$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft File: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft (raw, json) Hash identifier: oFEx5SxZmxMj3bIEvNUYDquhYl/jKY6wueT4MGmhkTQ= Subject key identifier: AA:C8:03:21:37:13:9C:12:07:85:61:9C:C1:15:5D:ED:C7:53:ED:BB Authority key identifier: 8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 Certificate issuer: /CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Certificate serial: 1A440DBD6E7F904206F4F363364C738914F512AB Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft Manifest number: C3 Signing time: Sat 13 Jun 2026 20:12:13 +0000 Manifest this update: Sat 13 Jun 2026 20:07:13 +0000 Manifest next update: Sun 14 Jun 2026 22:03:13 +0000 Files and hashes: 1: 34352e3131352e31382e302f32332d3234203d3e20313531323330.roa (hash: KFwVFV9XIdASmiH55Vrp/a+LAUtb9TpqJV9SvrwxSRc=) 2: 8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl (hash: 6oGK9r7pV6meGJnP/qHTvgZao/Zsnz7kiNrM3RIG4t0=) 3: 323430323a323065303a3a2f33322d3438203d3e20313531323330.roa (hash: QWUb0DzubEfKqwW//PTcn/ZJK/ak3Shs1IT7p6JBGPc=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 16:02:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:44:0d:bd:6e:7f:90:42:06:f4:f3:63:36:4c:73:89:14:f5:12:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D406BEC452CB074D630ABDBD6275BC5445DC3A1 Validity Not Before: Jun 13 20:07:13 2026 GMT Not After : Jun 14 22:03:13 2026 GMT Subject: CN=AAC8032137139C120785619CC1155DEDC753EDBB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6f:e5:13:6d:fb:6c:2f:e4:a7:dc:fc:82:d1: 15:80:ef:f2:9d:02:5c:4f:9c:48:93:28:25:4f:6b: 31:7e:10:f8:df:b3:c4:eb:15:67:86:1c:a6:05:96: 6c:85:e6:b8:17:93:91:00:86:2e:3d:8e:59:17:77: c8:f4:5c:7d:c0:a3:fa:1f:1c:6a:77:cc:fb:24:bc: e3:d9:c2:a0:f1:10:e5:52:fb:4a:66:de:80:96:95: 8e:b7:60:b0:39:49:a8:13:3c:24:2e:a4:14:89:22: ed:01:ff:ba:f5:a4:75:f0:dc:32:44:c2:35:66:b5: 86:4f:00:dc:bb:c1:af:a0:04:77:55:7c:b0:ca:86: 59:4c:f4:11:24:eb:6e:e6:6f:5e:18:fa:e0:66:ca: 05:ee:f3:79:7d:d3:3e:b8:04:8c:99:c9:d7:e2:48: 6c:80:65:0d:d5:52:41:3d:63:4d:99:08:2b:98:10: e4:c6:3a:63:ae:c4:04:84:c1:9f:80:1f:a5:b8:f5: 17:d7:51:07:35:76:15:ee:7c:b5:16:d8:3a:0d:aa: 7b:8e:67:49:7f:d0:eb:ca:9e:1d:fb:78:2e:98:f6: dc:f2:c8:d5:74:5b:68:56:a4:3a:70:da:9d:d6:37: 8e:64:4b:2d:b8:55:1b:9b:3f:1c:9c:3c:30:ab:ed: 73:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:C8:03:21:37:13:9C:12:07:85:61:9C:C1:15:5D:ED:C7:53:ED:BB X509v3 Authority Key Identifier: keyid:8D:40:6B:EC:45:2C:B0:74:D6:30:AB:DB:D6:27:5B:C5:44:5D:C3:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217717251/0/8D406BEC452CB074D630ABDBD6275BC5445DC3A1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:e5:98:d3:38:17:82:8b:76:a7:c9:b9:19:65:75:98:c4:91: e8:7b:3d:ad:cd:20:27:64:7d:05:6e:7b:e5:0b:30:b8:1f:09: 35:5f:ee:5e:28:f6:79:2b:ff:ea:5e:8a:e2:c7:bc:26:d7:c7: f9:7f:43:a6:13:28:fa:5b:0f:4e:a8:db:30:25:f6:4a:c7:47: 47:c2:95:fb:81:1f:b9:52:65:ea:a3:ed:6e:7d:04:f2:ff:11: 60:f1:a9:6e:41:b5:e7:6a:f0:58:4c:64:5e:4f:5c:2b:49:46: 08:61:27:3c:88:1d:87:6e:2d:10:c8:b4:b0:74:54:d0:81:47: ef:1f:f3:18:90:17:d1:b0:bd:78:03:7e:74:f4:fc:53:e1:69: 29:39:ab:6e:c9:42:a1:6c:bf:6b:04:fd:5a:3f:a7:e3:70:8a: e1:2b:4e:a0:64:0d:44:7f:65:65:23:0c:ed:47:a3:bf:d6:69: d8:c5:7d:95:62:e1:08:60:66:cd:9c:60:98:99:8d:fc:c1:34: 61:03:0f:73:82:34:e4:1a:dc:4a:e4:10:f1:b5:e6:11:e3:02: 6b:8f:a5:07:fc:e2:78:84:b5:35:f4:d7:e5:0f:2c:2f:2a:e0: d4:94:4c:9c:be:8c:b9:99:77:cc:60:b5:4a:cf:d6:ef:57:90: 98:76:b8:3c -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUGkQNvW5/kEIG9PNjNkxziRT1EqswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0 NDVEQzNBMTAeFw0yNjA2MTMyMDA3MTNaFw0yNjA2MTQyMjAzMTNaMDMxMTAvBgNV BAMTKEFBQzgwMzIxMzcxMzlDMTIwNzg1NjE5Q0MxMTU1REVEQzc1M0VEQkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5b+UTbftsL+Sn3PyC0RWA7/Kd AlxPnEiTKCVPazF+EPjfs8TrFWeGHKYFlmyF5rgXk5EAhi49jlkXd8j0XH3Ao/of HGp3zPskvOPZwqDxEOVS+0pm3oCWlY63YLA5SagTPCQupBSJIu0B/7r1pHXw3DJE wjVmtYZPANy7wa+gBHdVfLDKhllM9BEk627mb14Y+uBmygXu83l90z64BIyZydfi SGyAZQ3VUkE9Y02ZCCuYEOTGOmOuxASEwZ+AH6W49RfXUQc1dhXufLUW2DoNqnuO Z0l/0OvKnh37eC6Y9tzyyNV0W2hWpDpw2p3WN45kSy24VRubPxycPDCr7XMtAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUqsgDITcTnBIHhWGcwRVd7cdT7bswHwYDVR0j BBgwFoAUjUBr7EUssHTWMKvb1idbxURdw6EwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzcxNzI1MS8wLzhENDA2QkVDNDUyQ0IwNzRENjMwQUJEQkQ2Mjc1 QkM1NDQ1REMzQTEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0MDZCRUM0NTJDQjA3NEQ2MzBBQkRCRDYyNzVCQzU0NDVEQzNBMS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc3MTcyNTEvMC84RDQwNkJFQzQ1MkNC MDc0RDYzMEFCREJENjI3NUJDNTQ0NURDM0ExLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAReWY0zgXgot2 p8m5GWV1mMSR6Hs9rc0gJ2R9BW575QswuB8JNV/uXij2eSv/6l6K4se8JtfH+X9D phMo+lsPTqjbMCX2SsdHR8KV+4EfuVJl6qPtbn0E8v8RYPGpbkG152rwWExkXk9c K0lGCGEnPIgdh24tEMi0sHRU0IFH7x/zGJAX0bC9eAN+dPT8U+FpKTmrbslCoWy/ awT9Wj+n43CK4StOoGQNRH9lZSMM7Uejv9Zp2MV9lWLhCGBmzZxgmJmN/ME0YQMP c4I05BrcSuQQ8bXmEeMCa4+lB/zieIS1NfTX5Q8sLyrg1JRMnL6MuZl3zGC1Ss/W 71eQmHa4PA== -----END CERTIFICATE-----Generated at Sun Jun 14 08:36:46 2026 by rpki-client