$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065887644090630145/1/A5B2B14D97513B6C0C82B1E540703EB912DFD229.mft File: A5B2B14D97513B6C0C82B1E540703EB912DFD229.mft (raw, json) Hash identifier: TU2ENZ4mCc1AhT9FRdAUgIl+cDn9wsBZR/I/6QMegLE= Subject key identifier: FF:2B:EC:F6:01:7E:05:D8:BE:A7:B7:B6:6D:AE:F9:E7:7D:88:C5:A2 Authority key identifier: A5:B2:B1:4D:97:51:3B:6C:0C:82:B1:E5:40:70:3E:B9:12:DF:D2:29 Certificate issuer: /CN=A5B2B14D97513B6C0C82B1E540703EB912DFD229 Certificate serial: 33085B10B42571F191FD0DAF8BCD3B2065BA8DD4 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/A5B2B14D97513B6C0C82B1E540703EB912DFD229.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065887644090630145/1/A5B2B14D97513B6C0C82B1E540703EB912DFD229.mft Manifest number: 5B Signing time: Thu 26 Mar 2026 19:43:28 +0000 Manifest this update: Thu 26 Mar 2026 19:38:28 +0000 Manifest next update: Fri 27 Mar 2026 22:15:28 +0000 Files and hashes: 1: 34372e3131322e302e302f31362d3234203d3e203337393633.roa (hash: 9TzYa3+Sl+tIX8tXSaj70/Us2wMIqXbVo3JClonsi1M=) 2: 34372e3131322e302e302f31352d3135203d3e203337393633.roa (hash: oc0h7t2xyM1D/ueNRTcOjQuhsadrMwiGPusBtoLIrSY=) 3: A5B2B14D97513B6C0C82B1E540703EB912DFD229.crl (hash: vhGvVbrh0WT2Vb0GzlNYntpWc0jSX36vnJ5uyjbmNxo=) 4: 34372e3131332e302e302f31362d3234203d3e203337393633.roa (hash: Sc9B64EYbOlhHpRQn2hDIXOE8wTsYGOAnrQ1OGOsB2U=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065887644090630145/1/A5B2B14D97513B6C0C82B1E540703EB912DFD229.crl rsync://rpki-rps.cnnic.cn/repo/A1065887644090630145/1/A5B2B14D97513B6C0C82B1E540703EB912DFD229.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/A5B2B14D97513B6C0C82B1E540703EB912DFD229.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ywIUpcQE1vhAQzsSDKy7W4xZ5hM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 22:15:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:08:5b:10:b4:25:71:f1:91:fd:0d:af:8b:cd:3b:20:65:ba:8d:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A5B2B14D97513B6C0C82B1E540703EB912DFD229 Validity Not Before: Mar 26 19:38:28 2026 GMT Not After : Mar 27 22:15:28 2026 GMT Subject: CN=FF2BECF6017E05D8BEA7B7B66DAEF9E77D88C5A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2c:5a:15:91:db:43:e1:a4:02:5a:7e:ca:0b: fb:88:c4:3e:68:ad:0f:91:e2:01:fa:49:9f:60:5e: e5:56:af:57:e9:49:44:44:63:31:7e:1c:72:c3:54: 91:85:fc:e1:21:26:f0:c7:c7:8e:5e:8d:87:50:e4: 37:7b:af:1e:0e:e8:7b:74:88:ea:8e:16:1e:b0:5b: 05:9d:59:a2:fc:a2:b4:c7:7e:e6:e1:13:c5:d8:65: 81:60:99:b1:cc:de:55:02:54:bc:61:40:ab:78:0c: 3e:5c:dc:6b:f3:6c:c0:94:83:ad:e7:46:38:be:cc: 7f:c5:f4:f8:90:65:d8:32:6f:07:40:29:15:89:ff: 94:ec:68:3d:0c:ec:41:f1:df:64:1d:27:96:ce:41: 61:cc:c6:84:76:14:30:10:14:4b:b5:e4:83:16:1e: 45:ec:3c:a1:ca:b1:64:38:69:6a:e5:62:08:f9:b4: 4a:cc:9b:aa:ed:69:31:17:af:f1:79:d1:0a:71:dc: a8:c9:5f:15:38:33:c6:c3:53:19:1e:c5:0d:96:b3: 6d:64:1d:84:e1:84:fe:ed:43:f6:b6:e4:62:63:bb: 37:d1:47:40:8f:ab:fa:f4:0a:9f:ff:db:a2:11:c2: d9:2d:03:42:b1:ed:e1:29:c9:2c:bf:8b:94:8c:b7: e0:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:2B:EC:F6:01:7E:05:D8:BE:A7:B7:B6:6D:AE:F9:E7:7D:88:C5:A2 X509v3 Authority Key Identifier: keyid:A5:B2:B1:4D:97:51:3B:6C:0C:82:B1:E5:40:70:3E:B9:12:DF:D2:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065887644090630145/1/A5B2B14D97513B6C0C82B1E540703EB912DFD229.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/A5B2B14D97513B6C0C82B1E540703EB912DFD229.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065887644090630145/1/A5B2B14D97513B6C0C82B1E540703EB912DFD229.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:af:1f:e4:bf:bf:9e:32:68:2f:84:b5:41:f0:8c:5e:09:42: 6e:05:66:eb:c0:f8:ee:fb:75:43:ed:58:ba:36:ff:6c:84:1b: c9:7b:2d:cc:f2:15:56:48:dd:35:ac:10:db:27:5d:fe:64:01: a8:31:5d:88:33:31:1d:4a:f6:46:9c:96:34:0d:e8:06:68:3f: 22:43:18:8c:32:b7:4b:e2:71:b0:15:d8:97:29:33:3f:3c:66: f1:e2:9f:31:5d:31:e2:03:4a:8d:99:8e:2a:d9:f6:12:78:3a: ec:31:bb:57:e4:c6:c8:5a:d5:b3:14:75:e1:60:7a:b2:bc:c2: 64:c5:c2:0c:56:70:46:c9:99:9a:01:89:47:6f:ae:90:22:f1: 3f:77:ef:67:df:4d:b0:a6:bb:ba:9a:a8:2e:17:83:71:f6:73: 99:f4:1e:52:e3:d9:e6:07:2c:78:f8:b1:c7:0f:cb:41:be:d2: ce:d4:18:76:1e:33:5b:5d:0e:b0:89:52:fb:37:f4:b9:cf:87: 49:92:a4:fb:75:1d:d2:e4:6e:7d:40:a9:e3:c9:04:19:bd:c0: 61:7f:31:b2:dc:3d:47:d1:4b:ca:e8:06:f3:ac:8a:62:b9:25: cf:d6:51:3f:26:57:6e:8a:75:07:0a:22:16:3a:98:26:58:b9: 91:30:61:18 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUMwhbELQlcfGR/Q2vi807IGW6jdQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTVCMkIxNEQ5NzUxM0I2QzBDODJCMUU1NDA3MDNFQjkx MkRGRDIyOTAeFw0yNjAzMjYxOTM4MjhaFw0yNjAzMjcyMjE1MjhaMDMxMTAvBgNV BAMTKEZGMkJFQ0Y2MDE3RTA1RDhCRUE3QjdCNjZEQUVGOUU3N0Q4OEM1QTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8LFoVkdtD4aQCWn7KC/uIxD5o rQ+R4gH6SZ9gXuVWr1fpSUREYzF+HHLDVJGF/OEhJvDHx45ejYdQ5Dd7rx4O6Ht0 iOqOFh6wWwWdWaL8orTHfubhE8XYZYFgmbHM3lUCVLxhQKt4DD5c3GvzbMCUg63n Rji+zH/F9PiQZdgybwdAKRWJ/5TsaD0M7EHx32QdJ5bOQWHMxoR2FDAQFEu15IMW HkXsPKHKsWQ4aWrlYgj5tErMm6rtaTEXr/F50Qpx3KjJXxU4M8bDUxkexQ2Ws21k HYThhP7tQ/a25GJjuzfRR0CPq/r0Cp//26IRwtktA0Kx7eEpySy/i5SMt+BBAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU/yvs9gF+Bdi+p7e2ba75532IxaIwHwYDVR0j BBgwFoAUpbKxTZdRO2wMgrHlQHA+uRLf0ikwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTg4NzY0NDA5MDYzMDE0NS8xL0E1QjJCMTREOTc1MTNCNkMwQzgyQjFFNTQwNzAz RUI5MTJERkQyMjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzAvQTVCMkIxNEQ5NzUxM0I2QzBDODJCMUU1NDA3MDNFQjkxMkRGRDIyOS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU4ODc2NDQwOTA2MzAxNDUvMS9BNUIyQjE0RDk3NTEz QjZDMEM4MkIxRTU0MDcwM0VCOTEyREZEMjI5Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApK8f5L+/njJo L4S1QfCMXglCbgVm68D47vt1Q+1Yujb/bIQbyXstzPIVVkjdNawQ2ydd/mQBqDFd iDMxHUr2RpyWNA3oBmg/IkMYjDK3S+JxsBXYlykzPzxm8eKfMV0x4gNKjZmOKtn2 Eng67DG7V+TGyFrVsxR14WB6srzCZMXCDFZwRsmZmgGJR2+ukCLxP3fvZ99NsKa7 upqoLheDcfZzmfQeUuPZ5gcsePixxw/LQb7SztQYdh4zW10OsIlS+zf0uc+HSZKk +3Ud0uRufUCp48kEGb3AYX8xstw9R9FLyugG86yKYrklz9ZRPyZXbop1BwoiFjqY Jli5kTBhGA== -----END CERTIFICATE-----Generated at Thu Mar 26 23:47:45 2026 by rpki-client