$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2194/H0KZtN2x5o2pD3vH9DoGLtFhAgU.mft File: H0KZtN2x5o2pD3vH9DoGLtFhAgU.mft (raw, json) Hash identifier: 2SZp5pAH2DOKilYlz/kkpZaaRxWcWn8X24QcolUO0QE= Subject key identifier: 0A:19:6E:AC:D1:B8:44:54:47:9C:1D:BF:E9:BB:D3:BF:36:13:FC:C4 Authority key identifier: 1F:42:99:B4:DD:B1:E6:8D:A9:0F:7B:C7:F4:3A:06:2E:D1:61:02:05 Certificate issuer: /CN=1F4299B4DDB1E68DA90F7BC7F43A062ED1610205 Certificate serial: 211B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H0KZtN2x5o2pD3vH9DoGLtFhAgU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2194/H0KZtN2x5o2pD3vH9DoGLtFhAgU.mft Manifest number: 211B Signing time: Mon 20 Oct 2025 07:38:31 +0000 Manifest this update: Mon 20 Oct 2025 07:38:31 +0000 Manifest next update: Mon 20 Oct 2025 13:38:31 +0000 Files and hashes: 1: H0KZtN2x5o2pD3vH9DoGLtFhAgU.crl (hash: HJFt6+wtNFvPF7NCHInM6YnVNFnW0RvL9kIhKp3Px2Q=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2194/H0KZtN2x5o2pD3vH9DoGLtFhAgU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2194/H0KZtN2x5o2pD3vH9DoGLtFhAgU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H0KZtN2x5o2pD3vH9DoGLtFhAgU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8475 (0x211b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1F4299B4DDB1E68DA90F7BC7F43A062ED1610205 Validity Not Before: Oct 20 07:38:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0A196EACD1B84454479C1DBFE9BBD3BF3613FCC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:aa:de:67:c6:ca:3c:d6:01:4b:26:20:ce:02: 0b:8d:cc:b9:e3:f2:49:51:b3:81:fa:99:bc:76:18: 3d:a1:d4:5f:9d:34:29:57:e6:f3:eb:67:8f:fb:b0: 44:3e:82:d7:60:31:f3:19:59:30:15:0c:8f:99:22: 71:4d:70:47:51:fd:55:52:3f:f0:3b:b9:26:58:0c: 69:be:1b:8c:7a:79:32:a4:58:d1:56:c5:68:e3:4c: 46:a2:61:31:45:63:36:a5:c2:bb:cc:b0:52:aa:5e: f8:be:5d:b5:dd:52:00:ba:d6:36:c0:23:4e:41:f2: ad:0b:b2:14:52:b5:7b:e9:46:ae:59:53:c1:6c:8f: 46:ae:9b:9a:12:20:6e:df:5a:19:88:1b:b6:f1:0f: 87:bf:62:9a:02:d2:b6:67:bd:41:e8:ce:0f:02:33: 05:e3:00:7e:51:34:2b:27:d7:a0:72:a8:cb:f8:ee: ec:cc:ed:cf:e5:34:aa:6c:46:11:be:1b:21:4a:35: c8:88:8a:7f:dc:08:6a:a6:6e:4e:f0:2a:7c:d3:50: 5b:d5:50:cb:75:ea:af:82:5e:aa:73:72:d3:ca:24: 25:82:5a:f0:ec:b8:71:cf:5c:ce:8f:3f:62:e9:a6: 87:65:1f:4b:35:c6:0e:0b:ab:e4:ef:cc:ad:5f:30: 10:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:19:6E:AC:D1:B8:44:54:47:9C:1D:BF:E9:BB:D3:BF:36:13:FC:C4 X509v3 Authority Key Identifier: keyid:1F:42:99:B4:DD:B1:E6:8D:A9:0F:7B:C7:F4:3A:06:2E:D1:61:02:05 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2194/H0KZtN2x5o2pD3vH9DoGLtFhAgU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H0KZtN2x5o2pD3vH9DoGLtFhAgU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2194/H0KZtN2x5o2pD3vH9DoGLtFhAgU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:e9:3b:c2:fd:96:bb:98:d8:da:d2:76:be:d3:9f:34:ab:eb: 7a:ea:2b:04:bb:d9:ed:12:e5:d9:60:13:70:c4:e4:f2:da:2f: 70:97:dd:ea:50:0b:75:7d:98:1f:d7:c9:d1:0d:98:26:96:03: 42:7b:e8:0b:a1:f0:70:7b:96:57:a0:cf:90:18:d4:34:79:13: e9:c1:6e:26:1e:21:51:e5:96:44:a2:c7:9c:78:5a:80:0d:b5: 24:24:0f:67:e4:49:44:0f:3e:f7:1d:53:96:f6:0b:70:30:97: 81:22:7f:aa:85:e0:8c:55:4b:24:70:6f:6f:c0:4c:8c:c4:5f: cd:55:82:fd:3f:80:fd:2a:a3:47:38:43:00:1e:7e:f7:2f:fc: 54:6e:4f:df:94:36:59:24:45:6d:64:bc:b3:ca:a9:30:e0:c5: 75:77:8e:12:04:39:04:52:78:5e:97:f3:d5:df:ba:51:bd:2f: b0:62:b3:43:b5:a4:f9:3c:6c:4d:a0:b3:17:2e:4b:b8:c5:a1: 90:f0:e3:07:ed:b3:d4:c0:90:6d:01:4e:a9:bd:f7:6c:5e:c6: 98:c4:f5:79:10:90:8e:0b:eb:f0:b3:e3:a5:70:a1:30:a6:03: 4a:9f:d2:ab:32:46:1e:39:44:fd:7d:23:6d:4b:07:d7:50:42: 2f:b6:8b:d1 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIRswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUY0 Mjk5QjREREIxRTY4REE5MEY3QkM3RjQzQTA2MkVEMTYxMDIwNTAeFw0yNTEwMjAw NzM4MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBBMTk2RUFDRDFCODQ0 NTQ0NzlDMURCRkU5QkJEM0JGMzYxM0ZDQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMqt5nxso81gFLJiDOAguNzLnj8klRs4H6mbx2GD2h1F+dNClX 5vPrZ4/7sEQ+gtdgMfMZWTAVDI+ZInFNcEdR/VVSP/A7uSZYDGm+G4x6eTKkWNFW xWjjTEaiYTFFYzalwrvMsFKqXvi+XbXdUgC61jbAI05B8q0LshRStXvpRq5ZU8Fs j0aum5oSIG7fWhmIG7bxD4e/YpoC0rZnvUHozg8CMwXjAH5RNCsn16ByqMv47uzM 7c/lNKpsRhG+GyFKNciIin/cCGqmbk7wKnzTUFvVUMt16q+CXqpzctPKJCWCWvDs uHHPXM6PP2LppodlH0s1xg4Lq+TvzK1fMBDvAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUChlurNG4RFRHnB2/6bvTvzYT/MQwHwYDVR0jBBgwFoAUH0KZtN2x5o2pD3vH 9DoGLtFhAgUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE5 NC9IMEtadE4yeDVvMnBEM3ZIOURvR0x0RmhBZ1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0gwS1p0TjJ4NW8ycEQzdkg5RG9HTHRGaEFnVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxOTQvSDBLWnROMng1bzJw RDN2SDlEb0dMdEZoQWdVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGjpO8L9lruY2NrSdr7TnzSr63rqKwS72e0S5dlgE3DE5PLaL3CX3epQC3V9 mB/XydENmCaWA0J76Auh8HB7llegz5AY1DR5E+nBbiYeIVHllkSix5x4WoANtSQk D2fkSUQPPvcdU5b2C3Awl4Eif6qF4IxVSyRwb2/ATIzEX81Vgv0/gP0qo0c4QwAe fvcv/FRuT9+UNlkkRW1kvLPKqTDgxXV3jhIEOQRSeF6X89XfulG9L7Bis0O1pPk8 bE2gsxcuS7jFoZDw4wfts9TAkG0BTqm992xexpjE9XkQkI4L6/Cz46VwoTCmA0qf 0qsyRh45RP19I21LB9dQQi+2i9E= -----END CERTIFICATE-----Generated at Mon Oct 20 11:35:50 2025 by rpki-client