8d: 39:08:7a:34:2e:4b:18:3c:a6:18:f5:8a:5a:73:af: 17:fc:e5:f0:44:42:97:4f:8d:be:63:a6:2a:c3:d0: d8:0e:4f:5c:0a:b3:42:c3:ec:32:fc:14:ef:4b:cd: 63:a0:7e:80:37:f4:ba:8a:fa:34:e1:3d:5e:28:43: db:cb:0d:d0:55:70:7e:a4:ea:c0:bd:d0:8d:5a:dd: 6d:f9:27:ca:c4:fb:d7:6d:b0:cf:bc:14:12:ff:05: df:1e:92:0d:fc:08:8b:65:a7:f1:1a:13:bd:88:67: 63:a3:1b:d3:d6:bd:f2:33:bf:60:55:f0:f2:c4:77: 3e:75:3c:cf:20:eb:6d:3b:7a:b2:dc:f3:0a:49:b6: cd:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:32:3E:70:06:E0:8C:20:B2:F1:3F:1D:A0:51:51:3D:8A:50:68:51 X509v3 Authority Key Identifier: keyid:52:8F:B7:38:91:48:F9:96:1B:E0:75:64:A1:BC:C2:8D:E1:44:09:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/528FB7389148F9961BE07564A1BCC28DE1440954.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:ad:00:f3:66:76:ed:ce:b4:9f:0b:70:2f:30:13:a7:9c:33: 0f:4f:c0:6f:48:9c:6a:ef:92:59:de:48:24:06:dc:46:9e:7f: 77:97:72:f7:ce:be:e5:b4:94:04:de:e6:f8:30:fc:d1:d7:c0: ce:9b:f5:8c:54:27:55:da:c3:e9:94:55:d1:ce:33:51:99:ee: e0:a0:88:7a:6f:d1:49:f6:78:73:3b:06:9a:16:91:9c:56:01: d6:bd:9f:26:74:19:80:61:f1:d2:06:18:36:3b:74:8f:f6:dd: 29:da:b8:79:d3:56:e7:71:47:e0:bf:17:18:a0:8f:f1:94:e1: f7:2a:4c:fa:ff:18:76:cc:a5:72:f1:15:9c:50:85:55:60:6d: 01:4b:06:f1:b4:a5:0d:f0:38:1b:1a:01:fb:7b:1f:83:12:e8: a0:bd:ad:d4:cf:07:37:7d:ad:d8:9e:97:fc:68:e6:c2:e5:c0: cb:6f:28:b7:bd:f1:d8:8f:92:ed:2c:7c:88:88:cf:c1:b2:06: 63:98:de:3a:72:a3:fe:14:59:b3:e7:58:5e:e8:ea:03:6d:64: ce:af:07:de:c2:51:fd:60:73:d8:92:48:52:e0:ee:ff:3b:24: 7f:ab:f7:1f:c4:60:c3:a9:24:52:ad:05:06:e3:30:a3:26:61: 68:23:04:9a -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUGHS5hISFpEKKJPeiP6CRZ5+2eMYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTI4RkI3Mzg5MTQ4Rjk5NjFCRTA3NTY0QTFCQ0MyOERF MTQ0MDk1NDAeFw0yNjAzMjYyMjE4MjhaFw0yNjAzMjcyMzEwMjhaMDMxMTAvBgNV BAMTKERFMzIzRTcwMDZFMDhDMjBCMkYxM0YxREEwNTE1MTNEOEE1MDY4NTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJB8wcOSrd7SUI5Ra2BG2ePGWz nyrHm4c5kYYPrFrajQGDaWVMJLV/GXg5Mm2/sH4KIkdnSDtD2fLXTJCFX8UMzuAv HrsAfMRNXiWpRYNHCJKRu/ysuhYUsWbclBVOJrjwcEEe7Pq+6fGdfqKPNF1nzsFK SB0AjTkIejQuSxg8phj1ilpzrxf85fBEQpdPjb5jpirD0NgOT1wKs0LD7DL8FO9L zWOgfoA39LqK+jThPV4oQ9vLDdBVcH6k6sC90I1a3W35J8rE+9dtsM+8FBL/Bd8e kg38CItlp/EaE72IZ2OjG9PWvfIzv2BV8PLEdz51PM8g6207erLc8wpJts3JAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU3jI+cAbgjCCy8T8doFFRPYpQaFEwHwYDVR0j BBgwFoAUUo+3OJFI+ZYb4HVkobzCjeFECVQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU5MTE5NTcyMTUzMTM5My8wLzUyOEZCNzM4OTE0OEY5OTYxQkUwNzU2NEExQkND MjhERTE0NDA5NTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNTI4RkI3Mzg5MTQ4Rjk5NjFCRTA3NTY0QTFCQ0MyOERFMTQ0MDk1NC5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1OTExOTU3MjE1MzEzOTMvMC81MjhGQjczODkxNDhG OTk2MUJFMDc1NjRBMUJDQzI4REUxNDQwOTU0Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuK0A82Z27c60 nwtwLzATp5wzD0/Ab0icau+SWd5IJAbcRp5/d5dy986+5bSUBN7m+DD80dfAzpv1 jFQnVdrD6ZRV0c4zUZnu4KCIem/RSfZ4czsGmhaRnFYB1r2fJnQZgGHx0gYYNjt0 j/bdKdq4edNW53FH4L8XGKCP8ZTh9ypM+v8YdsylcvEVnFCFVWBtAUsG8bSlDfA4 GxoB+3sfgxLooL2t1M8HN32t2J6X/GjmwuXAy28ot73x2I+S7Sx8iIjPwbIGY5je OnKj/hRZs+dYXujqA21kzq8H3sJR/WBz2JJIUuDu/zskf6v3H8Rgw6kkUq0FBuMw oyZhaCMEmg== -----END CERTIFICATE-----Generated at Fri Mar 27 02:01:07 2026 by rpki-client