$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft File: pDidtIvE6TSc2eEd0MttcHaa4xk.mft (raw, json) Hash identifier: HJuhZjewxnleBHDhK4Z86UyohWMdMsfRo2nmcZopnFw= Subject key identifier: C0:52:39:ED:FF:B8:35:E3:EA:F1:43:96:11:63:60:E3:9C:CB:FE:1A Authority key identifier: A4:38:9D:B4:8B:C4:E9:34:9C:D9:E1:1D:D0:CB:6D:70:76:9A:E3:19 Certificate issuer: /CN=A4389DB48BC4E9349CD9E11DD0CB6D70769AE319 Certificate serial: 05E2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/pDidtIvE6TSc2eEd0MttcHaa4xk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft Manifest number: 05E2 Signing time: Tue 21 Oct 2025 07:38:18 +0000 Manifest this update: Tue 21 Oct 2025 07:38:18 +0000 Manifest next update: Tue 21 Oct 2025 13:38:18 +0000 Files and hashes: 1: pDidtIvE6TSc2eEd0MttcHaa4xk.crl (hash: /1nPjTkIg2PiQPfClXgUM1yPY4au3IsX85zHT8gtkLk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/pDidtIvE6TSc2eEd0MttcHaa4xk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1506 (0x5e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A4389DB48BC4E9349CD9E11DD0CB6D70769AE319 Validity Not Before: Oct 21 07:38:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C05239EDFFB835E3EAF14396116360E39CCBFE1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:fc:64:9d:88:bd:06:62:49:e7:89:cb:66:36: 3e:77:37:0e:8e:8d:35:9e:5b:97:5d:90:3d:f3:61: ce:7c:59:e9:0a:31:f1:dd:81:fa:24:99:71:dc:e4: 78:a6:9e:b6:12:74:61:08:47:72:8b:35:66:96:92: e2:06:10:af:f0:6a:c9:87:1f:de:cd:6e:d0:50:4a: 22:3c:22:4a:58:c6:86:8a:83:95:9a:17:2c:9e:3e: 3e:a3:ad:62:b6:f5:c8:1b:aa:04:e9:64:a7:23:2e: a2:bd:35:27:55:e2:23:2a:e2:7a:91:bb:f4:1f:c3: e4:fa:81:82:9f:ea:69:ec:1b:27:a2:b0:b6:8e:90: 3e:86:3d:63:52:bb:dd:75:30:f6:0d:93:a7:97:fc: 98:1b:62:eb:35:67:3c:f7:40:30:58:3a:f0:21:78: bb:00:d3:55:63:84:3c:8e:87:be:10:5c:6e:62:fa: 80:4a:a4:e8:5b:74:ec:5a:50:7f:1b:eb:64:b5:30: da:43:09:7a:c3:7a:2f:85:71:5a:4d:72:7b:9b:d2: ac:5a:b1:a6:50:f1:8a:47:ee:24:27:26:43:85:fa: 07:56:06:69:9a:ba:be:f9:c4:2f:12:c3:4d:d4:ed: 74:d5:1a:24:7b:7a:a7:ad:4f:e0:92:9b:30:95:3f: c2:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:52:39:ED:FF:B8:35:E3:EA:F1:43:96:11:63:60:E3:9C:CB:FE:1A X509v3 Authority Key Identifier: keyid:A4:38:9D:B4:8B:C4:E9:34:9C:D9:E1:1D:D0:CB:6D:70:76:9A:E3:19 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/pDidtIvE6TSc2eEd0MttcHaa4xk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:ff:e6:96:ae:4b:d3:98:80:57:d2:5c:e4:7e:e8:e8:ae:1e: 6c:dc:77:2c:0e:df:bc:2f:dd:ae:49:31:00:34:98:92:1a:f7: 45:01:c8:03:43:e4:8c:0d:3e:34:f3:22:7a:57:bd:77:d0:04: ca:94:3b:49:9d:bf:49:48:e3:d0:ba:20:0b:a1:ae:ae:93:f6: 6f:12:f6:60:ea:e7:b1:88:d1:04:51:47:9f:d6:78:d3:75:19: 84:99:97:31:75:91:75:4a:97:48:c1:ac:b5:08:b6:74:d0:eb: 63:9e:1f:eb:0a:2f:da:8b:27:77:c2:b6:f8:7c:7f:3c:f3:64: da:62:3c:84:e1:26:43:fd:4a:80:09:5a:53:85:e9:dd:e3:89: 3c:f6:bb:dd:0c:71:5c:43:a4:7c:50:8a:78:56:0f:89:2d:6b: 63:df:f5:89:68:9b:b0:d2:35:f5:07:7a:b6:2e:28:59:ff:d5: fb:04:a3:6c:b9:6e:5d:8e:5f:22:ee:34:88:dc:bb:43:b7:23: a1:1a:c4:a5:91:cc:05:3f:86:9f:ed:5d:7f:ef:73:97:54:16: a4:ff:dd:6c:60:9e:b4:c5:48:ff:92:96:3f:2f:70:b8:3a:a2: 4b:b9:f3:97:e8:9d:a9:59:55:1d:d7:59:84:a3:c0:e4:8c:b3: 2e:53:c6:f6 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTQz ODlEQjQ4QkM0RTkzNDlDRDlFMTFERDBDQjZENzA3NjlBRTMxOTAeFw0yNTEwMjEw NzM4MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMwNTIzOUVERkZCODM1 RTNFQUYxNDM5NjExNjM2MEUzOUNDQkZFMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCV/GSdiL0GYknnictmNj53Nw6OjTWeW5ddkD3zYc58WekKMfHd gfokmXHc5HimnrYSdGEIR3KLNWaWkuIGEK/wasmHH97NbtBQSiI8IkpYxoaKg5Wa FyyePj6jrWK29cgbqgTpZKcjLqK9NSdV4iMq4nqRu/Qfw+T6gYKf6mnsGyeisLaO kD6GPWNSu911MPYNk6eX/JgbYus1Zzz3QDBYOvAheLsA01VjhDyOh74QXG5i+oBK pOhbdOxaUH8b62S1MNpDCXrDei+FcVpNcnub0qxasaZQ8YpH7iQnJkOF+gdWBmma ur75xC8Sw03U7XTVGiR7eqetT+CSmzCVP8I9AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUwFI57f+4NePq8UOWEWNg45zL/howHwYDVR0jBBgwFoAUpDidtIvE6TSc2eEd 0MttcHaa4xkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 MC9wRGlkdEl2RTZUU2MyZUVkME10dGNIYWE0eGsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3BEaWR0SXZFNlRTYzJlRWQwTXR0Y0hhYTR4ay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDAvcERpZHRJdkU2VFNj MmVFZDBNdHRjSGFhNHhrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEr/5pauS9OYgFfSXOR+6OiuHmzcdywO37wv3a5JMQA0mJIa90UByAND5IwN PjTzInpXvXfQBMqUO0mdv0lI49C6IAuhrq6T9m8S9mDq57GI0QRRR5/WeNN1GYSZ lzF1kXVKl0jBrLUItnTQ62OeH+sKL9qLJ3fCtvh8fzzzZNpiPIThJkP9SoAJWlOF 6d3jiTz2u90McVxDpHxQinhWD4kta2Pf9Ylom7DSNfUHerYuKFn/1fsEo2y5bl2O XyLuNIjcu0O3I6EaxKWRzAU/hp/tXX/vc5dUFqT/3WxgnrTFSP+Slj8vcLg6oku5 85fonalZVR3XWYSjwOSMsy5TxvY= -----END CERTIFICATE-----Generated at Tue Oct 21 10:27:03 2025 by rpki-client