$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft File: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft (raw, json) Hash identifier: 0q0+/1K+AwRguEciw+QxcYhKhHL/IHHZURNOoEfoTsg= Subject key identifier: 64:F2:18:D4:8F:F1:9D:4F:10:4F:7C:FB:F7:C2:EA:29:8A:E1:0F:05 Authority key identifier: 67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 Certificate issuer: /CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Certificate serial: 325172F4C7128C7CFA628D9983DC40DB51728A66 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft Manifest number: 3A Signing time: Mon 02 Mar 2026 05:58:16 +0000 Manifest this update: Mon 02 Mar 2026 05:53:16 +0000 Manifest next update: Tue 03 Mar 2026 08:29:16 +0000 Files and hashes: 1: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl (hash: Dl30mH3WZ89aSvT+BYRBBpEHjJqnP/xQTO7ExGhEvnE=) 2: 3130332e3134302e31342e302f32332d3332203d3e203137363231.roa (hash: 2cWU5UH8whnz87agI1VludkKe4lf2cSxtmFnl04vmyI=) 3: 3130332e3134302e31342e302f32332d3332203d3e20313339303931.roa (hash: Dm1g3UjQyhGbjlFkBoWW9J4T2d5S6s8go1jP82Lkdfk=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 04:07:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:51:72:f4:c7:12:8c:7c:fa:62:8d:99:83:dc:40:db:51:72:8a:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Validity Not Before: Mar 2 05:53:16 2026 GMT Not After : Mar 3 08:29:16 2026 GMT Subject: CN=64F218D48FF19D4F104F7CFBF7C2EA298AE10F05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:74:56:27:a3:c8:fc:e0:38:76:ff:f0:27:42: 28:fd:29:6e:d4:b3:95:91:8c:18:d2:06:f0:0e:c8: 8c:90:88:4c:3b:01:58:0e:ba:87:c3:c6:4c:00:c7: 2b:e3:3d:14:e5:20:cd:5e:80:3c:b6:4d:eb:4e:38: cf:b3:f4:2e:7f:97:0c:6e:34:79:01:bd:37:49:03: c2:c4:e6:30:ee:5c:85:e3:34:a5:44:f8:11:5f:8a: ee:df:98:dd:03:f2:8a:4d:61:34:66:89:7b:a7:0c: a3:ee:16:04:3b:e9:f6:c5:ef:19:17:26:23:05:a1: c1:69:e6:91:40:84:4d:df:3c:6e:01:1f:66:92:7b: 08:ea:42:87:e9:c6:f7:24:c5:0c:02:65:97:8c:db: 1e:eb:1c:63:44:c4:5c:0f:1c:a2:81:93:a6:75:9d: 92:19:5d:fd:db:2f:eb:0d:dc:cb:ca:10:4b:aa:37: 44:bc:63:db:2a:e7:e4:d6:9e:83:41:62:ef:f6:91: 11:22:f5:0d:6e:ba:37:11:81:d9:8d:28:a4:1b:79: ac:9e:8d:3c:72:63:fe:e9:75:5d:07:53:c8:4f:30: f5:f7:15:7f:61:58:67:d4:fa:10:ee:70:1c:64:e5: d2:d9:b8:74:63:40:a6:2a:94:19:c0:b5:3d:4a:87: 75:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:F2:18:D4:8F:F1:9D:4F:10:4F:7C:FB:F7:C2:EA:29:8A:E1:0F:05 X509v3 Authority Key Identifier: keyid:67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:b3:f8:12:0f:13:e8:78:3d:b5:c2:e5:bf:9b:36:db:d9:f4: a5:3f:a5:dc:16:5b:b8:ee:5f:31:7d:be:6e:9e:c6:9b:8e:3e: 0f:d2:ee:ba:10:c7:73:7b:9f:9a:7b:f4:ad:db:e3:cc:1d:26: 0f:89:f8:25:68:ca:df:15:e8:f4:33:ca:e0:49:eb:73:45:24: 62:3b:16:94:31:42:5d:ba:aa:f9:45:c4:45:7c:51:42:28:e9: 7e:e9:57:c9:43:a3:f2:18:f0:09:75:35:3e:6f:4f:15:2f:da: d8:15:fd:a4:11:70:12:fa:8f:49:89:b0:f2:9e:77:57:06:9f: d4:9f:d6:1d:69:48:7e:be:71:72:54:e3:bc:1c:e8:a9:ab:69: 9b:92:2b:0e:11:76:ed:f3:b8:5c:b9:3f:dd:41:3f:e4:ab:b6: 64:65:9f:bb:5d:3e:85:ae:02:ea:b9:4e:ba:06:28:b7:e1:fd: b2:01:2e:47:17:7f:7b:6c:8c:ac:89:7e:12:34:e2:f0:6e:5b: ed:62:03:da:98:61:c3:3b:bb:c7:b8:bb:48:24:3a:21:f9:79: ae:81:5e:26:4c:b6:3c:a7:d4:e9:c4:ee:58:cd:aa:c4:d9:db: 76:8d:92:92:59:ea:98:a4:bc:5c:27:0e:73:42:cc:91:ee:74: 98:a5:a8:7e -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUMlFy9McSjHz6Yo2Zg9xA21FyimYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZF MEEyNTMxNjAeFw0yNjAzMDIwNTUzMTZaFw0yNjAzMDMwODI5MTZaMDMxMTAvBgNV BAMTKDY0RjIxOEQ0OEZGMTlENEYxMDRGN0NGQkY3QzJFQTI5OEFFMTBGMDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDadFYno8j84Dh2//AnQij9KW7U s5WRjBjSBvAOyIyQiEw7AVgOuofDxkwAxyvjPRTlIM1egDy2TetOOM+z9C5/lwxu NHkBvTdJA8LE5jDuXIXjNKVE+BFfiu7fmN0D8opNYTRmiXunDKPuFgQ76fbF7xkX JiMFocFp5pFAhE3fPG4BH2aSewjqQofpxvckxQwCZZeM2x7rHGNExFwPHKKBk6Z1 nZIZXf3bL+sN3MvKEEuqN0S8Y9sq5+TWnoNBYu/2kREi9Q1uujcRgdmNKKQbeaye jTxyY/7pdV0HU8hPMPX3FX9hWGfU+hDucBxk5dLZuHRjQKYqlBnAtT1Kh3VHAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUZPIY1I/xnU8QT3z798LqKYrhDwUwHwYDVR0j BBgwFoAUZ5ZtNO+/TLz7AM+cIEU5v+CiUxYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4Mjc0MTU3Nzg1OTA3NC8wLzY3OTY2RDM0RUZCRjRDQkNGQjAwQ0Y5QzIwNDUz OUJGRTBBMjUzMTYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZFMEEyNTMxNi5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODI3NDE1Nzc4NTkwNzQvMC82Nzk2NkQzNEVGQkY0 Q0JDRkIwMENGOUMyMDQ1MzlCRkUwQTI1MzE2Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf7P4Eg8T6Hg9 tcLlv5s229n0pT+l3BZbuO5fMX2+bp7Gm44+D9LuuhDHc3ufmnv0rdvjzB0mD4n4 JWjK3xXo9DPK4Enrc0UkYjsWlDFCXbqq+UXERXxRQijpfulXyUOj8hjwCXU1Pm9P FS/a2BX9pBFwEvqPSYmw8p53Vwaf1J/WHWlIfr5xclTjvBzoqatpm5IrDhF27fO4 XLk/3UE/5Ku2ZGWfu10+ha4C6rlOugYot+H9sgEuRxd/e2yMrIl+EjTi8G5b7WID 2phhwzu7x7i7SCQ6Ifl5roFeJky2PKfU6cTuWM2qxNnbdo2SklnqmKS8XCcOc0LM ke50mKWofg== -----END CERTIFICATE-----Generated at Mon Mar 2 11:42:26 2026 by rpki-client