$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft File: m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft (raw, json) Hash identifier: cDvc3QnMmz5B2UWpBqNBwv6sXdk7/jw1DEfKs/6PuGg= Subject key identifier: 42:CA:EE:A6:60:60:CA:33:38:7B:50:1B:B1:26:DC:FB:B8:C4:4E:4E Authority key identifier: 9B:4A:3C:36:B4:23:47:AC:EF:36:E8:4A:66:E6:9E:E5:9B:ED:8B:76 Certificate issuer: /CN=9B4A3C36B42347ACEF36E84A66E69EE59BED8B76 Certificate serial: 1BC5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft Manifest number: 1BBE Signing time: Mon 20 Oct 2025 03:07:49 +0000 Manifest this update: Mon 20 Oct 2025 03:07:49 +0000 Manifest next update: Mon 20 Oct 2025 09:07:49 +0000 Files and hashes: 1: U8G90-YYRgh6k3HDnDRzn22nZOU.roa (hash: 1ypHTYDNhHGShZNbyXb5EDdy2PfInXRHSiQUuVslDdQ=) 2: gcv3IRtBMP0g_QP2HXkJ4IuRlKU.roa (hash: W4N2kLS/TBnU7hLEU2XcWlrf1fkrk2tPC5ARdXrekA0=) 3: m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl (hash: LKgMbam8NkvBg1uN6mB8e8lcdcONOOLzXllvo6Hfst0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7109 (0x1bc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B4A3C36B42347ACEF36E84A66E69EE59BED8B76 Validity Not Before: Oct 20 03:07:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=42CAEEA66060CA33387B501BB126DCFBB8C44E4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:75:e9:fb:c8:37:26:30:8e:a9:73:91:eb:0d: d3:a8:4b:94:58:77:f2:a5:18:d1:24:94:c9:4f:84: 16:5f:19:49:15:da:ef:5e:46:93:09:48:dc:21:2c: d6:38:6e:8c:9f:77:57:5a:af:4b:1a:53:6b:a1:32: 77:5c:75:26:c5:51:ab:17:75:bb:8c:26:74:b9:60: a0:77:e6:e7:14:62:f8:98:12:6f:35:59:62:2b:d5: 56:2d:e1:58:51:dc:35:6b:0f:ed:38:ac:0f:ee:24: 37:8e:94:8a:4d:81:d5:49:03:f1:af:58:e6:ac:dd: 33:3d:a6:ab:5d:64:4f:6c:78:8f:0e:7c:91:09:6d: a5:b9:9f:23:ee:d3:d9:86:81:84:20:f7:2a:94:9a: a0:25:0f:f5:5c:1c:8d:b3:2c:e2:9a:65:e5:8e:ef: 85:ec:ee:e0:2a:ce:77:5c:30:7a:0a:6b:66:38:c7: 58:60:8e:49:9a:c9:90:12:99:73:35:b4:ac:e4:85: ab:30:0d:a7:fa:ef:97:8c:64:c1:cc:93:a0:dc:0d: e6:18:f4:6d:f3:e3:2b:78:3c:4e:ba:97:98:c5:1b: bf:46:10:5f:f0:ef:cd:13:be:9c:a8:39:68:90:65: 51:b5:2f:20:8e:20:42:06:5d:58:4b:33:2b:a1:fb: f6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:CA:EE:A6:60:60:CA:33:38:7B:50:1B:B1:26:DC:FB:B8:C4:4E:4E X509v3 Authority Key Identifier: keyid:9B:4A:3C:36:B4:23:47:AC:EF:36:E8:4A:66:E6:9E:E5:9B:ED:8B:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/m0o8NrQjR6zvNuhKZuae5Zvti3Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/508/m0o8NrQjR6zvNuhKZuae5Zvti3Y.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:df:de:83:09:64:e0:8c:64:46:9b:23:6f:7d:fc:8a:82:a5: d6:23:2a:ba:3b:ac:86:f0:46:3b:a9:7b:15:4e:5b:76:d2:ff: 56:8f:d2:67:f4:50:eb:9d:5a:3d:72:73:be:41:d5:cd:56:ee: e5:cc:75:b2:ae:5f:51:7a:b5:57:ef:09:75:b0:fa:86:ec:ac: 6a:87:6e:24:c6:c9:df:5a:b6:d9:51:65:b9:32:04:69:d6:ad: 0b:7c:9d:72:34:bb:fb:82:60:64:09:6e:2d:f8:44:28:1a:50: 36:d4:21:02:f4:00:a4:77:34:ed:8b:13:70:cb:6d:b0:0a:8b: 4d:05:ae:67:82:a3:96:b8:6f:8e:81:cb:53:04:e9:73:f5:61: 27:91:b4:a9:85:2f:28:90:22:ce:ee:26:9d:88:6b:c9:03:8e: e9:a3:f2:e4:0f:59:20:62:9f:d2:e7:d1:fe:ec:55:3a:ba:28: c0:2a:b0:bf:fa:f9:29:67:23:73:e9:1f:60:f8:22:18:9c:27: 71:a8:50:bc:d8:4c:d6:80:a9:3f:8f:f2:f7:51:4c:b1:cd:38: 42:57:9a:b1:53:54:1a:68:84:93:fd:0a:50:7d:b1:6d:77:b4: d3:d8:a4:90:b9:a8:0b:51:81:6e:fd:61:77:ba:c7:fa:51:e6: 3c:3d:cc:ab -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICG8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI0 QTNDMzZCNDIzNDdBQ0VGMzZFODRBNjZFNjlFRTU5QkVEOEI3NjAeFw0yNTEwMjAw MzA3NDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQyQ0FFRUE2NjA2MENB MzMzODdCNTAxQkIxMjZEQ0ZCQjhDNDRFNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlden7yDcmMI6pc5HrDdOoS5RYd/KlGNEklMlPhBZfGUkV2u9e RpMJSNwhLNY4boyfd1dar0saU2uhMndcdSbFUasXdbuMJnS5YKB35ucUYviYEm81 WWIr1VYt4VhR3DVrD+04rA/uJDeOlIpNgdVJA/GvWOas3TM9pqtdZE9seI8OfJEJ baW5nyPu09mGgYQg9yqUmqAlD/VcHI2zLOKaZeWO74Xs7uAqzndcMHoKa2Y4x1hg jkmayZASmXM1tKzkhaswDaf675eMZMHMk6DcDeYY9G3z4yt4PE66l5jFG79GEF/w 780TvpyoOWiQZVG1LyCOIEIGXVhLMyuh+/ZrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUQsrupmBgyjM4e1AbsSbc+7jETk4wHwYDVR0jBBgwFoAUm0o8NrQjR6zvNuhK Zuae5Zvti3YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTA4 L20wbzhOclFqUjZ6dk51aEtadWFlNVp2dGkzWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbTBvOE5yUWpSNnp2TnVoS1p1YWU1WnZ0aTNZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTA4L20wbzhOclFqUjZ6dk51 aEtadWFlNVp2dGkzWS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAB396DCWTgjGRGmyNvffyKgqXWIyq6O6yG8EY7qXsVTlt20v9Wj9Jn9FDrnVo9 cnO+QdXNVu7lzHWyrl9RerVX7wl1sPqG7Kxqh24kxsnfWrbZUWW5MgRp1q0LfJ1y NLv7gmBkCW4t+EQoGlA21CEC9ACkdzTtixNwy22wCotNBa5ngqOWuG+OgctTBOlz 9WEnkbSphS8okCLO7iadiGvJA47po/LkD1kgYp/S59H+7FU6uijAKrC/+vkpZyNz 6R9g+CIYnCdxqFC82EzWgKk/j/L3UUyxzThCV5qxU1QaaIST/QpQfbFtd7TT2KSQ uagLUYFu/WF3usf6UeY8Pcyr -----END CERTIFICATE-----Generated at Mon Oct 20 05:52:29 2025 by rpki-client