$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft File: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft (raw, json) Hash identifier: EfM/qD4777nz3eS+BR4n8a2bPGdbNxDM54ls5z5eNW8= Subject key identifier: 19:19:E4:7D:89:F9:FD:F1:E3:01:01:FA:66:5D:44:C9:DA:72:4E:E0 Authority key identifier: D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 Certificate issuer: /CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Certificate serial: 3442FCF09C5466A0A1F40D747099C9D46DD6BF2E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft Manifest number: 39 Signing time: Mon 02 Mar 2026 04:28:16 +0000 Manifest this update: Mon 02 Mar 2026 04:23:16 +0000 Manifest next update: Tue 03 Mar 2026 07:37:16 +0000 Files and hashes: 1: 323430623a613030303a6663333a3a2f34382d3438203d3e20313531333033.roa (hash: TiSdjmUDUZ7Io/2Ke/Pu2qkV+pzBX0aVcs8lYCtTick=) 2: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl (hash: bLszx1fWtnwKp+nh2cKm1feiEDul6xeTd2mM62qcay0=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 04:07:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:42:fc:f0:9c:54:66:a0:a1:f4:0d:74:70:99:c9:d4:6d:d6:bf:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Validity Not Before: Mar 2 04:23:16 2026 GMT Not After : Mar 3 07:37:16 2026 GMT Subject: CN=1919E47D89F9FDF1E30101FA665D44C9DA724EE0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:cf:8c:0d:40:c0:2a:11:e0:8e:54:27:f2:fd: 31:b3:99:43:83:1c:72:35:4a:6c:b2:21:6f:5d:ab: 47:26:75:87:fd:15:a6:22:34:c5:0a:8b:70:af:92: bf:9e:12:d1:9d:97:54:73:14:97:ad:88:c6:52:d8: 82:91:07:a9:6e:47:5c:04:04:48:f5:84:67:bf:d8: d7:15:7c:32:ac:d7:ff:ef:dd:a4:9b:b8:b6:db:57: 5a:dc:80:93:58:d8:b6:16:07:a2:72:60:78:b0:1c: 61:94:a0:8e:51:5e:c0:91:7a:92:7f:17:81:fc:6a: 1f:84:79:be:2c:eb:12:79:c3:29:5a:b8:b0:dd:9a: 42:6d:06:87:36:c7:b7:f1:36:ab:7a:0a:d7:2a:a1: 4f:8c:a5:7b:13:22:22:37:3d:0a:78:e9:3e:64:17: d5:1e:39:14:4a:70:3b:25:f3:68:86:2e:44:e1:8e: 08:90:eb:74:2f:c2:c3:5c:44:38:c4:9b:63:c3:d6: e6:eb:a4:6d:a9:87:32:5f:dd:3f:0d:0f:10:b4:67: d4:cd:da:7a:f6:1e:a2:0a:eb:4f:d2:29:c1:cc:b2: 47:26:78:38:59:ab:30:41:21:c3:ff:ff:3b:f3:5e: 82:a7:44:1f:c3:b5:70:5e:58:dc:15:30:a0:b1:4b: 1d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:19:E4:7D:89:F9:FD:F1:E3:01:01:FA:66:5D:44:C9:DA:72:4E:E0 X509v3 Authority Key Identifier: keyid:D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:8f:67:77:43:24:cb:0c:92:86:b8:c5:91:f8:39:d2:10:75: 6e:42:0c:71:67:e6:57:36:b4:cb:8f:27:10:fd:b3:c9:34:1e: 48:fb:f9:d4:61:3c:d7:25:3c:35:cb:54:7b:63:5b:2e:06:8c: 98:c5:11:76:07:b5:4e:d1:10:dc:d7:bc:f1:71:6d:3e:19:39: c5:67:5e:78:57:a3:f9:fb:11:b3:a2:30:9e:34:56:13:3c:a4: 9a:9a:f7:5f:d0:93:87:3c:21:c4:96:98:46:c1:ab:60:10:81: fa:6f:02:9d:44:1a:50:0d:4e:4e:3a:53:0a:1e:6f:2d:23:ae: eb:ca:0b:ba:78:bd:97:49:9b:e7:47:60:c6:89:cf:0b:4b:47: bf:3b:10:39:8c:a0:a4:e2:ad:de:9f:30:b7:ba:24:5f:04:2f: 3d:26:d3:51:81:26:e4:09:87:d7:9b:e9:26:33:a6:d6:5c:89: 0e:bc:1a:04:70:ac:81:5e:60:b3:eb:de:93:dc:7a:2c:bb:99: e2:22:88:a9:9a:ac:15:41:c4:37:06:ab:ea:48:7e:81:50:7d: 74:f0:94:67:29:4c:bb:e1:81:4b:61:6c:c7:f5:fc:b8:d0:ef: 80:e4:78:b9:d2:df:8d:a7:48:a9:be:da:ea:41:a9:3a:a7:6c: 70:7c:56:7b -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUNEL88JxUZqCh9A10cJnJ1G3Wvy4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRC Q0FEMTk0MzAeFw0yNjAzMDIwNDIzMTZaFw0yNjAzMDMwNzM3MTZaMDMxMTAvBgNV BAMTKDE5MTlFNDdEODlGOUZERjFFMzAxMDFGQTY2NUQ0NEM5REE3MjRFRTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrz4wNQMAqEeCOVCfy/TGzmUOD HHI1SmyyIW9dq0cmdYf9FaYiNMUKi3Cvkr+eEtGdl1RzFJetiMZS2IKRB6luR1wE BEj1hGe/2NcVfDKs1//v3aSbuLbbV1rcgJNY2LYWB6JyYHiwHGGUoI5RXsCRepJ/ F4H8ah+Eeb4s6xJ5wylauLDdmkJtBoc2x7fxNqt6CtcqoU+MpXsTIiI3PQp46T5k F9UeORRKcDsl82iGLkThjgiQ63QvwsNcRDjEm2PD1ubrpG2phzJf3T8NDxC0Z9TN 2nr2HqIK60/SKcHMskcmeDhZqzBBIcP//zvzXoKnRB/DtXBeWNwVMKCxSx0VAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUGRnkfYn5/fHjAQH6Zl1EydpyTuAwHwYDVR0j BBgwFoAU0v8dfG3x3XdaYQaXDQX/RLytGUMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTM4OTI2NTU1MTM2MS8wL0QyRkYxRDdDNkRGMURENzc1QTYxMDY5NzBEMDVG RjQ0QkNBRDE5NDMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRCQ0FEMTk0My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU1NTEzNjEvMC9EMkZGMUQ3QzZERjFE RDc3NUE2MTA2OTcwRDA1RkY0NEJDQUQxOTQzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPY9nd0MkywyS hrjFkfg50hB1bkIMcWfmVza0y48nEP2zyTQeSPv51GE81yU8NctUe2NbLgaMmMUR dge1TtEQ3Ne88XFtPhk5xWdeeFej+fsRs6IwnjRWEzykmpr3X9CThzwhxJaYRsGr YBCB+m8CnUQaUA1OTjpTCh5vLSOu68oLuni9l0mb50dgxonPC0tHvzsQOYygpOKt 3p8wt7okXwQvPSbTUYEm5AmH15vpJjOm1lyJDrwaBHCsgV5gs+vek9x6LLuZ4iKI qZqsFUHENwar6kh+gVB9dPCUZylMu+GBS2Fsx/X8uNDvgOR4udLfjadIqb7a6kGp OqdscHxWew== -----END CERTIFICATE-----Generated at Mon Mar 2 18:45:01 2026 by rpki-client