$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft File: UgcnAEPag5sInL-JHVe0GrI5rYo.mft (raw, json) Hash identifier: 4NPIkf8a1ZL8MBcftQN9yxzy+gn9aze+H68FpTM9tGY= Subject key identifier: 07:6B:FC:AB:6C:1B:91:6D:A2:F5:0F:1A:9F:03:3F:91:66:7C:4A:22 Authority key identifier: 52:07:27:00:43:DA:83:9B:08:9C:BF:89:1D:57:B4:1A:B2:39:AD:8A Certificate issuer: /CN=5207270043DA839B089CBF891D57B41AB239AD8A Certificate serial: 0B22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft Manifest number: 0B22 Signing time: Mon 20 Oct 2025 17:06:16 +0000 Manifest this update: Mon 20 Oct 2025 17:06:16 +0000 Manifest next update: Mon 20 Oct 2025 23:06:16 +0000 Files and hashes: 1: UgcnAEPag5sInL-JHVe0GrI5rYo.crl (hash: joVpP9DWa4KI/4BKJsQQOkD+m3qXuvN4/cb6OOfsAbk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:06:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2850 (0xb22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5207270043DA839B089CBF891D57B41AB239AD8A Validity Not Before: Oct 20 17:06:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=076BFCAB6C1B916DA2F50F1A9F033F91667C4A22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:25:7c:17:61:a5:b7:97:2d:83:0c:08:aa:14: d8:8c:da:f3:0e:a4:fc:c6:60:69:23:35:d3:df:a5: 20:17:4c:f8:ca:fd:24:d5:c1:f9:f7:8c:87:fd:a4: 13:37:70:b9:a7:1a:c6:76:5a:ff:65:eb:00:3b:cb: ad:70:e4:62:6e:f6:50:78:0e:c8:91:02:42:ec:a8: 27:89:a2:d7:b2:94:c8:85:90:8f:2a:4c:b5:19:14: 42:33:cb:83:e8:38:27:72:1b:29:71:b5:41:2e:0f: 54:25:dd:8b:f0:ef:4b:32:1f:5f:12:dd:c7:d0:7f: 4a:db:7b:a1:21:0e:dd:b8:75:97:d2:05:98:95:13: 81:44:09:41:d6:8a:14:c0:b5:a1:f0:1c:8c:a1:a3: d5:ad:fe:da:d8:ac:a9:6b:bf:54:27:b1:96:6b:88: 3b:60:23:36:5e:d1:5d:7a:7c:80:9c:f6:84:40:c8: 2f:88:31:94:f7:9e:bc:50:d2:2e:15:9a:23:df:9c: 20:39:42:88:d7:c5:d7:1a:10:b1:2c:7a:0f:e3:ed: 0d:d9:d7:c2:6f:be:8b:a0:84:51:8f:b2:97:b8:54: 00:f4:b8:7f:3a:44:5d:5f:5d:2b:6a:25:01:02:73: 4c:71:ea:b9:7a:64:61:27:ca:ec:99:79:8a:c1:83: 20:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:6B:FC:AB:6C:1B:91:6D:A2:F5:0F:1A:9F:03:3F:91:66:7C:4A:22 X509v3 Authority Key Identifier: keyid:52:07:27:00:43:DA:83:9B:08:9C:BF:89:1D:57:B4:1A:B2:39:AD:8A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:04:52:9a:16:52:ac:03:89:be:bb:fd:48:98:91:85:ea:2e: b3:b9:74:74:79:f1:49:e8:6f:f9:fc:96:ac:da:ae:80:c0:e9: 45:34:4d:ed:ef:1b:9e:24:b3:18:29:87:14:d4:75:23:d5:80: f9:ec:ec:b6:3c:e3:ca:6d:38:d0:71:d4:52:2b:1c:1c:0d:3e: d0:a2:72:f6:44:45:62:c9:3d:36:ec:73:e7:2d:18:0c:d5:26: 22:5a:ae:97:e1:8e:cf:c7:94:14:e9:9b:cd:d4:cc:cd:eb:d8: 35:5f:ae:93:90:f9:91:9a:92:08:e6:32:71:79:43:5d:93:2e: 23:d8:20:e3:4d:2e:5b:1b:03:56:c1:5b:aa:01:ef:c2:3a:b5: 46:4a:12:77:31:fb:05:91:ef:ee:46:a8:f7:3d:ea:07:29:6c: 12:1c:4f:d3:aa:1e:c7:3d:68:8b:89:75:b3:be:84:44:9f:28: 8d:3a:56:66:00:4e:2e:bc:58:8e:04:f2:7e:5a:91:24:e6:35: 8a:f5:b7:f5:ef:f5:94:f7:ed:c6:fd:86:f0:6e:fa:4f:43:92: 73:01:a3:7d:03:eb:41:4a:1c:be:3d:cc:4e:be:87:b8:41:48: 6c:7d:30:cf:b7:f5:dd:f0:a1:a6:f0:b6:aa:af:e8:85:ad:4d: 30:92:29:9a -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCyIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTIw NzI3MDA0M0RBODM5QjA4OUNCRjg5MUQ1N0I0MUFCMjM5QUQ4QTAeFw0yNTEwMjAx NzA2MTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA3NkJGQ0FCNkMxQjkx NkRBMkY1MEYxQTlGMDMzRjkxNjY3QzRBMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8JXwXYaW3ly2DDAiqFNiM2vMOpPzGYGkjNdPfpSAXTPjK/STV wfn3jIf9pBM3cLmnGsZ2Wv9l6wA7y61w5GJu9lB4DsiRAkLsqCeJoteylMiFkI8q TLUZFEIzy4PoOCdyGylxtUEuD1Ql3Yvw70syH18S3cfQf0rbe6EhDt24dZfSBZiV E4FECUHWihTAtaHwHIyho9Wt/trYrKlrv1QnsZZriDtgIzZe0V16fICc9oRAyC+I MZT3nrxQ0i4VmiPfnCA5QojXxdcaELEseg/j7Q3Z18JvvoughFGPspe4VAD0uH86 RF1fXStqJQECc0xx6rl6ZGEnyuyZeYrBgyCRAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUB2v8q2wbkW2i9Q8anwM/kWZ8SiIwHwYDVR0jBBgwFoAUUgcnAEPag5sInL+J HVe0GrI5rYowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 MS9VZ2NuQUVQYWc1c0luTC1KSFZlMEdySTVyWW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VnY25BRVBhZzVzSW5MLUpIVmUwR3JJNXJZby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzEvVWdjbkFFUGFnNXNJ bkwtSkhWZTBHckk1cllvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAIEUpoWUqwDib67/UiYkYXqLrO5dHR58Unob/n8lqzaroDA6UU0Te3vG54k sxgphxTUdSPVgPns7LY848ptONBx1FIrHBwNPtCicvZERWLJPTbsc+ctGAzVJiJa rpfhjs/HlBTpm83UzM3r2DVfrpOQ+ZGakgjmMnF5Q12TLiPYIONNLlsbA1bBW6oB 78I6tUZKEncx+wWR7+5GqPc96gcpbBIcT9OqHsc9aIuJdbO+hESfKI06VmYATi68 WI4E8n5akSTmNYr1t/Xv9ZT37cb9hvBu+k9DknMBo30D60FKHL49zE6+h7hBSGx9 MM+39d3woabwtqqv6IWtTTCSKZo= -----END CERTIFICATE-----Generated at Mon Oct 20 21:00:42 2025 by rpki-client