$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2528/COaEfe781aS_jvY6VWfs2gflVik.mft File: COaEfe781aS_jvY6VWfs2gflVik.mft (raw, json) Hash identifier: 9rgfVJp0MlzUqhzlf7LIjllHimFo6TL9VDgZiOpRU9E= Subject key identifier: F2:97:CA:F4:89:E2:A5:25:7F:9B:47:5E:5C:3B:8A:7E:C6:66:EE:CE Authority key identifier: 08:E6:84:7D:EE:FC:D5:A4:BF:8E:F6:3A:55:67:EC:DA:07:E5:56:29 Certificate issuer: /CN=08E6847DEEFCD5A4BF8EF63A5567ECDA07E55629 Certificate serial: 2060 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/COaEfe781aS_jvY6VWfs2gflVik.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2528/COaEfe781aS_jvY6VWfs2gflVik.mft Manifest number: 2060 Signing time: Mon 20 Oct 2025 07:38:30 +0000 Manifest this update: Mon 20 Oct 2025 07:38:30 +0000 Manifest next update: Mon 20 Oct 2025 13:38:30 +0000 Files and hashes: 1: COaEfe781aS_jvY6VWfs2gflVik.crl (hash: O4fdliRu6ZaJUIwwUhKJSbqVWNrxozy1xKxPeKV67X0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2528/COaEfe781aS_jvY6VWfs2gflVik.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2528/COaEfe781aS_jvY6VWfs2gflVik.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/COaEfe781aS_jvY6VWfs2gflVik.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8288 (0x2060) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08E6847DEEFCD5A4BF8EF63A5567ECDA07E55629 Validity Not Before: Oct 20 07:38:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F297CAF489E2A5257F9B475E5C3B8A7EC666EECE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:da:00:96:3c:bd:65:31:9d:3a:11:dd:03:ac: a6:b4:e5:b2:2e:3d:a0:96:51:07:d6:51:88:3e:97: b5:64:c6:ff:e7:d1:0a:d2:10:e4:d6:4f:20:be:b5: 24:c2:a0:68:4e:48:78:2e:7b:ab:75:f2:3a:9c:06: 2a:5e:ae:c5:53:25:12:b6:ef:79:af:0c:53:00:de: 2a:52:70:55:9e:e3:cc:a5:b6:80:7f:cd:b5:f2:e9: b4:c5:12:fc:b7:87:45:8d:ff:f6:67:a9:93:da:f8: d5:9b:e4:45:8b:bf:64:9e:90:27:5d:ca:29:bc:41: 0d:d7:99:c2:74:02:87:dd:3b:1b:71:f7:bf:26:45: 28:0a:8a:ec:84:d6:16:be:e6:08:64:27:b4:f8:87: 86:a1:e0:0e:f6:e9:00:8f:bd:2e:18:07:99:34:9e: 9c:2c:30:ad:75:a2:d7:f7:7a:09:9a:d3:8a:76:65: e0:24:44:85:f4:46:82:bf:69:9e:03:bb:13:ce:d1: 20:02:2f:49:73:74:0d:7b:6b:38:6e:45:d5:5b:56: cc:63:c8:b8:57:45:79:72:60:98:52:b0:bd:bf:d3: 29:c7:57:7d:74:35:2d:bc:8b:ba:f3:bc:59:4c:a9: 8a:3d:58:31:5b:90:1a:bd:2c:0e:6a:97:31:3f:8a: 31:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:97:CA:F4:89:E2:A5:25:7F:9B:47:5E:5C:3B:8A:7E:C6:66:EE:CE X509v3 Authority Key Identifier: keyid:08:E6:84:7D:EE:FC:D5:A4:BF:8E:F6:3A:55:67:EC:DA:07:E5:56:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2528/COaEfe781aS_jvY6VWfs2gflVik.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/COaEfe781aS_jvY6VWfs2gflVik.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2528/COaEfe781aS_jvY6VWfs2gflVik.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:f4:8f:9f:e2:97:da:93:a8:4a:5c:2d:80:5c:b5:a9:50:56: 86:11:e2:d7:46:74:11:c5:aa:0c:0f:f5:35:31:74:ef:e9:09: 25:ac:fb:90:21:33:f1:9c:f6:55:91:a4:45:3f:5b:f2:cf:b3: 79:ce:d7:b1:4c:06:f4:09:df:3c:fa:00:58:96:e6:15:27:9b: 3b:cc:06:60:7c:f3:5d:ad:df:0e:56:99:83:66:f3:9d:d4:cd: 55:6b:19:27:10:2a:3c:7c:8d:ce:7f:ba:be:e5:17:3e:e3:df: b5:22:e9:8a:05:e9:7d:b0:25:55:fd:69:06:60:c3:80:8a:fd: cb:f2:8d:a1:70:63:94:27:4d:9a:d6:c3:89:3d:2a:5d:f9:eb: fd:b2:dd:f0:6d:29:a4:53:54:6f:f9:9a:d9:5c:05:c0:cf:52: 52:e2:70:71:1e:24:91:ad:9d:69:09:81:0f:34:f9:ac:ad:16: 99:39:74:9c:aa:5b:90:23:86:d1:27:cc:05:b4:2b:da:be:52: 98:e5:74:c5:06:f7:1f:d6:13:88:15:22:29:ba:f2:cc:bd:63: a5:db:7d:9d:2f:5e:e7:99:c4:73:04:36:67:12:97:02:ce:78: ef:d0:1b:70:06:40:c3:8d:fc:e9:38:b0:33:2a:f3:47:c4:c4: 07:42:e6:39 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDhF Njg0N0RFRUZDRDVBNEJGOEVGNjNBNTU2N0VDREEwN0U1NTYyOTAeFw0yNTEwMjAw NzM4MzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYyOTdDQUY0ODlFMkE1 MjU3RjlCNDc1RTVDM0I4QTdFQzY2NkVFQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDx2gCWPL1lMZ06Ed0DrKa05bIuPaCWUQfWUYg+l7Vkxv/n0QrS EOTWTyC+tSTCoGhOSHgue6t18jqcBipersVTJRK273mvDFMA3ipScFWe48yltoB/ zbXy6bTFEvy3h0WN//ZnqZPa+NWb5EWLv2SekCddyim8QQ3XmcJ0AofdOxtx978m RSgKiuyE1ha+5ghkJ7T4h4ah4A726QCPvS4YB5k0npwsMK11otf3egma04p2ZeAk RIX0RoK/aZ4DuxPO0SACL0lzdA17azhuRdVbVsxjyLhXRXlyYJhSsL2/0ynHV310 NS28i7rzvFlMqYo9WDFbkBq9LA5qlzE/ijF9AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU8pfK9InipSV/m0deXDuKfsZm7s4wHwYDVR0jBBgwFoAUCOaEfe781aS/jvY6 VWfs2gflVikwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy OC9DT2FFZmU3ODFhU19qdlk2VldmczJnZmxWaWsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0NPYUVmZTc4MWFTX2p2WTZWV2ZzMmdmbFZpay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjgvQ09hRWZlNzgxYVNf anZZNlZXZnMyZ2ZsVmlrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEP0j5/il9qTqEpcLYBctalQVoYR4tdGdBHFqgwP9TUxdO/pCSWs+5AhM/Gc 9lWRpEU/W/LPs3nO17FMBvQJ3zz6AFiW5hUnmzvMBmB8812t3w5WmYNm853UzVVr GScQKjx8jc5/ur7lFz7j37Ui6YoF6X2wJVX9aQZgw4CK/cvyjaFwY5QnTZrWw4k9 Kl356/2y3fBtKaRTVG/5mtlcBcDPUlLicHEeJJGtnWkJgQ80+aytFpk5dJyqW5Aj htEnzAW0K9q+UpjldMUG9x/WE4gVIim68sy9Y6XbfZ0vXueZxHMENmcSlwLOeO/Q G3AGQMON/Ok4sDMq80fExAdC5jk= -----END CERTIFICATE-----Generated at Mon Oct 20 12:44:40 2025 by rpki-client