$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft File: 71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft (raw, json) Hash identifier: 7YGGiCtaPfHBcJ96ytQ1zxpDZLGs0cFmtMu3Ar/U1lM= Subject key identifier: 1C:AC:F9:41:DF:1F:6E:F4:76:FC:D2:6B:EE:F6:3A:09:26:DB:6B:BE Authority key identifier: 71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E Certificate issuer: /CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Certificate serial: 38753DCBCF668B17CE2ECF4C4B7C88EDBAC2D064 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft Manifest number: 38 Signing time: Sun 01 Mar 2026 18:48:16 +0000 Manifest this update: Sun 01 Mar 2026 18:43:16 +0000 Manifest next update: Mon 02 Mar 2026 22:34:16 +0000 Files and hashes: 1: 34332e3234372e39322e302f32322d3232203d3e203633353637.roa (hash: TWBPIceMErTmM3bBa5s13kmWazMVd/xcv4XaT8mek6s=) 2: 71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl (hash: r7qrVp2jKnVyFJRGevODq3kgBVT/8u0FB7jtOp8BvpA=) 3: 34332e3234382e38302e302f32302d3230203d3e203633353637.roa (hash: VkQGCtVJyviO04wqgZyxJPSPG8lvhM5uDjyNdvHCq8s=) 4: 34332e3234382e3138342e302f32312d3231203d3e2034383337.roa (hash: jawpvfpnIh9qGodp6c/NHrzmXHiczZ41m82UYVYjACE=) 5: 34332e3234312e35312e302f32342d3234203d3e203633353637.roa (hash: xNq1x6rcWhlJtcLVmOS0CcdqSWIQcrWdeplRGbxlLaE=) 6: 34332e3232362e39362e302f32302d3230203d3e203633353637.roa (hash: Fmf8TYs3zzXnLl9iq8IFZg7QuqhisyZN3WSiZItCZJA=) 7: 34332e3234382e3138342e302f32312d3231203d3e203633353637.roa (hash: AIOWf2rnd3G5ICGkvrsyQlCoBqqePcJfvboxXn3EeP4=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 22:34:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:75:3d:cb:cf:66:8b:17:ce:2e:cf:4c:4b:7c:88:ed:ba:c2:d0:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Validity Not Before: Mar 1 18:43:16 2026 GMT Not After : Mar 2 22:34:16 2026 GMT Subject: CN=1CACF941DF1F6EF476FCD26BEEF63A0926DB6BBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:bb:09:4e:aa:d6:01:67:f6:00:04:5e:dc:e7: b4:f1:24:5d:21:5c:17:ed:44:c2:59:33:6a:69:a6: 4a:b9:99:88:da:95:a3:c1:93:57:ee:6a:35:6d:08: 96:61:ad:f5:2c:88:0f:d3:96:79:81:21:99:99:72: 11:a7:17:23:43:79:df:f5:d6:6f:81:7d:06:9d:4d: 36:3d:0f:ce:96:38:f7:0b:56:1a:e5:29:cc:5e:f0: 08:10:0b:c6:06:06:95:fc:9e:af:92:85:02:d3:91: 97:75:9a:c9:15:c9:ba:d5:6b:00:74:7f:1f:31:0d: 41:83:a8:34:96:5c:19:98:0a:64:59:9f:7d:dd:23: 06:8d:8a:43:36:a3:9c:43:d6:3d:51:77:d7:0f:8b: 1d:29:a0:cd:c4:7d:3c:7f:92:85:df:a8:ca:b7:fd: 29:b0:cb:c4:5b:c7:12:7f:96:a4:a1:58:de:10:fd: 77:62:1a:73:75:d7:04:09:f8:14:7c:69:19:1e:10: 11:87:fe:08:73:19:de:90:3d:33:51:6c:92:42:6f: 15:e6:e9:a4:b4:e9:cb:af:2e:b5:88:bd:84:ff:2d: 67:50:64:d5:b5:56:9d:f3:ff:02:ef:fc:14:d8:f6: 07:00:11:ec:c4:25:3d:19:ea:63:81:2b:25:9f:f3: 3b:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:AC:F9:41:DF:1F:6E:F4:76:FC:D2:6B:EE:F6:3A:09:26:DB:6B:BE X509v3 Authority Key Identifier: keyid:71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:25:3e:ed:6b:33:23:96:35:ae:23:2b:85:5c:6d:b3:1e:28: 3d:b7:31:f0:f1:f1:a0:7b:35:73:49:da:90:69:90:22:0c:2c: 26:2c:fa:2a:fe:ea:48:8f:2f:1e:90:f4:a9:62:8a:8d:bb:fa: 72:13:2f:29:00:4c:5f:57:3e:06:8c:50:69:e6:06:d1:00:83: a3:29:25:b1:68:31:5d:b4:46:d3:d8:d7:55:49:b4:e8:3b:71: c9:d4:50:20:b0:af:8c:6a:55:ed:23:7f:49:cf:4c:08:00:37: 3f:6a:bc:c6:4a:78:c9:bf:46:de:e2:b7:8f:85:62:49:4b:f7: 05:54:2f:8d:ec:03:6e:8c:66:b3:27:a0:73:f3:7e:3a:5b:6d: 7e:a3:fe:e5:c7:40:40:9e:27:e7:6b:3e:9f:1f:02:39:39:5c: c2:4c:db:93:81:d4:5c:18:e4:ce:9d:da:71:5b:fe:0c:ae:3d: d1:82:57:cf:b9:f9:8c:34:de:7a:89:2c:31:e4:45:d7:6c:db: 11:9f:4e:80:31:a8:ca:fc:a9:2e:65:d9:19:51:a4:8f:c1:59: a9:09:7b:d6:04:7e:66:9a:b7:e5:06:5f:af:a7:fd:77:b0:3d: da:5c:05:4c:15:f9:29:76:33:1c:de:56:d3:9b:e4:94:d2:b5: 83:41:ff:5f -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUOHU9y89mixfOLs9MS3yI7brC0GQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FD MjlBMjU0RTAeFw0yNjAzMDExODQzMTZaFw0yNjAzMDIyMjM0MTZaMDMxMTAvBgNV BAMTKDFDQUNGOTQxREYxRjZFRjQ3NkZDRDI2QkVFRjYzQTA5MjZEQjZCQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQuwlOqtYBZ/YABF7c57TxJF0h XBftRMJZM2pppkq5mYjalaPBk1fuajVtCJZhrfUsiA/TlnmBIZmZchGnFyNDed/1 1m+BfQadTTY9D86WOPcLVhrlKcxe8AgQC8YGBpX8nq+ShQLTkZd1mskVybrVawB0 fx8xDUGDqDSWXBmYCmRZn33dIwaNikM2o5xD1j1Rd9cPix0poM3EfTx/koXfqMq3 /Smwy8RbxxJ/lqShWN4Q/XdiGnN11wQJ+BR8aRkeEBGH/ghzGd6QPTNRbJJCbxXm 6aS06cuvLrWIvYT/LWdQZNW1Vp3z/wLv/BTY9gcAEezEJT0Z6mOBKyWf8zsVAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUHKz5Qd8fbvR2/NJr7vY6CSbba74wHwYDVR0j BBgwFoAUccm/5Mj9fnd6HJ5V36YKOsKaJU4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDc4NTc5NS8wLzcxQzlCRkU0QzhGRDdFNzc3QTFDOUU1NURGQTYw QTNBQzI5QTI1NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FDMjlBMjU0RS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ3ODU3OTUvMC83MUM5QkZFNEM4RkQ3 RTc3N0ExQzlFNTVERkE2MEEzQUMyOUEyNTRFLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyU+7WszI5Y1 riMrhVxtsx4oPbcx8PHxoHs1c0nakGmQIgwsJiz6Kv7qSI8vHpD0qWKKjbv6chMv KQBMX1c+BoxQaeYG0QCDoyklsWgxXbRG09jXVUm06DtxydRQILCvjGpV7SN/Sc9M CAA3P2q8xkp4yb9G3uK3j4ViSUv3BVQvjewDboxmsyegc/N+OlttfqP+5cdAQJ4n 52s+nx8COTlcwkzbk4HUXBjkzp3acVv+DK490YJXz7n5jDTeeoksMeRF12zbEZ9O gDGoyvypLmXZGVGkj8FZqQl71gR+Zpq35QZfr6f9d7A92lwFTBX5KXYzHN5W05vk lNK1g0H/Xw== -----END CERTIFICATE-----Generated at Mon Mar 2 12:21:26 2026 by rpki-client