$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft File: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft (raw, json) Hash identifier: cylocjQa9uXKkpK5NbV/2j0QqUXh3kKG6SnpiEKQzxA= Subject key identifier: 80:07:A4:4E:A8:68:98:03:31:B6:75:40:9E:F1:A9:AD:AC:9A:CC:AA Authority key identifier: 8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 Certificate issuer: /CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Certificate serial: 5BA19C177942DC1654E2B4E6BCF179D8143E666E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft Manifest number: 39 Signing time: Mon 02 Mar 2026 11:33:17 +0000 Manifest this update: Mon 02 Mar 2026 11:28:17 +0000 Manifest next update: Tue 03 Mar 2026 15:16:17 +0000 Files and hashes: 1: 323430323a323065303a3a2f33322d3438203d3e20313531323330.roa (hash: QWUb0DzubEfKqwW//PTcn/ZJK/ak3Shs1IT7p6JBGPc=) 2: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl (hash: VC9MuyHtZbymooMYhI1c7B1x0ptJ+Xzjkk5vagI4lrQ=) 3: 34352e3131352e31382e302f32332d3234203d3e20313531323330.roa (hash: KFwVFV9XIdASmiH55Vrp/a+LAUtb9TpqJV9SvrwxSRc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 04:07:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:a1:9c:17:79:42:dc:16:54:e2:b4:e6:bc:f1:79:d8:14:3e:66:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Validity Not Before: Mar 2 11:28:17 2026 GMT Not After : Mar 3 15:16:17 2026 GMT Subject: CN=8007A44EA868980331B675409EF1A9ADAC9ACCAA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:4e:10:39:da:01:86:91:fb:cf:ba:3a:6f:cb: 49:9c:d1:18:ea:54:e9:fe:01:d4:c4:1c:ba:c0:63: e6:25:02:41:25:0b:ef:f4:1a:28:25:1c:f4:6f:52: 1b:9c:54:52:f9:e4:63:cb:01:5f:e3:ba:1d:4f:92: 26:6d:ad:16:9a:81:98:c7:7f:02:a1:ca:5d:f7:e4: ae:3d:c5:93:a3:10:d8:42:f4:8b:06:b7:d0:6a:fd: f5:4a:1b:03:6d:77:d9:7b:04:88:92:e4:2e:a9:7f: 09:9c:67:24:bd:99:6b:f1:19:08:a2:8e:e9:44:cc: 32:ce:23:cb:31:a8:be:67:02:a6:c2:47:1d:b4:8c: e8:60:18:e6:0d:3d:d7:7a:5e:b8:c1:58:e8:d3:79: 16:b4:37:91:73:e3:f7:22:99:e1:2f:2e:80:10:01: 17:1c:cc:81:d7:73:df:3f:cc:ca:a4:fb:f3:76:c0: cb:2e:1b:ab:19:a7:ce:af:1e:b9:95:b6:a9:c0:1e: 82:42:06:04:e1:d5:e3:a9:ca:83:84:20:dd:65:75: 97:87:94:06:7f:db:78:bb:12:49:fb:92:fb:33:59: 03:0f:64:03:a7:0a:b8:61:cc:00:1c:9b:65:2d:21: 43:7c:68:0c:81:34:3c:00:03:cb:a3:25:18:0d:96: db:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:07:A4:4E:A8:68:98:03:31:B6:75:40:9E:F1:A9:AD:AC:9A:CC:AA X509v3 Authority Key Identifier: keyid:8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:12:02:3c:c9:91:d5:2a:00:33:6e:0e:36:6d:40:72:85:5b: a2:94:e8:33:2c:68:ed:53:7e:d5:60:d6:d6:1e:fe:d4:d7:ea: cb:81:83:d1:2f:ae:eb:d6:79:27:39:1c:a0:db:68:10:3d:32: ff:58:55:69:b3:d0:09:fd:4c:25:ba:69:5b:ac:95:e4:1c:4b: 6b:62:80:9b:76:4b:60:15:2a:4f:5e:f5:6d:5e:52:8e:b5:af: cf:a8:17:58:0f:f3:39:cd:68:af:e2:2b:c4:ed:28:a2:19:03: c8:fc:f1:4d:4d:df:fe:36:a3:19:ba:be:6b:2d:87:ac:7f:ff: 2f:ad:71:13:2b:3f:01:a1:4f:59:5d:7d:06:78:18:a7:e7:cf: b9:8d:90:e1:dc:cb:cb:61:da:99:35:a4:4e:0d:ae:78:b9:c2: cb:52:09:f0:d9:70:b0:f9:73:73:3c:27:78:1d:8e:77:bf:66: b8:ce:5c:52:9f:31:7a:19:aa:0a:70:30:7d:47:78:9d:21:ff: bb:c7:6f:d6:81:56:0c:92:26:e2:8a:4a:d4:98:a7:a1:bd:9c: 5b:e4:07:14:f9:f2:b9:dc:77:72:e9:31:e6:f5:61:5f:7d:e2: 07:7c:45:78:ba:8f:c9:fa:d6:c3:b2:13:ec:c7:1d:77:10:4f: 21:d9:53:d2 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUW6GcF3lC3BZU4rTmvPF52BQ+Zm4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0 NDVEQzNBMTAeFw0yNjAzMDIxMTI4MTdaFw0yNjAzMDMxNTE2MTdaMDMxMTAvBgNV BAMTKDgwMDdBNDRFQTg2ODk4MDMzMUI2NzU0MDlFRjFBOUFEQUM5QUNDQUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhThA52gGGkfvPujpvy0mc0Rjq VOn+AdTEHLrAY+YlAkElC+/0GiglHPRvUhucVFL55GPLAV/juh1PkiZtrRaagZjH fwKhyl335K49xZOjENhC9IsGt9Bq/fVKGwNtd9l7BIiS5C6pfwmcZyS9mWvxGQii julEzDLOI8sxqL5nAqbCRx20jOhgGOYNPdd6XrjBWOjTeRa0N5Fz4/cimeEvLoAQ ARcczIHXc98/zMqk+/N2wMsuG6sZp86vHrmVtqnAHoJCBgTh1eOpyoOEIN1ldZeH lAZ/23i7Ekn7kvszWQMPZAOnCrhhzAAcm2UtIUN8aAyBNDwAA8ujJRgNlts9AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUgAekTqhomAMxtnVAnvGprayazKowHwYDVR0j BBgwFoAUjUBr7EUssHTWMKvb1idbxURdw6EwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzcxNzI1MS8wLzhENDA2QkVDNDUyQ0IwNzRENjMwQUJEQkQ2Mjc1 QkM1NDQ1REMzQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0NDVEQzNBMS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc3MTcyNTEvMC84RDQwNkJFQzQ1MkNC MDc0RDYzMEFCREJENjI3NUJDNTQ0NURDM0ExLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAthICPMmR1SoA M24ONm1AcoVbopToMyxo7VN+1WDW1h7+1Nfqy4GD0S+u69Z5JzkcoNtoED0y/1hV abPQCf1MJbppW6yV5BxLa2KAm3ZLYBUqT171bV5SjrWvz6gXWA/zOc1or+IrxO0o ohkDyPzxTU3f/jajGbq+ay2HrH//L61xEys/AaFPWV19BngYp+fPuY2Q4dzLy2Ha mTWkTg2ueLnCy1IJ8NlwsPlzczwneB2Od79muM5cUp8xehmqCnAwfUd4nSH/u8dv 1oFWDJIm4opK1Jinob2cW+QHFPnyudx3cukx5vVhX33iB3xFeLqPyfrWw7IT7Mcd dxBPIdlT0g== -----END CERTIFICATE-----Generated at Mon Mar 2 18:46:33 2026 by rpki-client