$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.mft File: 32A1B9CA0B4E1D345EF37542407653C6E58EBC53.mft (raw, json) Hash identifier: oQEbrk2AkyRi/Nx6m1ya4kRaoyENjo4mbtMs05PaTQs= Subject key identifier: DA:98:33:8F:96:3E:0C:5A:F3:70:0B:06:74:B3:B9:16:DA:75:1A:4F Authority key identifier: 32:A1:B9:CA:0B:4E:1D:34:5E:F3:75:42:40:76:53:C6:E5:8E:BC:53 Certificate issuer: /CN=32A1B9CA0B4E1D345EF37542407653C6E58EBC53 Certificate serial: 1894722FBE63E689BF6278FD632B7C7E9741D6C1 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.mft Manifest number: 1C Signing time: Tue 12 May 2026 23:15:49 +0000 Manifest this update: Tue 12 May 2026 23:10:49 +0000 Manifest next update: Thu 14 May 2026 03:00:49 +0000 Files and hashes: 1: 3231312e3135342e3137362e302f32302d3230203d3e203538383334.roa (hash: OpGVfeYU7LEL5azDcsFR3vJFp24QCQ50RK10N7hSA1A=) 2: 3230322e34312e3135322e302f32322d3232203d3e203538383334.roa (hash: XaJzJb9eUd+kmvH/ZQyTu8LXtqPHpbXPuRyXM039t3E=) 3: 3230322e34312e3135322e302f32312d3231203d3e203137383136.roa (hash: 8TG6MQgO1lI3vkKTh0hsJ8yHBg2b506eCK0j3rcCfdM=) 4: 3231312e3135342e3137362e302f32312d3231203d3e203538383334.roa (hash: tEDyLaYRb0pvyhNQEaIWXhzDwecCkMS3qTgzbIUEgJE=) 5: 3230322e34312e3135362e302f32322d3232203d3e203538383334.roa (hash: T+pvuiks6kPGPp4EB9NR96xMgNADrbCbZHwEyEfSpGU=) 6: 32A1B9CA0B4E1D345EF37542407653C6E58EBC53.crl (hash: cgObSvbR+Nfzb087UsXv3KFJGPMl7kLhU4gGd86QXZ4=) 7: 3231312e3135342e3138342e302f32312d3231203d3e203538383334.roa (hash: y4mypuyrjE5FRM8LG/t2MR96fZhrvQ7pH4jlaPqJt30=) 8: 3231312e3135342e3137362e302f32302d3230203d3e203137383136.roa (hash: 9mhciqlhVNGj1pcFXF1OQGsR962WTBsnthesg/P07WQ=) 9: 3230322e34312e3135322e302f32312d3231203d3e203538383334.roa (hash: BNbF7LCHL9eJXgA/NHfhqhVICBytivhioqO9DDkr7Oc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.crl rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 03:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:94:72:2f:be:63:e6:89:bf:62:78:fd:63:2b:7c:7e:97:41:d6:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32A1B9CA0B4E1D345EF37542407653C6E58EBC53 Validity Not Before: May 12 23:10:49 2026 GMT Not After : May 14 03:00:49 2026 GMT Subject: CN=DA98338F963E0C5AF3700B0674B3B916DA751A4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:7d:a3:68:be:e4:25:16:93:91:62:a9:6b:7f: 6f:22:f4:bf:8f:ed:49:6f:77:eb:12:6e:ea:82:ce: 86:13:5d:d0:a9:67:90:b7:59:0c:8a:20:f9:da:33: 8d:53:a1:53:16:20:81:85:8a:bb:54:c6:c2:55:58: 56:13:78:f4:7c:82:fe:a0:6e:84:70:97:c2:c1:97: dc:fa:d1:6d:8e:2c:02:b4:f4:10:fd:8e:50:46:4f: 7b:b2:52:33:65:73:70:ef:7a:76:3f:35:02:c8:18: 6e:12:f5:fe:09:62:4e:38:54:e6:30:6e:0d:7d:68: b5:bc:59:79:b8:43:74:ec:be:fd:ac:b2:5d:1c:cb: 0b:b4:e2:c7:2d:a0:0e:56:ae:8f:94:d4:ba:43:25: f1:f1:42:a4:3d:29:0f:d2:cb:92:5f:97:88:e0:d2: 8f:8e:43:9e:40:ee:e2:d2:4b:41:89:cf:e4:b6:5f: 83:b3:75:d1:c1:36:c5:fa:31:bd:ab:d5:4a:47:00: 2d:42:e7:d4:5f:a1:22:9d:97:90:fe:fa:b1:54:1e: 54:09:24:de:29:f8:38:bb:91:3c:93:5d:84:7d:ea: 46:ea:fc:5e:75:73:a5:1b:4a:13:26:7b:87:a6:7e: 73:6c:50:41:b0:4d:52:ad:4b:f0:ed:14:92:98:fa: af:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:98:33:8F:96:3E:0C:5A:F3:70:0B:06:74:B3:B9:16:DA:75:1A:4F X509v3 Authority Key Identifier: keyid:32:A1:B9:CA:0B:4E:1D:34:5E:F3:75:42:40:76:53:C6:E5:8E:BC:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:7a:62:6d:93:a2:3d:8b:2c:90:d2:03:40:2a:bb:bb:f3:b0: 42:d0:b9:9b:a4:7c:da:ee:c2:e7:ab:a4:84:24:12:e5:8a:0f: d0:a0:01:aa:9d:a1:c4:1e:19:37:e8:a4:28:3b:52:5b:8d:48: cb:30:85:21:d5:04:43:21:79:1c:9c:d3:4b:f4:53:a3:fc:86: 28:0e:1c:20:91:dc:97:08:5c:1f:7f:6c:b4:20:cc:c0:b7:76: 98:42:08:f7:6f:03:0d:11:eb:9e:bd:f6:15:22:10:4e:f2:32: 64:36:73:a5:3d:a1:52:d9:ed:8a:78:ef:b1:6a:23:a0:4a:7e: b5:99:50:f5:34:07:a6:30:d0:49:56:75:10:db:20:46:62:e5: cf:c8:5a:e7:f3:53:61:c5:3b:12:77:1a:34:a0:1b:26:f1:5d: 94:35:97:df:5e:c2:8d:54:f1:2e:a7:19:5d:3c:52:47:3b:0b: 58:4c:f0:9a:76:d3:95:be:91:eb:d9:b1:e6:8e:4c:d5:3c:cd: ae:49:01:34:45:31:7b:7e:78:ed:b6:8a:ef:37:9a:9f:da:8b: e6:00:be:1a:de:2c:a3:35:05:15:fc:08:11:61:02:50:cd:a6: 5c:c2:8a:e9:97:10:6e:22:7d:a9:64:dc:15:6a:d5:ab:fe:a5: 77:fd:b8:64 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUGJRyL75j5om/Ynj9Yyt8fpdB1sEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzJBMUI5Q0EwQjRFMUQzNDVFRjM3NTQyNDA3NjUzQzZF NThFQkM1MzAeFw0yNjA1MTIyMzEwNDlaFw0yNjA1MTQwMzAwNDlaMDMxMTAvBgNV BAMTKERBOTgzMzhGOTYzRTBDNUFGMzcwMEIwNjc0QjNCOTE2REE3NTFBNEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjfaNovuQlFpORYqlrf28i9L+P 7Ulvd+sSbuqCzoYTXdCpZ5C3WQyKIPnaM41ToVMWIIGFirtUxsJVWFYTePR8gv6g boRwl8LBl9z60W2OLAK09BD9jlBGT3uyUjNlc3DvenY/NQLIGG4S9f4JYk44VOYw bg19aLW8WXm4Q3Tsvv2ssl0cywu04sctoA5Wro+U1LpDJfHxQqQ9KQ/Sy5Jfl4jg 0o+OQ55A7uLSS0GJz+S2X4OzddHBNsX6Mb2r1UpHAC1C59RfoSKdl5D++rFUHlQJ JN4p+Di7kTyTXYR96kbq/F51c6UbShMme4emfnNsUEGwTVKtS/DtFJKY+q/PAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU2pgzj5Y+DFrzcAsGdLO5Ftp1Gk8wHwYDVR0j BBgwFoAUMqG5ygtOHTRe83VCQHZTxuWOvFMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 OTg5ODY1MDA4OTI5MTc3Ny8wLzMyQTFCOUNBMEI0RTFEMzQ1RUYzNzU0MjQwNzY1 M0M2RTU4RUJDNTMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMzJBMUI5Q0EwQjRFMUQzNDVFRjM3NTQyNDA3NjUzQzZFNThFQkM1My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTk4OTg2NTAwODkyOTE3NzcvMC8zMkExQjlDQTBCNEUx RDM0NUVGMzc1NDI0MDc2NTNDNkU1OEVCQzUzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWHpibZOiPYss kNIDQCq7u/OwQtC5m6R82u7C56ukhCQS5YoP0KABqp2hxB4ZN+ikKDtSW41IyzCF IdUEQyF5HJzTS/RTo/yGKA4cIJHclwhcH39stCDMwLd2mEII928DDRHrnr32FSIQ TvIyZDZzpT2hUtntinjvsWojoEp+tZlQ9TQHpjDQSVZ1ENsgRmLlz8ha5/NTYcU7 EncaNKAbJvFdlDWX317CjVTxLqcZXTxSRzsLWEzwmnbTlb6R69mx5o5M1TzNrkkB NEUxe3547baK7zean9qL5gC+Gt4sozUFFfwIEWECUM2mXMKK6ZcQbiJ9qWTcFWrV q/6ld/24ZA== -----END CERTIFICATE-----Generated at Wed May 13 17:13:48 2026 by rpki-client