$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft File: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft (raw, json) Hash identifier: c9fAUOol+BINYjZEJgIPAbXYA7alb7+/C9esQOImkDY= Subject key identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C Authority key identifier: 19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03 Certificate issuer: /CN=193519DD773C40D04F641CC44558D3461297B003 Certificate serial: 20F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft Manifest number: 20EB Signing time: Mon 20 Oct 2025 12:05:49 +0000 Manifest this update: Mon 20 Oct 2025 12:05:49 +0000 Manifest next update: Mon 20 Oct 2025 18:05:49 +0000 Files and hashes: 1: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl (hash: wElkLxD4vTncAW2faulTKSWOplS3/I1hfMzSv+mPELc=) 2: eMIWP4XLPoa-BcL8MMBWqPKLcdk.roa (hash: 8w2a4HhRyqkpXHjd1277to3Ev/Gq3g0CrTtkX3BkuXs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:05:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8434 (0x20f2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=193519DD773C40D04F641CC44558D3461297B003 Validity Not Before: Oct 20 12:05:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=857AD43056F6EE38F2F239E3647797B73033927C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:11:dd:56:1b:93:a0:3a:ef:10:8b:28:0a:3b: 80:72:e5:0d:2a:45:a7:77:3b:65:87:c9:2d:77:ed: 19:66:30:f1:eb:74:54:4d:1f:99:1b:08:56:fa:bd: 45:26:25:3f:ea:1e:22:30:c6:39:ef:5f:39:67:0f: 7b:f7:c5:76:98:2e:bf:f4:a0:ea:b6:8a:f1:39:ba: 1a:02:bf:57:62:fc:c2:15:54:66:9c:d6:d0:09:60: 49:68:ab:0d:24:71:44:d1:4f:86:86:c2:40:15:43: e3:95:ef:92:6b:18:82:77:e5:b8:b0:1f:4f:7e:52: f1:86:79:05:3c:90:f5:35:c7:b7:68:ca:97:18:4d: 79:51:4a:a6:76:fa:62:a1:a7:5e:87:6d:87:a2:81: 6d:c5:f3:40:f6:96:1e:98:22:d3:ba:9d:31:07:c8: 9e:fc:0f:48:05:65:cc:45:fe:76:5c:44:a5:67:45: 98:37:83:95:6b:cf:66:f6:7b:ee:43:87:a3:7e:21: b8:85:e6:0b:74:04:ba:bd:d2:e8:79:54:61:df:ee: bd:16:41:6f:aa:a8:37:a4:0e:35:2e:e0:46:f0:12: ba:76:89:8c:f8:67:89:92:22:24:11:1c:8d:d6:31: 01:18:43:1b:0f:0d:2d:93:eb:78:47:3f:5a:57:52: 82:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C X509v3 Authority Key Identifier: keyid:19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:7b:0e:8f:24:32:95:ce:f4:66:ce:68:26:95:03:b0:24:c0: e4:68:ed:0d:14:eb:f4:b4:28:a5:6c:d4:08:29:f1:7d:1d:c6: df:25:66:c4:b0:76:df:a3:59:57:62:0e:08:08:e3:04:57:4c: ce:6e:fb:69:91:9b:ee:73:69:9e:92:06:c2:11:c6:4c:34:88: ae:2a:25:c3:92:b3:e9:92:3a:b3:8a:2b:05:84:f4:48:40:85: fa:96:45:f8:34:fd:ca:54:fa:62:aa:73:7e:f3:4b:0c:69:1f: 22:0a:74:1a:73:e5:b1:41:1b:7b:c5:19:de:f1:81:98:85:fc: 38:f1:5c:b3:90:02:92:29:5e:ba:43:df:04:88:e2:90:de:3a: 9f:2a:48:4d:5f:af:e6:cf:b0:cf:51:cf:21:53:e5:3b:68:0c: 3e:66:b4:23:fb:42:76:d5:3a:34:7f:51:d4:9c:1a:03:f9:0a: 10:ac:81:f3:a8:24:10:4e:2f:2e:a1:38:7b:4d:1e:90:6a:56: 29:2d:8f:77:3d:24:d1:8c:dc:7a:06:ca:95:6c:e7:31:1e:fc: 2b:6c:0f:78:dd:b5:4a:5b:62:be:26:f6:b3:70:84:0d:0e:4f: 36:52:ea:c4:50:7b:78:9f:f8:08:68:31:0c:77:a0:11:35:f0: 97:82:d9:cd -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTkz NTE5REQ3NzNDNDBEMDRGNjQxQ0M0NDU1OEQzNDYxMjk3QjAwMzAeFw0yNTEwMjAx MjA1NDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg1N0FENDMwNTZGNkVF MzhGMkYyMzlFMzY0Nzc5N0I3MzAzMzkyN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPEd1WG5OgOu8QiygKO4By5Q0qRad3O2WHyS137RlmMPHrdFRN H5kbCFb6vUUmJT/qHiIwxjnvXzlnD3v3xXaYLr/0oOq2ivE5uhoCv1di/MIVVGac 1tAJYEloqw0kcUTRT4aGwkAVQ+OV75JrGIJ35biwH09+UvGGeQU8kPU1x7doypcY TXlRSqZ2+mKhp16HbYeigW3F80D2lh6YItO6nTEHyJ78D0gFZcxF/nZcRKVnRZg3 g5Vrz2b2e+5Dh6N+IbiF5gt0BLq90uh5VGHf7r0WQW+qqDekDjUu4EbwErp2iYz4 Z4mSIiQRHI3WMQEYQxsPDS2T63hHP1pXUoLZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUhXrUMFb27jjy8jnjZHeXtzAzknwwHwYDVR0jBBgwFoAUGTUZ3Xc8QNBPZBzE RVjTRhKXsAMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkw My9HVFVaM1hjOFFOQlBaQnpFUlZqVFJoS1hzQU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dUVVozWGM4UU5CUFpCekVSVmpUUmhLWHNBTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5MDMvR1RVWjNYYzhRTkJQ WkJ6RVJWalRSaEtYc0FNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAIB7Do8kMpXO9GbOaCaVA7AkwORo7Q0U6/S0KKVs1Agp8X0dxt8lZsSwdt+j WVdiDggI4wRXTM5u+2mRm+5zaZ6SBsIRxkw0iK4qJcOSs+mSOrOKKwWE9EhAhfqW Rfg0/cpU+mKqc37zSwxpHyIKdBpz5bFBG3vFGd7xgZiF/DjxXLOQApIpXrpD3wSI 4pDeOp8qSE1fr+bPsM9RzyFT5TtoDD5mtCP7QnbVOjR/UdScGgP5ChCsgfOoJBBO Ly6hOHtNHpBqViktj3c9JNGM3HoGypVs5zEe/CtsD3jdtUpbYr4m9rNwhA0OTzZS 6sRQe3if+AhoMQx3oBE18JeC2c0= -----END CERTIFICATE-----Generated at Mon Oct 20 13:41:38 2025 by rpki-client