$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft File: 289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft (raw, json) Hash identifier: twqze3ivccEbGhmh7euyAlQBJxS2d6HLrtlkRoPrSPE= Subject key identifier: 91:F5:64:BF:99:D4:9E:E5:7E:93:40:DC:43:F3:F2:F1:B0:6C:4A:4C Authority key identifier: 28:92:51:F0:DC:A3:FF:6A:CE:10:1E:46:9C:CB:4C:90:6C:B6:0D:6E Certificate issuer: /CN=289251F0DCA3FF6ACE101E469CCB4C906CB60D6E Certificate serial: 2DD60E5826B410EFBCBE45BE2D80F41F632D5F07 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft Manifest number: 25 Signing time: Wed 13 May 2026 09:51:03 +0000 Manifest this update: Wed 13 May 2026 09:46:03 +0000 Manifest next update: Thu 14 May 2026 10:14:03 +0000 Files and hashes: 1: 289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.crl (hash: PVFISAMdtdvVaD2KU/o6p3z7upQw3gIU7guR6sKtXAs=) 2: 3230322e3133362e37322e302f32332d3233203d3e2034383437.roa (hash: 0UAAnHGmhpgwD4Y3MO/hfVMnkyeKLb0Kzm5dHFM3DRY=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.crl rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 10:14:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:d6:0e:58:26:b4:10:ef:bc:be:45:be:2d:80:f4:1f:63:2d:5f:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=289251F0DCA3FF6ACE101E469CCB4C906CB60D6E Validity Not Before: May 13 09:46:03 2026 GMT Not After : May 14 10:14:03 2026 GMT Subject: CN=91F564BF99D49EE57E9340DC43F3F2F1B06C4A4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:3b:d2:bf:07:e8:b2:1a:d6:82:37:e7:71:16: ef:a9:8d:e7:ab:83:bc:27:92:09:70:a5:0b:da:de: bd:78:a2:b6:a3:8c:2d:d4:01:97:b2:06:b7:0e:e1: 44:6a:03:98:3f:52:60:b0:56:0a:b1:c7:2f:f7:11: 43:04:4a:6e:b5:06:e6:1e:56:21:a3:8f:90:33:05: f0:46:e2:47:e0:22:e9:e4:47:7a:e4:bb:ba:8b:2b: 05:26:94:93:85:21:c4:8d:1e:0e:3b:5f:71:16:a7: fb:cd:64:cb:0a:55:0f:a1:2f:33:c8:be:9f:3d:0d: 13:4d:df:b8:91:67:87:60:73:1f:80:69:db:64:fd: d1:5f:4c:ad:9f:e5:64:de:84:a3:2a:93:34:1b:cf: db:93:67:51:4c:b0:90:f6:a8:aa:47:f0:1a:55:f2: 5e:0f:be:48:e8:72:3b:e1:b4:1d:98:9e:a5:bd:ed: 0a:e7:ed:59:91:55:ce:9c:58:ff:74:4d:1d:03:37: 8a:38:cd:fe:b0:18:e7:ec:cf:ed:63:6d:94:60:f2: 4b:aa:61:d3:fa:6f:35:c6:21:4f:b8:e8:50:e6:6f: cc:67:e9:bc:61:be:e5:e2:2c:9b:e0:55:24:71:80: 80:54:c0:ca:e9:af:bb:ed:70:a0:52:08:12:37:fa: c4:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F5:64:BF:99:D4:9E:E5:7E:93:40:DC:43:F3:F2:F1:B0:6C:4A:4C X509v3 Authority Key Identifier: keyid:28:92:51:F0:DC:A3:FF:6A:CE:10:1E:46:9C:CB:4C:90:6C:B6:0D:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:5a:d8:d3:43:af:3c:f3:17:68:9f:8f:9f:3d:f3:e5:83:fc: 12:2c:d7:bd:f8:1f:9f:e6:cf:85:d3:e1:a0:9c:d6:f5:4d:62: c5:b4:c8:70:b3:cf:b4:db:5d:37:5a:61:3f:d3:58:f2:c7:ed: 0e:87:cf:09:9c:a2:b0:ca:af:69:b6:82:b9:0e:fa:2a:28:19: 42:d6:73:50:48:76:74:cb:7b:f2:be:01:54:70:c3:5a:2f:3b: c7:b7:b2:48:d9:b5:31:0a:12:29:6a:48:cd:25:db:c2:38:2d: 97:60:29:01:ee:5a:84:ac:cc:46:8d:32:2a:75:54:48:88:bb: 44:1f:ee:9a:2c:d5:4b:22:1a:0c:c0:29:ba:d1:1e:71:51:52: 5e:93:b0:69:e2:57:79:4d:6e:3f:c5:35:83:26:40:8e:bd:94: 12:93:4b:23:63:8c:87:cd:77:2f:5d:77:68:5e:3e:da:ef:00: 59:a4:33:28:f4:e4:12:2e:55:34:fb:09:b7:28:b6:d4:43:80: d3:be:4c:45:bf:e6:ed:13:b3:42:64:d6:c3:2d:81:04:6c:d4: a3:4e:ae:2f:bb:eb:e0:21:c6:f4:f1:c5:95:37:f6:dc:85:7e: 58:8d:db:14:12:e5:b0:f8:b5:ff:59:ea:ac:20:b7:2b:af:1a: f1:98:50:5a -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIULdYOWCa0EO+8vkW+LYD0H2MtXwcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg5MjUxRjBEQ0EzRkY2QUNFMTAxRTQ2OUNDQjRDOTA2 Q0I2MEQ2RTAeFw0yNjA1MTMwOTQ2MDNaFw0yNjA1MTQxMDE0MDNaMDMxMTAvBgNV BAMTKDkxRjU2NEJGOTlENDlFRTU3RTkzNDBEQzQzRjNGMkYxQjA2QzRBNEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSO9K/B+iyGtaCN+dxFu+pjeer g7wnkglwpQva3r14orajjC3UAZeyBrcO4URqA5g/UmCwVgqxxy/3EUMESm61BuYe ViGjj5AzBfBG4kfgIunkR3rku7qLKwUmlJOFIcSNHg47X3EWp/vNZMsKVQ+hLzPI vp89DRNN37iRZ4dgcx+Aadtk/dFfTK2f5WTehKMqkzQbz9uTZ1FMsJD2qKpH8BpV 8l4PvkjocjvhtB2YnqW97Qrn7VmRVc6cWP90TR0DN4o4zf6wGOfsz+1jbZRg8kuq YdP6bzXGIU+46FDmb8xn6bxhvuXiLJvgVSRxgIBUwMrpr7vtcKBSCBI3+sTZAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUkfVkv5nUnuV+k0DcQ/Py8bBsSkwwHwYDVR0j BBgwFoAUKJJR8Nyj/2rOEB5GnMtMkGy2DW4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NzMyODkxNzc4MzUxMTA0Mi8wLzI4OTI1MUYwRENBM0ZGNkFDRTEwMUU0NjlDQ0I0 QzkwNkNCNjBENkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMjg5MjUxRjBEQ0EzRkY2QUNFMTAxRTQ2OUNDQjRDOTA2Q0I2MEQ2RS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTczMjg5MTc3ODM1MTEwNDIvMC8yODkyNTFGMERDQTNG RjZBQ0UxMDFFNDY5Q0NCNEM5MDZDQjYwRDZFLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjVrY00OvPPMX aJ+Pnz3z5YP8EizXvfgfn+bPhdPhoJzW9U1ixbTIcLPPtNtdN1phP9NY8sftDofP CZyisMqvabaCuQ76KigZQtZzUEh2dMt78r4BVHDDWi87x7eySNm1MQoSKWpIzSXb wjgtl2ApAe5ahKzMRo0yKnVUSIi7RB/umizVSyIaDMAputEecVFSXpOwaeJXeU1u P8U1gyZAjr2UEpNLI2OMh813L113aF4+2u8AWaQzKPTkEi5VNPsJtyi21EOA075M Rb/m7ROzQmTWwy2BBGzUo06uL7vr4CHG9PHFlTf23IV+WI3bFBLlsPi1/1nqrCC3 K68a8ZhQWg== -----END CERTIFICATE-----Generated at Wed May 13 16:15:04 2026 by rpki-client