$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265420289/0/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.mft File: 3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.mft (raw, json) Hash identifier: Esp99N1hcXZm1gqB6SypkOeGeb5AJ1cuV0wrHb2eHu8= Subject key identifier: 43:0D:BD:2B:2D:0B:AD:AB:85:8E:79:91:96:43:F7:90:A1:BF:E1:BD Authority key identifier: 3D:01:CD:69:28:DD:E8:D2:6A:C9:62:65:F1:F9:04:C7:2F:1A:12:B8 Certificate issuer: /CN=3D01CD6928DDE8D26AC96265F1F904C72F1A12B8 Certificate serial: 3BE78123023C8C276BF6920EC1352B624D4D42F7 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585389265420289/0/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.mft Manifest number: 38 Signing time: Mon 02 Mar 2026 03:28:16 +0000 Manifest this update: Mon 02 Mar 2026 03:23:16 +0000 Manifest next update: Tue 03 Mar 2026 04:01:16 +0000 Files and hashes: 1: 3130332e3231392e38362e302f32332d3234203d3e20313532333230.roa (hash: y9Nb3BhAesAhC0Yz2nuugVvW5UakXURGQvAzLngRYos=) 2: 3130332e3231392e38352e302f32342d3234203d3e20313532333230.roa (hash: m2V99zSF93yuAoBUSJ81tqRCkxDUa+Q9dv+b/3LsrzA=) 3: 3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.crl (hash: MfsEJCGL24VB3LalHi3vlYocv7/kZlufxLQ5Mlx0jcA=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585389265420289/0/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.crl rsync://rpki-rps.cnnic.cn/repo/A1065585389265420289/0/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 04:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:e7:81:23:02:3c:8c:27:6b:f6:92:0e:c1:35:2b:62:4d:4d:42:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D01CD6928DDE8D26AC96265F1F904C72F1A12B8 Validity Not Before: Mar 2 03:23:16 2026 GMT Not After : Mar 3 04:01:16 2026 GMT Subject: CN=430DBD2B2D0BADAB858E79919643F790A1BFE1BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:85:d2:90:3f:32:93:f7:ee:d8:a6:bf:8f:8e: 67:9f:13:2b:27:ab:94:6b:6c:6a:26:d0:82:25:fa: f6:69:10:2f:1f:af:1c:fc:75:3d:13:23:d9:9f:34: c9:46:42:23:6f:e5:ae:34:f7:35:5a:23:fc:5a:1b: 96:bb:07:d8:ec:4a:ed:d5:43:bd:4c:ea:fc:b6:4a: a9:a0:02:52:1a:02:02:7e:34:1e:95:29:2f:3f:00: b0:ec:5a:23:b7:8c:8e:93:83:c7:04:e0:44:2b:80: b9:35:94:89:1a:d1:50:1d:49:92:b0:ae:d7:ba:92: b9:1a:e5:fa:6f:5a:3d:c2:43:e3:24:4d:fe:b2:dc: 4c:63:65:ff:ed:3c:9a:13:2d:39:73:c7:f2:41:f7: f4:5d:de:d4:45:0d:fc:24:b5:5f:ef:ab:d8:63:7a: ae:9e:2c:6e:69:07:57:e3:ce:38:2d:ed:eb:63:cd: 2d:8c:5a:ca:11:6f:c0:d6:a3:eb:9b:c0:83:21:db: 6d:b4:b5:87:ba:1b:7c:93:5f:8b:b8:43:49:0f:1a: 6b:92:fa:9f:cc:b9:b8:39:e9:99:9b:10:4a:42:02: ab:64:af:b7:87:47:9b:48:24:e8:c6:89:ef:48:03: 71:c4:86:42:3e:f0:57:bc:a2:09:ae:b6:46:b6:e4: 7a:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:0D:BD:2B:2D:0B:AD:AB:85:8E:79:91:96:43:F7:90:A1:BF:E1:BD X509v3 Authority Key Identifier: keyid:3D:01:CD:69:28:DD:E8:D2:6A:C9:62:65:F1:F9:04:C7:2F:1A:12:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265420289/0/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265420289/0/3D01CD6928DDE8D26AC96265F1F904C72F1A12B8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:77:92:31:e8:24:c5:3b:cf:d0:3e:5e:e1:62:78:6d:a1:41: cd:8f:7f:d0:66:95:4a:2a:9e:4e:88:5b:a3:c7:32:b0:c9:a0: 79:21:44:2b:84:f1:49:6a:86:2a:c4:d4:2d:05:72:45:e4:64: e1:05:8d:c4:40:9f:42:85:5a:c8:db:1a:d5:f8:ff:2d:c6:29: af:a4:61:eb:14:7f:7b:35:0c:18:5d:71:74:58:6f:ce:1b:66: 9a:b9:c0:02:f6:52:00:81:44:40:0e:22:55:66:4b:9c:53:06: 04:b1:5f:de:2c:66:e9:b5:08:9e:53:55:65:a3:cc:09:95:d9: 63:63:86:57:55:e4:35:7e:d2:c5:83:e6:20:f8:7d:4c:4c:a6: 6b:68:3b:29:97:a7:c4:43:b2:56:a5:f2:7e:b1:0f:b9:10:95: d8:cd:f3:81:76:32:47:d1:fd:b6:e1:6d:e8:90:9b:00:09:c1: e3:3a:75:7d:0a:43:14:2d:61:5f:8e:66:38:90:1f:d5:08:e5: 9f:0c:99:2d:c7:05:48:87:a3:42:20:d5:87:58:81:91:57:35: 33:ee:d1:c5:24:34:1f:6e:eb:bd:9a:f1:de:45:8c:1e:d2:fc: 3f:c0:71:a1:d2:a3:d0:44:dd:33:50:6f:ba:ba:87:07:83:ef: e1:e9:42:f8 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUO+eBIwI8jCdr9pIOwTUrYk1NQvcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QwMUNENjkyOERERThEMjZBQzk2MjY1RjFGOTA0Qzcy RjFBMTJCODAeFw0yNjAzMDIwMzIzMTZaFw0yNjAzMDMwNDAxMTZaMDMxMTAvBgNV BAMTKDQzMERCRDJCMkQwQkFEQUI4NThFNzk5MTk2NDNGNzkwQTFCRkUxQkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWhdKQPzKT9+7Ypr+PjmefEysn q5RrbGom0IIl+vZpEC8frxz8dT0TI9mfNMlGQiNv5a409zVaI/xaG5a7B9jsSu3V Q71M6vy2SqmgAlIaAgJ+NB6VKS8/ALDsWiO3jI6Tg8cE4EQrgLk1lIka0VAdSZKw rte6krka5fpvWj3CQ+MkTf6y3ExjZf/tPJoTLTlzx/JB9/Rd3tRFDfwktV/vq9hj eq6eLG5pB1fjzjgt7etjzS2MWsoRb8DWo+ubwIMh2220tYe6G3yTX4u4Q0kPGmuS +p/Mubg56ZmbEEpCAqtkr7eHR5tIJOjGie9IA3HEhkI+8Fe8ogmutka25HprAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUQw29Ky0LrauFjnmRlkP3kKG/4b0wHwYDVR0j BBgwFoAUPQHNaSjd6NJqyWJl8fkExy8aErgwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTM4OTI2NTQyMDI4OS8wLzNEMDFDRDY5MjhEREU4RDI2QUM5NjI2NUYxRjkw NEM3MkYxQTEyQjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvM0QwMUNENjkyOERERThEMjZBQzk2MjY1RjFGOTA0QzcyRjFBMTJCOC5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU0MjAyODkvMC8zRDAxQ0Q2OTI4RERF OEQyNkFDOTYyNjVGMUY5MDRDNzJGMUExMkI4Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn3eSMegkxTvP 0D5e4WJ4baFBzY9/0GaVSiqeTohbo8cysMmgeSFEK4TxSWqGKsTULQVyReRk4QWN xECfQoVayNsa1fj/LcYpr6Rh6xR/ezUMGF1xdFhvzhtmmrnAAvZSAIFEQA4iVWZL nFMGBLFf3ixm6bUInlNVZaPMCZXZY2OGV1XkNX7SxYPmIPh9TEyma2g7KZenxEOy VqXyfrEPuRCV2M3zgXYyR9H9tuFt6JCbAAnB4zp1fQpDFC1hX45mOJAf1QjlnwyZ LccFSIejQiDVh1iBkVc1M+7RxSQ0H27rvZrx3kWMHtL8P8BxodKj0ETdM1BvurqH B4Pv4elC+A== -----END CERTIFICATE-----Generated at Mon Mar 2 18:20:48 2026 by rpki-client