$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft File: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft (raw, json) Hash identifier: bXawPa0u/Gcb38wKU5+JHZK5+1W1JtHGW/30D2oZfk8= Subject key identifier: A2:47:49:63:D7:C1:60:4A:B0:93:FA:EF:02:1B:1B:42:83:9A:41:12 Authority key identifier: D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 Certificate issuer: /CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Certificate serial: 35C3009967394380D8CECE7D53C778354AF05CCA Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft Manifest number: 76 Signing time: Fri 17 Apr 2026 04:54:40 +0000 Manifest this update: Fri 17 Apr 2026 04:49:40 +0000 Manifest next update: Sat 18 Apr 2026 06:28:40 +0000 Files and hashes: 1: 323430623a613030303a6663333a3a2f34382d3438203d3e20313531333033.roa (hash: TiSdjmUDUZ7Io/2Ke/Pu2qkV+pzBX0aVcs8lYCtTick=) 2: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl (hash: zkAOp/Jeus+e5vZyjLlNoAzcphQXf/ID1OwhbJP4+7M=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 06:28:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:c3:00:99:67:39:43:80:d8:ce:ce:7d:53:c7:78:35:4a:f0:5c:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Validity Not Before: Apr 17 04:49:40 2026 GMT Not After : Apr 18 06:28:40 2026 GMT Subject: CN=A2474963D7C1604AB093FAEF021B1B42839A4112 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f6:ba:ea:8a:d8:da:2a:e0:9a:87:8b:44:d7: 66:d2:f2:2d:25:9b:73:e6:a2:fd:73:ff:01:bd:da: be:87:c1:4c:30:69:ac:40:4a:86:bc:52:ec:1d:27: 8e:61:86:cd:47:4d:be:32:61:dc:13:db:26:6c:eb: f1:f7:2d:53:32:79:27:51:6b:16:5e:c1:78:23:d8: 6e:3a:21:e1:c1:53:bf:d4:59:83:e5:c8:60:33:a7: b1:16:19:fe:4e:4d:db:2f:7c:e7:d6:80:d5:5b:b8: 7b:bf:38:7d:c9:b8:11:6a:1a:16:13:4f:37:94:68: 64:92:24:f7:f8:e0:13:52:5f:e3:d7:49:45:91:88: 50:46:06:41:26:ec:97:a9:4c:72:7f:3e:67:61:c6: 3d:53:b9:d4:4d:d6:81:c9:30:b2:41:3f:c7:37:0c: 5a:bb:2d:ba:32:3f:80:46:dd:85:49:af:da:cd:06: 63:ae:bc:62:a3:69:ac:a7:a8:51:4f:e7:4d:90:56: a3:b2:c5:9f:a5:fd:4c:53:4f:0e:03:6c:e0:88:cd: f7:bf:79:5b:91:3b:72:5f:6e:0e:88:cd:91:d4:91: 58:d1:54:7e:87:69:ed:1f:46:b6:f7:77:2d:cb:21: 67:f7:25:89:a3:12:36:3e:89:bb:12:fc:77:a1:be: d2:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:47:49:63:D7:C1:60:4A:B0:93:FA:EF:02:1B:1B:42:83:9A:41:12 X509v3 Authority Key Identifier: keyid:D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:5a:d3:0b:25:03:ab:04:2c:da:4c:04:a4:40:37:8f:df:0c: 63:e5:88:8f:20:f8:d7:52:3e:e9:16:90:35:5e:dd:3d:d8:41: 0b:d1:61:d8:66:3d:0d:03:1b:20:73:03:5d:ef:67:db:e0:9f: f6:2f:d5:6d:4d:f1:38:ba:1d:c8:2b:22:ba:93:cc:41:6c:ad: c9:dd:39:5c:e4:df:82:2c:ca:c9:b9:6e:14:00:a8:bc:e7:0e: a9:21:09:df:69:f7:ba:dd:24:ea:06:3f:ca:ab:de:ee:58:34: 82:f7:f3:ff:b8:9b:fb:d9:73:68:ac:a2:8d:99:b7:36:eb:9d: 56:9f:35:66:bc:e6:37:c1:f2:7c:84:0e:be:fb:69:83:2a:5a: d5:89:08:98:3b:5d:f7:e3:4e:cb:b7:e8:70:e3:08:db:43:7c: 0b:c3:5d:0f:47:ad:79:77:93:69:c7:a6:eb:3e:b8:34:04:fe: 2a:a9:87:d3:42:ec:d3:44:72:6c:d2:b1:e5:f3:65:84:19:c4: 34:58:6d:48:de:e9:d3:0b:30:a9:b7:48:68:c3:80:8a:cb:40: f2:5d:19:47:e0:e6:47:5e:58:34:09:c0:50:da:66:d8:19:6b: 35:83:d9:83:b9:d6:f5:65:6f:32:4b:78:d3:d7:03:2a:a0:06: 26:ce:0f:e9 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUNcMAmWc5Q4DYzs59U8d4NUrwXMowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRC Q0FEMTk0MzAeFw0yNjA0MTcwNDQ5NDBaFw0yNjA0MTgwNjI4NDBaMDMxMTAvBgNV BAMTKEEyNDc0OTYzRDdDMTYwNEFCMDkzRkFFRjAyMUIxQjQyODM5QTQxMTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy9rrqitjaKuCah4tE12bS8i0l m3Pmov1z/wG92r6HwUwwaaxASoa8UuwdJ45hhs1HTb4yYdwT2yZs6/H3LVMyeSdR axZewXgj2G46IeHBU7/UWYPlyGAzp7EWGf5OTdsvfOfWgNVbuHu/OH3JuBFqGhYT TzeUaGSSJPf44BNSX+PXSUWRiFBGBkEm7JepTHJ/Pmdhxj1TudRN1oHJMLJBP8c3 DFq7LboyP4BG3YVJr9rNBmOuvGKjaaynqFFP502QVqOyxZ+l/UxTTw4DbOCIzfe/ eVuRO3Jfbg6IzZHUkVjRVH6Hae0fRrb3dy3LIWf3JYmjEjY+ibsS/HehvtINAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUokdJY9fBYEqwk/rvAhsbQoOaQRIwHwYDVR0j BBgwFoAU0v8dfG3x3XdaYQaXDQX/RLytGUMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTM4OTI2NTU1MTM2MS8wL0QyRkYxRDdDNkRGMURENzc1QTYxMDY5NzBEMDVG RjQ0QkNBRDE5NDMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRCQ0FEMTk0My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU1NTEzNjEvMC9EMkZGMUQ3QzZERjFE RDc3NUE2MTA2OTcwRDA1RkY0NEJDQUQxOTQzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFrTCyUDqwQs 2kwEpEA3j98MY+WIjyD411I+6RaQNV7dPdhBC9Fh2GY9DQMbIHMDXe9n2+Cf9i/V bU3xOLodyCsiupPMQWytyd05XOTfgizKybluFACovOcOqSEJ32n3ut0k6gY/yqve 7lg0gvfz/7ib+9lzaKyijZm3NuudVp81ZrzmN8HyfIQOvvtpgypa1YkImDtd9+NO y7focOMI20N8C8NdD0eteXeTacem6z64NAT+KqmH00Ls00RybNKx5fNlhBnENFht SN7p0wswqbdIaMOAistA8l0ZR+DmR15YNAnAUNpm2BlrNYPZg7nW9WVvMkt409cD KqAGJs4P6Q== -----END CERTIFICATE-----Generated at Fri Apr 17 17:18:36 2026 by rpki-client