$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft (raw, json) Hash identifier: YLrKkb6heD86t1Nbz3h3rM5qJixlZVSi9xOjGZ03tQI= Subject key identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 2137 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft Manifest number: 212B Signing time: Mon 20 Oct 2025 17:07:57 +0000 Manifest this update: Mon 20 Oct 2025 17:07:57 +0000 Manifest next update: Mon 20 Oct 2025 23:07:57 +0000 Files and hashes: 1: DZ9goMqh1tbZJtmWmEe55G3UPM8.roa (hash: UB5MHBmQqSFhvXeEyjlx1wflR5Gqg2Tx9OCUubTS/H8=) 2: XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl (hash: pXVIierLXiX8lad81dWwaKunSoj9bmC/3DcWFQb3X64=) 3: v77HvQ8JDbuFO6M8TtpWDePh1QU.roa (hash: mBShptqUxFMYNN76UxyduwjMIWjbI3OnoZJA06+Uy70=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8503 (0x2137) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: Oct 20 17:07:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=287752BEC0FDA7B793BFEC2A92AF3F53F95AC430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f8:ef:96:ea:9c:43:2a:bf:98:64:05:ae:64: 1e:c6:6c:65:ad:d5:f8:e3:52:f4:94:f2:1a:da:83: 0a:2c:1d:b9:60:41:ff:38:8d:68:a3:92:ba:1b:a0: d0:9e:35:9c:66:1b:94:26:ad:7d:c6:77:03:d7:50: a9:7b:ce:83:b7:b6:d9:19:69:5d:3e:48:90:b0:e9: fc:cb:fd:94:5d:70:d7:dd:c6:4c:0b:0d:2d:59:d3: 4a:0e:c4:fa:00:47:0f:97:93:3b:4d:7b:31:f5:70: b4:f8:59:f1:84:fb:65:10:5b:2f:c4:cd:55:94:84: b6:a2:ae:3f:95:ab:66:3f:3e:77:c3:38:91:d8:ab: 00:c4:cf:73:33:7e:e4:47:16:f9:f2:ad:07:61:f3: 20:20:17:33:02:07:4a:fb:d5:cc:3c:e4:d9:ec:ca: 3c:0d:e0:30:da:fc:a2:26:e2:8d:bb:5e:61:5a:5b: c8:e3:56:9e:73:0a:72:a6:9d:f8:18:8b:f8:f7:92: 94:5a:54:98:53:56:bc:a9:81:4d:56:db:12:ae:19: 3d:11:1e:7d:b3:fb:70:08:9e:26:60:74:26:f2:72: 4a:cc:47:bc:f0:93:07:91:cf:f8:69:fe:ec:f7:3d: 09:64:0a:69:49:2e:98:94:b2:cc:72:e9:b4:62:a9: 93:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:cb:33:11:3e:4d:b9:db:35:59:e1:e3:ea:a1:be:88:58:fb: aa:91:3b:88:6a:0b:60:33:c9:f9:4c:dd:78:aa:b2:45:3d:db: b0:36:b7:23:48:b2:2e:f6:72:16:37:cd:92:6d:76:4f:18:8b: ff:ad:ba:d1:10:f4:ed:bc:94:72:21:9d:7c:ca:00:2f:ff:b1: 2a:8f:e8:0a:d2:6f:f3:c8:ad:8f:e6:58:ae:b0:9a:8d:1f:e4: a9:35:51:a2:2a:f6:ba:37:7f:8a:df:13:e2:c1:7f:f1:0c:5b: 11:14:33:df:96:53:ac:0a:67:a9:e8:63:90:97:09:82:16:e2: 46:26:4a:30:eb:90:3b:69:ba:bf:5f:d9:35:f5:e2:2d:b1:36: ed:5c:65:34:f2:22:9a:cd:51:18:39:54:fb:73:82:13:34:3e: 6b:20:d9:5f:36:3d:eb:5f:82:92:37:ef:22:de:d0:26:0d:24: d1:4a:86:1f:3c:f7:96:5e:b2:fc:e9:52:ae:d7:dc:c6:c7:c9: 64:3c:13:45:c1:55:cd:68:27:9d:97:d7:53:b8:f4:d5:03:fe: 52:b7:9c:a5:d1:fe:0e:2e:7c:e9:aa:9e:57:4f:46:d3:11:39: c5:d9:81:14:97:1b:87:3b:8b:f1:b2:78:31:ed:3e:49:be:25: 39:50:24:bf -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICITcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNTEwMjAx NzA3NTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI4Nzc1MkJFQzBGREE3 Qjc5M0JGRUMyQTkyQUYzRjUzRjk1QUM0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6+O+W6pxDKr+YZAWuZB7GbGWt1fjjUvSU8hragwosHblgQf84 jWijkroboNCeNZxmG5QmrX3GdwPXUKl7zoO3ttkZaV0+SJCw6fzL/ZRdcNfdxkwL DS1Z00oOxPoARw+XkztNezH1cLT4WfGE+2UQWy/EzVWUhLairj+Vq2Y/PnfDOJHY qwDEz3MzfuRHFvnyrQdh8yAgFzMCB0r71cw85NnsyjwN4DDa/KIm4o27XmFaW8jj Vp5zCnKmnfgYi/j3kpRaVJhTVrypgU1W2xKuGT0RHn2z+3AIniZgdCbyckrMR7zw kweRz/hp/uz3PQlkCmlJLpiUssxy6bRiqZN3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKHdSvsD9p7eTv+wqkq8/U/laxDAwHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvWGFDbDdNSVlMYkFP dUZ4aU1UMVh1V3RfMW80Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADXLMxE+TbnbNVnh4+qhvohY+6qRO4hqC2AzyflM3XiqskU927A2tyNIsi72 chY3zZJtdk8Yi/+tutEQ9O28lHIhnXzKAC//sSqP6ArSb/PIrY/mWK6wmo0f5Kk1 UaIq9ro3f4rfE+LBf/EMWxEUM9+WU6wKZ6noY5CXCYIW4kYmSjDrkDtpur9f2TX1 4i2xNu1cZTTyIprNURg5VPtzghM0Pmsg2V82PetfgpI37yLe0CYNJNFKhh8895Ze svzpUq7X3MbHyWQ8E0XBVc1oJ52X11O49NUD/lK3nKXR/g4ufOmqnldPRtMROcXZ gRSXG4c7i/GyeDHtPkm+JTlQJL8= -----END CERTIFICATE-----Generated at Mon Oct 20 19:26:13 2025 by rpki-client