$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft File: m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft (raw, json) Hash identifier: yjrXe5XDnnOBikXjWDxZdEQ9uosg4g2fOkwim4SYrN8= Subject key identifier: 42:CA:EE:A6:60:60:CA:33:38:7B:50:1B:B1:26:DC:FB:B8:C4:4E:4E Authority key identifier: 9B:4A:3C:36:B4:23:47:AC:EF:36:E8:4A:66:E6:9E:E5:9B:ED:8B:76 Certificate issuer: /CN=9B4A3C36B42347ACEF36E84A66E69EE59BED8B76 Certificate serial: 1AAC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft Manifest number: 1AA7 Signing time: Sat 23 Aug 2025 21:05:39 +0000 Manifest this update: Sat 23 Aug 2025 21:05:39 +0000 Manifest next update: Sun 24 Aug 2025 03:05:39 +0000 Files and hashes: 1: GCIdxqm-WcsHOj6_YFUYRmDRbZs.roa (hash: 3qXm3+lk5XLaY3V7FcSpIrb2+VzRfoseYvCbETIDo5E=) 2: UwI293Y5hF5uYhO69WoGcEjcrxQ.roa (hash: s1gz99xfRDksaBoffYwCjuimAwS5FnaGuweieaGNUm0=) 3: m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl (hash: SlCpSF+56F7s5vwYHtl20iUMcv4wPVuiiJtsHwCR5c4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 03:05:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6828 (0x1aac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B4A3C36B42347ACEF36E84A66E69EE59BED8B76 Validity Not Before: Aug 23 21:05:39 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=42CAEEA66060CA33387B501BB126DCFBB8C44E4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:e9:fb:c8:37:26:30:8e:a9:73:91:eb:0d: d3:a8:4b:94:58:77:f2:a5:18:d1:24:94:c9:4f:84: 16:5f:19:49:15:da:ef:5e:46:93:09:48:dc:21:2c: d6:38:6e:8c:9f:77:57:5a:af:4b:1a:53:6b:a1:32: 77:5c:75:26:c5:51:ab:17:75:bb:8c:26:74:b9:60: a0:77:e6:e7:14:62:f8:98:12:6f:35:59:62:2b:d5: 56:2d:e1:58:51:dc:35:6b:0f:ed:38:ac:0f:ee:24: 37:8e:94:8a:4d:81:d5:49:03:f1:af:58:e6:ac:dd: 33:3d:a6:ab:5d:64:4f:6c:78:8f:0e:7c:91:09:6d: a5:b9:9f:23:ee:d3:d9:86:81:84:20:f7:2a:94:9a: a0:25:0f:f5:5c:1c:8d:b3:2c:e2:9a:65:e5:8e:ef: 85:ec:ee:e0:2a:ce:77:5c:30:7a:0a:6b:66:38:c7: 58:60:8e:49:9a:c9:90:12:99:73:35:b4:ac:e4:85: ab:30:0d:a7:fa:ef:97:8c:64:c1:cc:93:a0:dc:0d: e6:18:f4:6d:f3:e3:2b:78:3c:4e:ba:97:98:c5:1b: bf:46:10:5f:f0:ef:cd:13:be:9c:a8:39:68:90:65: 51:b5:2f:20:8e:20:42:06:5d:58:4b:33:2b:a1:fb: f6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:CA:EE:A6:60:60:CA:33:38:7B:50:1B:B1:26:DC:FB:B8:C4:4E:4E X509v3 Authority Key Identifier: keyid:9B:4A:3C:36:B4:23:47:AC:EF:36:E8:4A:66:E6:9E:E5:9B:ED:8B:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:c9:c8:22:e6:5a:63:98:44:05:3f:82:98:db:3c:1d:74:61: c5:06:c2:eb:0b:39:f2:98:94:b1:e7:13:d2:41:79:77:6a:69: fc:f8:3d:b7:28:6f:ab:b7:6f:26:34:e6:69:19:29:b9:f6:76: b7:af:89:f0:e9:30:de:67:69:cc:3e:40:46:f5:42:50:b7:76: 11:5e:f5:36:fb:fb:04:b0:a8:59:c6:42:59:72:3c:64:7b:1e: 98:aa:49:c6:ce:11:6a:a4:c9:8c:e3:19:44:7b:e0:d2:e4:a0: bc:ca:fd:01:47:5d:a0:f5:25:77:e2:d1:05:2b:f5:0d:9c:53: e5:16:f6:7f:6a:c5:ed:91:a9:cc:be:e5:02:24:54:66:68:08: 87:df:6a:62:79:74:03:e1:b0:c8:ac:d4:50:b2:ea:ef:e8:f7: 54:ae:8d:6f:22:2f:e5:81:64:6b:99:e2:02:dd:1f:2c:1f:22: f0:71:36:4c:2e:0f:af:ea:bc:ab:05:ca:ca:e7:d8:7c:ae:00: 49:3d:cb:f2:5d:e4:b1:5e:ff:61:8d:59:26:e3:38:8d:56:b4: 54:0e:a0:5f:1a:e9:f5:f0:ad:1d:59:4e:ec:30:cf:b9:46:d1: ee:36:c1:a0:e3:66:61:76:86:e6:98:d2:51:4a:83:62:6f:e4: c1:c0:49:8b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI0 QTNDMzZCNDIzNDdBQ0VGMzZFODRBNjZFNjlFRTU5QkVEOEI3NjAeFw0yNTA4MjMy MTA1MzlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQyQ0FFRUE2NjA2MENB MzMzODdCNTAxQkIxMjZEQ0ZCQjhDNDRFNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlden7yDcmMI6pc5HrDdOoS5RYd/KlGNEklMlPhBZfGUkV2u9e RpMJSNwhLNY4boyfd1dar0saU2uhMndcdSbFUasXdbuMJnS5YKB35ucUYviYEm81 WWIr1VYt4VhR3DVrD+04rA/uJDeOlIpNgdVJA/GvWOas3TM9pqtdZE9seI8OfJEJ baW5nyPu09mGgYQg9yqUmqAlD/VcHI2zLOKaZeWO74Xs7uAqzndcMHoKa2Y4x1hg jkmayZASmXM1tKzkhaswDaf675eMZMHMk6DcDeYY9G3z4yt4PE66l5jFG79GEF/w 780TvpyoOWiQZVG1LyCOIEIGXVhLMyuh+/ZrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUQsrupmBgyjM4e1AbsSbc+7jETk4wHwYDVR0jBBgwFoAUm0o8NrQjR6zvNuhK Zuae5Zvti3YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTA4 L20wbzhOclFqUjZ6dk51aEtadWFlNVp2dGkzWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbTBvOE5yUWpSNnp2TnVoS1p1YWU1WnZ0aTNZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTA4L20wbzhOclFqUjZ6dk51 aEtadWFlNVp2dGkzWS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQB7ycgi5lpjmEQFP4KY2zwddGHFBsLrCznymJSx5xPSQXl3amn8+D23KG+rt28m NOZpGSm59na3r4nw6TDeZ2nMPkBG9UJQt3YRXvU2+/sEsKhZxkJZcjxkex6YqknG zhFqpMmM4xlEe+DS5KC8yv0BR12g9SV34tEFK/UNnFPlFvZ/asXtkanMvuUCJFRm aAiH32pieXQD4bDIrNRQsurv6PdUro1vIi/lgWRrmeIC3R8sHyLwcTZMLg+v6ryr BcrK59h8rgBJPcvyXeSxXv9hjVkm4ziNVrRUDqBfGun18K0dWU7sMM+5RtHuNsGg 42ZhdobmmNJRSoNib+TBwEmL -----END CERTIFICATE-----Generated at Sun Aug 24 02:43:36 2025 by rpki-client