$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft File: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft (raw, json) Hash identifier: bImeNZiT3zGUucle6FGlbm8ufkpH2AjixMwKtJK+dxs= Subject key identifier: 40:B9:88:F7:63:05:0B:7E:AA:CD:12:99:54:00:EE:4D:C5:C3:97:E7 Authority key identifier: 8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 Certificate issuer: /CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Certificate serial: 1B87AC10EB1556CAAA2F009518B76E489D0A380D Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft Manifest number: 76 Signing time: Fri 17 Apr 2026 07:49:41 +0000 Manifest this update: Fri 17 Apr 2026 07:44:41 +0000 Manifest next update: Sat 18 Apr 2026 07:59:41 +0000 Files and hashes: 1: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl (hash: KCtxuuTFCOzrZE4Vrn9SWmo2M14RSu4A8i6TTelr0q8=) 2: 323430323a323065303a3a2f33322d3438203d3e20313531323330.roa (hash: QWUb0DzubEfKqwW//PTcn/ZJK/ak3Shs1IT7p6JBGPc=) 3: 34352e3131352e31382e302f32332d3234203d3e20313531323330.roa (hash: KFwVFV9XIdASmiH55Vrp/a+LAUtb9TpqJV9SvrwxSRc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 07:59:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:87:ac:10:eb:15:56:ca:aa:2f:00:95:18:b7:6e:48:9d:0a:38:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Validity Not Before: Apr 17 07:44:41 2026 GMT Not After : Apr 18 07:59:41 2026 GMT Subject: CN=40B988F763050B7EAACD12995400EE4DC5C397E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:1d:93:82:c5:11:fd:e3:f9:7a:d0:99:b1:7d: 08:88:d3:0c:d9:7e:d2:44:59:79:a1:98:ae:f9:27: 1c:10:a1:56:c5:23:86:99:ec:01:72:a4:99:1b:f5: 28:39:c3:02:08:b7:9d:49:6a:cf:fb:55:0e:6d:5a: e3:73:7c:2b:1e:7a:2f:16:37:3d:32:60:54:97:b9: 9e:57:7c:e0:1c:27:51:e4:c9:5f:6a:ef:fa:53:8f: 77:6f:eb:55:26:65:67:ac:db:82:b8:d7:e1:89:54: 47:c8:08:1c:0b:0d:c4:3e:4c:5b:42:c8:24:4e:a3: 6a:15:e2:29:c5:cf:23:16:e8:57:8c:92:00:a6:78: da:2d:57:98:f2:55:14:73:36:b2:27:10:89:69:3c: bf:9b:92:92:be:5c:6d:82:dd:4e:85:ba:19:7b:7a: 8d:53:e2:f9:04:40:98:70:70:d0:eb:5e:50:d7:5e: 42:53:13:54:6a:8e:b0:09:7d:28:13:17:bf:14:ae: 46:20:56:29:93:ea:af:b7:93:92:39:39:e2:38:a6: a2:9f:0c:f4:b0:67:9a:4a:b2:d5:45:f7:c0:b5:4e: 70:03:13:7a:bf:92:27:2a:41:1b:65:86:e9:5f:9a: 7e:d0:f9:18:19:d2:20:6f:b5:49:12:78:d5:db:8d: 04:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:B9:88:F7:63:05:0B:7E:AA:CD:12:99:54:00:EE:4D:C5:C3:97:E7 X509v3 Authority Key Identifier: keyid:8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:58:7b:af:24:72:0f:32:43:29:19:f5:aa:c1:76:f4:71:98: 93:b3:3c:fb:30:35:9e:69:54:16:b3:97:48:a7:7d:01:e0:66: d2:de:c1:5e:8c:31:06:a5:a1:8b:53:95:2e:e6:28:e3:32:33: 90:2b:55:68:50:6e:53:0f:50:8d:d0:09:43:f6:ff:fd:ff:b7: 4b:21:8a:07:46:2f:a2:16:25:74:2d:c7:2a:c6:2f:5c:e5:03: 6a:1b:e0:fc:f4:ff:48:d7:8e:35:d5:89:5b:77:6d:75:48:33: 6f:d7:82:78:70:96:de:d2:be:25:ec:00:13:66:76:3a:f9:ab: 4a:ad:28:54:48:ae:f7:6e:ff:81:0a:37:c6:99:64:55:02:51: 25:7e:66:05:dd:af:b0:e4:e4:f6:78:a8:25:46:3b:03:ba:20: 5e:b5:8b:c6:73:36:70:d7:87:51:5f:4a:72:46:8f:51:53:cd: 70:15:dc:c8:e4:93:cc:74:e9:f7:d7:e6:75:fc:f0:ec:f3:4b: 7e:46:e7:b8:25:72:57:1b:c5:c9:8e:4d:c4:94:1a:62:d5:76: 79:32:89:dc:ab:d5:c3:0a:20:b9:40:42:db:a0:08:29:9f:85: 18:9f:30:88:84:9d:ca:8d:bb:40:de:4b:84:e5:d5:e5:21:ee: 8c:8d:a1:36 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUG4esEOsVVsqqLwCVGLduSJ0KOA0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0 NDVEQzNBMTAeFw0yNjA0MTcwNzQ0NDFaFw0yNjA0MTgwNzU5NDFaMDMxMTAvBgNV BAMTKDQwQjk4OEY3NjMwNTBCN0VBQUNEMTI5OTU0MDBFRTREQzVDMzk3RTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZHZOCxRH94/l60JmxfQiI0wzZ ftJEWXmhmK75JxwQoVbFI4aZ7AFypJkb9Sg5wwIIt51Jas/7VQ5tWuNzfCseei8W Nz0yYFSXuZ5XfOAcJ1HkyV9q7/pTj3dv61UmZWes24K41+GJVEfICBwLDcQ+TFtC yCROo2oV4inFzyMW6FeMkgCmeNotV5jyVRRzNrInEIlpPL+bkpK+XG2C3U6Fuhl7 eo1T4vkEQJhwcNDrXlDXXkJTE1RqjrAJfSgTF78UrkYgVimT6q+3k5I5OeI4pqKf DPSwZ5pKstVF98C1TnADE3q/kicqQRtlhulfmn7Q+RgZ0iBvtUkSeNXbjQQNAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUQLmI92MFC36qzRKZVADuTcXDl+cwHwYDVR0j BBgwFoAUjUBr7EUssHTWMKvb1idbxURdw6EwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzcxNzI1MS8wLzhENDA2QkVDNDUyQ0IwNzRENjMwQUJEQkQ2Mjc1 QkM1NDQ1REMzQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0NDVEQzNBMS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc3MTcyNTEvMC84RDQwNkJFQzQ1MkNC MDc0RDYzMEFCREJENjI3NUJDNTQ0NURDM0ExLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZlh7ryRyDzJD KRn1qsF29HGYk7M8+zA1nmlUFrOXSKd9AeBm0t7BXowxBqWhi1OVLuYo4zIzkCtV aFBuUw9QjdAJQ/b//f+3SyGKB0YvohYldC3HKsYvXOUDahvg/PT/SNeONdWJW3dt dUgzb9eCeHCW3tK+JewAE2Z2OvmrSq0oVEiu927/gQo3xplkVQJRJX5mBd2vsOTk 9nioJUY7A7ogXrWLxnM2cNeHUV9KckaPUVPNcBXcyOSTzHTp99fmdfzw7PNLfkbn uCVyVxvFyY5NxJQaYtV2eTKJ3KvVwwoguUBC26AIKZ+FGJ8wiISdyo27QN5LhOXV 5SHujI2hNg== -----END CERTIFICATE-----Generated at Sat Apr 18 01:23:57 2026 by rpki-client