$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft File: D9EB5C6DC17682949F5243587DA38740C3EEA953.mft (raw, json) Hash identifier: qPmUtuOTGJJAu3Cx+IbbG25hTVMrfHhvnkKbyCvaC8w= Subject key identifier: D5:84:BC:6B:3C:E2:37:80:49:2D:DE:69:2D:DC:32:95:96:30:63:AC Authority key identifier: D9:EB:5C:6D:C1:76:82:94:9F:52:43:58:7D:A3:87:40:C3:EE:A9:53 Certificate issuer: /CN=D9EB5C6DC17682949F5243587DA38740C3EEA953 Certificate serial: 2CD622EC10F534FB9B8CD03174026910BF298A35 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft Manifest number: 39 Signing time: Mon 02 Mar 2026 06:48:16 +0000 Manifest this update: Mon 02 Mar 2026 06:43:16 +0000 Manifest next update: Tue 03 Mar 2026 08:45:16 +0000 Files and hashes: 1: 3131392e3136312e3134342e302f32312d3234203d3e203633363331.roa (hash: WUSgHCOBVUebvdwfVgY5RDlp2/uC/v+NAYmc5JoVMPE=) 2: 323430373a393038303a3a2f33322d3634203d3e203633363331.roa (hash: RtOoe4RmLFL3YbHfpUMA6V286a2QhifPZV7nvutl6kg=) 3: 3131392e3136312e3135322e302f32312d3234203d3e203633363331.roa (hash: BBTRwX86DtfzxU9rTrkCfkvyq+j6Fyat/htWxMwmilE=) 4: 3131392e3136312e3136302e302f32312d3234203d3e203633363331.roa (hash: fm9f22URXj00X+QlA/PpQ/F1F4uphlfQee6cITcqhgg=) 5: 3131392e3136312e3133362e302f32312d3234203d3e203633363331.roa (hash: q975HSO7Atv6pgfxEXanM5WMHvz/cN828nBH1I+FNos=) 6: D9EB5C6DC17682949F5243587DA38740C3EEA953.crl (hash: H5Zh2cOvCsPwdq3gE2pNLsTBysT1tfOstk2ac0es9Qw=) 7: 3131392e3136312e3133382e302f32342d3234203d3e203633363331.roa (hash: TT0ksNomih+B2jCsvyApNDhVN1yErVHUo6JYmbCpCys=) 8: 323430373a386238303a3a2f33322d3634203d3e203633363331.roa (hash: WdIf6CkgwHhBtmwW9wC8z2X2aD7F1CPhNusCG6l7zvk=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.crl rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 04:07:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:d6:22:ec:10:f5:34:fb:9b:8c:d0:31:74:02:69:10:bf:29:8a:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9EB5C6DC17682949F5243587DA38740C3EEA953 Validity Not Before: Mar 2 06:43:16 2026 GMT Not After : Mar 3 08:45:16 2026 GMT Subject: CN=D584BC6B3CE23780492DDE692DDC3295963063AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:7a:ab:f6:fe:4e:91:df:e3:f9:76:a9:5b:f0: cc:fd:ef:19:b9:86:55:e9:bd:ee:9a:b0:fe:5b:84: 21:ca:6d:65:3d:ca:96:8c:73:9b:70:85:ce:31:ad: 7f:d2:43:e5:80:27:94:94:d7:be:c4:c0:21:67:3f: fa:11:d4:0f:a4:b7:cb:77:34:b9:97:0c:6f:1b:a2: be:be:fe:35:fa:65:13:37:32:23:d3:d1:81:8d:08: 90:10:6e:70:0c:ae:4a:d0:82:d5:1a:9b:84:ce:68: 12:50:10:49:5b:5c:3a:40:76:c4:ae:29:e1:a4:7c: 09:a0:17:6b:a3:24:88:3b:22:28:18:2f:62:60:3a: e6:6c:ed:c5:a1:09:cf:71:8f:9e:6c:32:1e:c6:85: d5:bb:e2:be:9f:7d:86:2d:3c:e6:4f:d4:b6:79:04: dc:c3:75:a7:58:ef:4d:c5:0a:2e:65:b3:d8:48:72: 0a:25:dd:a5:8c:26:21:07:80:10:c9:7b:cf:b5:94: 97:21:fe:88:b9:4d:40:7b:8e:9c:3b:b6:dc:38:13: b6:d3:61:cf:0d:71:14:36:a3:d5:b1:0b:33:d2:6b: 30:6a:54:ad:e2:19:af:4d:aa:f3:50:46:95:a1:9e: ad:65:e2:66:10:0b:13:f7:f0:19:f5:91:cc:de:ed: 25:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:84:BC:6B:3C:E2:37:80:49:2D:DE:69:2D:DC:32:95:96:30:63:AC X509v3 Authority Key Identifier: keyid:D9:EB:5C:6D:C1:76:82:94:9F:52:43:58:7D:A3:87:40:C3:EE:A9:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D9EB5C6DC17682949F5243587DA38740C3EEA953.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582330346864641/0/D9EB5C6DC17682949F5243587DA38740C3EEA953.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:9b:9f:b3:32:1a:f1:75:5c:f1:54:bd:8a:0e:83:ca:bc:69: fa:9e:e6:9d:49:23:c2:70:18:8d:df:51:74:b2:69:5d:d3:4d: cb:be:b3:26:e6:3c:ab:65:f6:59:7d:00:f2:ae:94:8f:76:9d: be:1a:73:b1:e1:0e:11:22:e6:10:e7:5f:27:64:6f:c9:ea:1d: ce:04:e8:85:51:45:3a:29:01:1a:52:7d:39:2a:89:0b:41:aa: c3:e8:12:3e:aa:4a:82:bd:e0:d4:58:76:8b:c0:13:1c:2a:ec: e6:b1:84:71:cb:77:33:ae:f1:25:1b:97:fe:2b:ba:17:95:43: 4a:b3:6d:1a:b4:10:c4:53:59:81:52:66:58:1f:04:b5:d8:ca: 98:63:b8:3e:b0:68:f7:31:08:6f:86:09:ed:fd:02:10:95:c1: 8f:70:f6:c0:23:be:c9:f4:fe:c8:46:0e:8b:e6:c3:42:8d:00: 5e:05:f5:35:7c:8a:fe:2c:67:1f:a9:c0:68:74:46:e6:21:d0: fe:ae:93:84:42:49:55:41:a6:8a:44:95:05:ff:ad:b5:34:13: c3:b1:44:7a:fa:7c:9f:f1:20:73:0e:0f:e0:37:b5:ee:25:3a: de:96:19:94:e5:ea:1f:ab:4a:96:0b:56:e1:95:ee:16:dc:f4: a4:b8:f4:66 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIULNYi7BD1NPubjNAxdAJpEL8pijUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlFQjVDNkRDMTc2ODI5NDlGNTI0MzU4N0RBMzg3NDBD M0VFQTk1MzAeFw0yNjAzMDIwNjQzMTZaFw0yNjAzMDMwODQ1MTZaMDMxMTAvBgNV BAMTKEQ1ODRCQzZCM0NFMjM3ODA0OTJEREU2OTJEREMzMjk1OTYzMDYzQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzeqv2/k6R3+P5dqlb8Mz97xm5 hlXpve6asP5bhCHKbWU9ypaMc5twhc4xrX/SQ+WAJ5SU177EwCFnP/oR1A+kt8t3 NLmXDG8bor6+/jX6ZRM3MiPT0YGNCJAQbnAMrkrQgtUam4TOaBJQEElbXDpAdsSu KeGkfAmgF2ujJIg7IigYL2JgOuZs7cWhCc9xj55sMh7GhdW74r6ffYYtPOZP1LZ5 BNzDdadY703FCi5ls9hIcgol3aWMJiEHgBDJe8+1lJch/oi5TUB7jpw7ttw4E7bT Yc8NcRQ2o9WxCzPSazBqVK3iGa9NqvNQRpWhnq1l4mYQCxP38Bn1kcze7SW7AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU1YS8azziN4BJLd5pLdwylZYwY6wwHwYDVR0j BBgwFoAU2etcbcF2gpSfUkNYfaOHQMPuqVMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4MjMzMDM0Njg2NDY0MS8wL0Q5RUI1QzZEQzE3NjgyOTQ5RjUyNDM1ODdEQTM4 NzQwQzNFRUE5NTMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDlFQjVDNkRDMTc2ODI5NDlGNTI0MzU4N0RBMzg3NDBDM0VFQTk1My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODIzMzAzNDY4NjQ2NDEvMC9EOUVCNUM2REMxNzY4 Mjk0OUY1MjQzNTg3REEzODc0MEMzRUVBOTUzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM5ufszIa8XVc 8VS9ig6Dyrxp+p7mnUkjwnAYjd9RdLJpXdNNy76zJuY8q2X2WX0A8q6Uj3advhpz seEOESLmEOdfJ2RvyeodzgTohVFFOikBGlJ9OSqJC0Gqw+gSPqpKgr3g1Fh2i8AT HCrs5rGEcct3M67xJRuX/iu6F5VDSrNtGrQQxFNZgVJmWB8EtdjKmGO4PrBo9zEI b4YJ7f0CEJXBj3D2wCO+yfT+yEYOi+bDQo0AXgX1NXyK/ixnH6nAaHRG5iHQ/q6T hEJJVUGmikSVBf+ttTQTw7FEevp8n/Egcw4P4De17iU63pYZlOXqH6tKlgtW4ZXu Ftz0pLj0Zg== -----END CERTIFICATE-----Generated at Mon Mar 2 10:45:17 2026 by rpki-client