$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft File: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft (raw, json) Hash identifier: VgHkv4D9ExG0/AkuD/IkYyasgzPUQQZ7nCPNnGThuoI= Subject key identifier: 08:43:60:21:CA:49:1D:E7:E2:D6:BA:1D:6B:3F:AD:93:4B:0F:A2:96 Authority key identifier: D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 Certificate issuer: /CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Certificate serial: 2059B218BF652A81D199908C60A493397965D5C3 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft Manifest number: C3 Signing time: Sat 13 Jun 2026 21:57:16 +0000 Manifest this update: Sat 13 Jun 2026 21:52:16 +0000 Manifest next update: Sun 14 Jun 2026 22:46:16 +0000 Files and hashes: 1: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl (hash: AVyGs3u5yaxwvC7k4vgIbTHXpXy5KvDVXvFwq07YK98=) 2: 323430623a613030303a6663333a3a2f34382d3438203d3e20313531333033.roa (hash: TiSdjmUDUZ7Io/2Ke/Pu2qkV+pzBX0aVcs8lYCtTick=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 22:46:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:59:b2:18:bf:65:2a:81:d1:99:90:8c:60:a4:93:39:79:65:d5:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Validity Not Before: Jun 13 21:52:16 2026 GMT Not After : Jun 14 22:46:16 2026 GMT Subject: CN=08436021CA491DE7E2D6BA1D6B3FAD934B0FA296 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ff:a3:34:f7:fd:82:55:9e:01:e3:c3:13:33: b9:30:7a:f2:a2:18:d9:d1:a6:96:24:a6:c4:c4:b4: 4c:f5:92:6b:1f:e1:4c:4e:46:b8:b4:0c:33:78:26: 59:c9:56:eb:1f:71:34:a2:ac:5c:84:0e:96:8b:86: 42:d8:2f:42:aa:ca:78:2f:98:ba:bc:c3:32:8e:46: 4f:4c:4c:6e:f0:fa:c7:19:61:a9:66:23:84:46:a4: 4a:ab:41:cf:bd:6f:d3:97:af:f9:3e:ef:d1:dc:57: e6:b4:59:c6:d0:6d:de:dc:e4:e4:3e:ee:c6:8f:59: 30:dc:a6:88:43:ad:1f:f4:e2:93:af:44:f7:76:04: b7:9a:73:32:67:01:a6:88:86:f0:fa:11:be:70:2f: 49:c4:13:b9:fc:f9:ec:bf:e7:fe:d8:f0:61:8d:7c: 73:3f:8d:9d:e9:cf:4c:ef:c9:d3:cb:50:09:fc:cc: 27:61:16:ec:3f:a8:3f:92:d7:14:58:8c:8d:a0:db: 66:a8:57:4d:36:a6:7d:5b:41:9f:a3:8c:c5:bd:2f: 19:dd:6c:fa:34:94:9b:6c:f8:30:ae:0b:c9:55:70: 85:28:e1:5c:49:8c:0b:c2:9d:9d:42:a4:cf:9e:26: 60:27:52:6a:a5:41:1d:c7:15:8c:98:8f:a0:69:f5: ed:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:43:60:21:CA:49:1D:E7:E2:D6:BA:1D:6B:3F:AD:93:4B:0F:A2:96 X509v3 Authority Key Identifier: keyid:D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:67:b9:17:68:1d:12:dd:b3:ba:42:07:b3:f3:c8:cb:bc:90: 48:80:ef:31:5c:fa:7e:6a:04:ca:1e:ec:bb:fd:e1:03:e5:d2: d5:1b:d7:f6:ff:cb:4b:e9:74:12:d5:69:45:d2:3e:27:95:c1: 9b:2d:1b:f1:b4:88:ef:a1:71:c2:f8:87:0e:84:b1:1c:ca:a5: 85:ab:1e:97:f9:b1:a0:40:85:78:b0:e5:4c:69:01:29:06:a8: 7f:2a:59:6e:eb:4e:a4:56:17:55:dc:c5:66:03:76:2e:ab:73: a6:68:5a:fc:0c:db:ae:b4:6f:0a:ce:1c:2b:03:04:8a:1c:23: 7b:52:4a:a7:50:92:ea:ef:b4:f9:0e:42:0b:a9:3f:e3:f8:ca: 8c:43:e0:8d:4e:4d:a5:41:00:05:d4:60:55:29:da:12:43:08: 07:4d:c9:28:4f:17:b1:74:4c:be:8f:52:a8:89:ba:70:4d:83: 16:af:cf:46:83:3f:7a:ba:a3:49:3c:e2:28:a2:9d:2e:14:94: f3:49:70:f5:95:02:fe:9e:73:1c:8b:24:c5:03:80:b1:44:b3: 4f:79:ac:a8:e8:44:13:0f:83:89:ad:81:c1:b1:53:aa:fe:f7: 28:e6:f3:9c:b4:38:a0:65:f6:0f:4b:a4:64:1b:6a:5c:64:6a: 6d:48:59:f1 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUIFmyGL9lKoHRmZCMYKSTOXll1cMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRC Q0FEMTk0MzAeFw0yNjA2MTMyMTUyMTZaFw0yNjA2MTQyMjQ2MTZaMDMxMTAvBgNV BAMTKDA4NDM2MDIxQ0E0OTFERTdFMkQ2QkExRDZCM0ZBRDkzNEIwRkEyOTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz/6M09/2CVZ4B48MTM7kwevKi GNnRppYkpsTEtEz1kmsf4UxORri0DDN4JlnJVusfcTSirFyEDpaLhkLYL0Kqyngv mLq8wzKORk9MTG7w+scZYalmI4RGpEqrQc+9b9OXr/k+79HcV+a0WcbQbd7c5OQ+ 7saPWTDcpohDrR/04pOvRPd2BLeaczJnAaaIhvD6Eb5wL0nEE7n8+ey/5/7Y8GGN fHM/jZ3pz0zvydPLUAn8zCdhFuw/qD+S1xRYjI2g22aoV002pn1bQZ+jjMW9Lxnd bPo0lJts+DCuC8lVcIUo4VxJjAvCnZ1CpM+eJmAnUmqlQR3HFYyYj6Bp9e0rAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUCENgIcpJHefi1rodaz+tk0sPopYwHwYDVR0j BBgwFoAU0v8dfG3x3XdaYQaXDQX/RLytGUMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTM4OTI2NTU1MTM2MS8wL0QyRkYxRDdDNkRGMURENzc1QTYxMDY5NzBEMDVG RjQ0QkNBRDE5NDMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRCQ0FEMTk0My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU1NTEzNjEvMC9EMkZGMUQ3QzZERjFE RDc3NUE2MTA2OTcwRDA1RkY0NEJDQUQxOTQzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGe5F2gdEt2z ukIHs/PIy7yQSIDvMVz6fmoEyh7su/3hA+XS1RvX9v/LS+l0EtVpRdI+J5XBmy0b 8bSI76FxwviHDoSxHMqlhasel/mxoECFeLDlTGkBKQaofypZbutOpFYXVdzFZgN2 Lqtzpmha/AzbrrRvCs4cKwMEihwje1JKp1CS6u+0+Q5CC6k/4/jKjEPgjU5NpUEA BdRgVSnaEkMIB03JKE8XsXRMvo9SqIm6cE2DFq/PRoM/erqjSTziKKKdLhSU80lw 9ZUC/p5zHIskxQOAsUSzT3msqOhEEw+Dia2BwbFTqv73KObznLQ4oGX2D0ukZBtq XGRqbUhZ8Q== -----END CERTIFICATE-----Generated at Sun Jun 14 12:44:49 2026 by rpki-client