$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft File: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json) Hash identifier: NSmAoDC9NLzApEbvKl0I27GJdAgxvxMX2lCY3FabTrI= Subject key identifier: 5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 86AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft Manifest number: 3BEF Signing time: Mon 20 Oct 2025 03:35:14 +0000 Manifest this update: Mon 20 Oct 2025 03:35:13 +0000 Manifest next update: Mon 20 Oct 2025 09:35:13 +0000 Files and hashes: 1: 1pGP6piO9t8jbUERzDx-O4nhtLM.roa (hash: LgsHYyRchdYhJU6IjYfSwzPXfyeBNXFC/3oEFZaxr5E=) 2: 4wXgRujYTKfihSIvwuLg9rUOP1c.roa (hash: LPoTrqNW+wAwUy8l+OsMAuRG7zGEUq/hKav9nV2a/XY=) 3: 6wu7C6LJRgzw0YqBCypPrWvyqtk.roa (hash: Cj+QZPNg8QQ9fmyZfIpGADWCHBPEkN4OpbVPkdHjLNc=) 4: 9LZMbOJGzIWrwZIphlUZtLKBd_c.roa (hash: 2ZF77k5Fogyt6qSiuDajPcYoPcUD48QmqAkwhivvEH4=) 5: AvIoBSrNnMcpnZyXaLY_B_COOqM.roa (hash: tfuTWBj8mqfIFWkntrseawjOrEIi0ukcaV24gqQhJUE=) 6: HEJ6DTy64Jm1xHMNyrxg1ksFP-w.roa (hash: DaUH4N6Ykh2EVKUh+hFWVnqT6gqtXXjR8QPYprODeSA=) 7: Lzd2UazZEZK4D-Vi_LM5PwLTTJw.roa (hash: RYhKyfjdDrdFS+vtO7CbGxUt9WkZpShCr4z/pVEDnNo=) 8: No7gvAe0HiqMlWPX1eORii_qHNg.roa (hash: fsHInzrmBhxkqHfoeln8hYzxASuDDoDSJJ6xYdeYcAY=) 9: OfvtK6UGD_bVKz8pj9fgFWb6zgM.roa (hash: 40esanXG/apJXlFMV+hzoWKw+5KjI8h/fUEMtsSTOfI=) 10: PZulO6TyppqWWuGzO34PYYz5Uo0.roa (hash: yxbl0kEI9vox9RiEQxUPGxMV7cLiY2SO7AtRn6kT6eA=) 11: QD7THVmiGOcCiQQPVumiDRR-d7I.roa (hash: BeWz4UxSBqt/CJdq0rqcX/Y2LZaQqSYTg9P3zaCSJy8=) 12: QwZKguok-b8FhE9hnJbkdnKTTYU.roa (hash: 82DU5HDkqmL/BChANtmMXhnRK94koX+hWClHdvO4uVU=) 13: TzZbUoNGLOmB6mnJiaNAHR2oE9c.roa (hash: BweYJDm2QhqDgPj1ChzAIBwgj2kCBYjRI7BD0uiJCsI=) 14: XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa (hash: yacvbm4gKGYgc5wCZtcaOFLtzo1EC6TxZpfMKP9mzO4=) 15: Yq-wEJdpNyrsJ5M1lXcQMx95RI0.roa (hash: C1aXVx3626w3lC0qVGmhnn9Jj9Gy3ZQ5/AtReox93tU=) 16: cW39mtAp8ttxrryEEYyzgpZyl-Y.roa (hash: AHaemtAtPHl6rkUemFWAQRCUJRJsHnHRQru7T2KV13c=) 17: evHFKal_BLbftwTo5irhQaueD2U.roa (hash: 4JP/QyQZbAYdHqHseXBGNqOkAZdAPfM1lQ9PPjQdoAg=) 18: ffnzNkkLF4B5sEmRbbt-73LygMI.roa (hash: lfR0YWmJicUAI3V8hDlF+PVwpQclCZqiT/dKFEJOFIA=) 19: fuNpvyrWjNqASaRbQPtajVPqy6k.roa (hash: BDXVfeJ+p55olmcKYt7LYY+SlG+OhVlWdGyqMfKIgMM=) 20: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: adyEFB8lRcZN4PjqvqL7ywfkxqDk+g0qPhYDCT5927U=) 21: jgjN0IxKws8jDdNRAOYX1CdHt1k.roa (hash: T74oJ4uT1nguMzcsxBkKWMEPcQYXZBdgwGGLqKFQyh4=) 22: qe20gAZbuwVu_t2cnfTPZkvTqlA.roa (hash: rEzVYj2gFODsMAGdxG3xTH2suYUBY7xxuVYE2eGkAMI=) 23: vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa (hash: zTk7jcBriJqG2gtlVugmX1oERrjs/CQDeKUtk6NsPUk=) 24: ywCQM1l3K43_E-WiIpSnSbWqOvE.roa (hash: hgEPrLxxvDkD6XngS/o1Hzja3xdYFuhr99lC4QpzvhQ=) 25: zWbsOJJ1UwVI5pnA1_vMfQ9v7YA.roa (hash: BBz3fH6gauC81KGSU8veCkKr25fDnWrXmEydKqB3KzU=) 26: z_lK68q3HuQ2YA-o5O1-QTLxSVs.roa (hash: djDiaR6F3C232funPEOT/ASADrhJX0R/3wJbKzu0uPk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34477 (0x86ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Oct 20 03:35:13 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32: 00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66: 5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8: d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84: df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1: d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92: 04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68: 17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c: 8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d: 46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb: 0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13: 99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3: 8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa: c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1: e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64: 62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36: b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e: 22:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:a9:a4:43:a0:01:c6:0a:1e:6d:c1:31:4e:b0:90:16:78:57: e1:83:64:a1:ee:3e:bd:ce:64:1d:bc:e6:59:27:e0:78:56:dc: 50:f0:56:35:35:d9:f4:3d:8f:55:15:47:87:fd:f5:35:b9:ab: 58:55:df:17:2b:a7:d3:71:27:d1:cd:e8:49:4e:e8:2c:ba:b8: a7:00:2b:0e:19:c1:b1:85:10:0a:54:da:54:c2:a3:c1:95:fa: 33:8b:5e:78:83:5a:18:34:ff:6b:d3:ff:00:60:28:c9:62:00: 24:09:5f:15:75:03:3e:ed:f5:75:35:1d:63:a9:51:34:e6:da: b0:a8:de:a9:aa:77:d8:f9:8f:cd:e2:ad:4d:e6:ec:bb:82:15: f2:2d:a6:78:b1:97:0e:1c:5d:66:43:3f:94:0a:7b:aa:91:3c: a0:05:92:aa:30:1a:22:2b:3c:7d:dc:e1:09:e6:4f:25:8d:9e: f2:bf:d8:2d:f5:82:f8:86:93:2f:04:bc:4b:9e:9b:aa:cd:53: 34:2d:91:d7:2e:19:60:9c:92:44:ae:3f:48:6a:22:54:48:4f: 26:ef:31:7a:f0:1d:cf:43:fc:ac:de:df:8c:d6:f3:9f:4d:2e: 65:c2:e5:9e:d2:f1:26:28:21:e7:c4:71:92:33:37:5b:fb:f1: c6:dd:44:af -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIDAIatMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjUxMDIw MDMzNTEzWhcNMjYwODAzMDg0NDQwWjAzMTEwLwYDVQQDEyg1QUNBNUFFNjEwM0U4 NDk4MzQ1QkNCQUJENDdBNDQzQUMwOTNDMjVBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA2/D5aFKZaqoPHSjv1jIAS0tb4Li4uRGzAdthPmZeKQ2dFWJI pZqNVuSuLOjXx637N1ai97cXZLx1yYTfYSZtoJTbYC3aCTZFKPHZ/5hOuG35fTK0 yNXKmJIEcPPwmI9mAphvjflImGgXS5nTFgRJETL321uOvWyP6SC3EbDFR/lpgumE 7Y1GLqOQdNUxvPc2uSZ3ObsPx+JZEYObyEEdTMwfWhOZupobcJ3xXoiZxXMj68OP C2HwjddUhFqfk1rDIvrAegzuu8k0PYIYX1KWj+HpH06+W63liGF5nCKRH2RiW28O C8hqnTQDE1YrXza2dU/SeQauZ+B/WUacZi4iuwIDAQABo4ICDDCCAggwHQYDVR0O BBYEFFrKWuYQPoSYNFvLq9R6RDrAk8JaMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2 NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB /wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzL2l1VFBlTFNkOExM QjBwMHk1SXFVT3VUMEdzdy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQCmqaRDoAHGCh5twTFOsJAWeFfhg2Sh7j69zmQdvOZZJ+B4VtxQ8FY1Ndn0 PY9VFUeH/fU1uatYVd8XK6fTcSfRzehJTugsurinACsOGcGxhRAKVNpUwqPBlfoz i154g1oYNP9r0/8AYCjJYgAkCV8VdQM+7fV1NR1jqVE05tqwqN6pqnfY+Y/N4q1N 5uy7ghXyLaZ4sZcOHF1mQz+UCnuqkTygBZKqMBoiKzx93OEJ5k8ljZ7yv9gt9YL4 hpMvBLxLnpuqzVM0LZHXLhlgnJJErj9IaiJUSE8m7zF68B3PQ/ys3t+M1vOfTS5l wuWe0vEmKCHnxHGSMzdb+/HG3USv -----END CERTIFICATE-----Generated at Mon Oct 20 05:42:49 2025 by rpki-client