$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft File: 3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft (raw, json) Hash identifier: x2+5r1yeTCoNf+ZzWj99Q/mV/fAg3yh8EsLgaz3n02o= Subject key identifier: 78:73:37:7D:84:63:7C:CE:76:64:C9:65:B5:D0:B1:E1:20:BC:16:CC Authority key identifier: 3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A Certificate issuer: /CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A Certificate serial: 3ECFCEEF3C2E5A4AF12F809A0448FCA3BB087757 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft Manifest number: 38 Signing time: Sun 01 Mar 2026 21:48:16 +0000 Manifest this update: Sun 01 Mar 2026 21:43:16 +0000 Manifest next update: Mon 02 Mar 2026 22:05:16 +0000 Files and hashes: 1: 34352e3235342e32352e302f32342d3234203d3e20313532333230.roa (hash: qjKwVJnGzyI/LX79Tj4cDa3KV/Elv2yjd5+GDsO75bY=) 2: 34352e3235342e32362e302f32342d3234203d3e20313532333230.roa (hash: zQnT6ObBiJ3XRQBU4LCMwXOfUmhlF2FqQYNCv6Fc46M=) 3: 3130332e3232332e3132302e302f32342d3234203d3e20313532333230.roa (hash: 5HY0Ue/vWpU1LvYH7L0XmoUxw5TaIDzLdoP5LOndIDk=) 4: 3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl (hash: 3Un9VWr4Qj73voN0NiYXAZXglVQKMHVNaaluKUKMsWo=) 5: 34352e3235342e32342e302f32322d3234203d3e20313532333230.roa (hash: /jlOtfFFIhy/vioYOPrruZVnaBj+JGwUse/ni91LtIM=) 6: 34352e3235342e32372e302f32342d3234203d3e20313532333230.roa (hash: 8ey7xc7GrXn7mmv3ISFSPmAtts9JOcGCGnrt0IYw5NA=) 7: 3130332e3232332e3132322e302f32342d3234203d3e20313532333230.roa (hash: ENw2cTESVh99EP8BLMv1kqoTtl4yUiDM0XZMs1ujX6o=) 8: 3130332e3232332e3132332e302f32342d3234203d3e20313532333230.roa (hash: BpauxASw+QwtCt0D3PSjlF+wZywrzS5unEAJDnk9hrM=) 9: 34352e3235342e32342e302f32342d3234203d3e20313532333230.roa (hash: HRYgKbtmr+OMYx/1qW6f1p5CaBZOf7Km54MLi7qIJYQ=) 10: 3130332e3232332e3132312e302f32342d3234203d3e20313532333230.roa (hash: wzRfwIBhTwNZEHuoPqB4pgLkBoUBXIsG3gE0j7DP/GE=) 11: 3130332e3232332e3132302e302f32322d3234203d3e20313532333230.roa (hash: QDhDhO+o5EAhmJMJ47IlDxl87DbWK8fpZhIHG6UPABU=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 22:05:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:cf:ce:ef:3c:2e:5a:4a:f1:2f:80:9a:04:48:fc:a3:bb:08:77:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A Validity Not Before: Mar 1 21:43:16 2026 GMT Not After : Mar 2 22:05:16 2026 GMT Subject: CN=7873377D84637CCE7664C965B5D0B1E120BC16CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:1d:d3:14:7d:72:45:6b:1a:64:c1:68:7c:99: 2b:ac:17:b3:ed:95:2a:21:d5:3a:60:e8:79:6c:d5: 34:b3:66:7e:f9:c7:f7:a4:d0:0b:46:60:ed:71:87: 04:63:fa:80:43:df:7f:ac:09:4d:7e:79:f3:81:bd: 1b:59:64:73:f4:ec:18:32:15:e1:74:13:97:d5:a9: 95:fb:49:78:7b:36:ac:2b:af:94:e8:47:50:84:0e: a1:dc:45:f2:7f:86:b5:86:1b:e8:6e:86:07:63:39: 25:40:29:85:3b:8f:40:35:2f:69:77:38:de:79:12: a7:b2:d0:6f:2e:1b:14:36:48:22:9e:17:d6:24:15: 86:5f:e5:9d:18:9d:bf:30:ad:11:f2:98:ba:7e:34: 2f:ff:b2:a4:68:b7:92:14:82:30:e7:5a:f0:88:34: c8:4a:86:25:52:06:ae:af:a4:8c:1a:1c:0c:c0:c9: 11:1d:f7:a5:1c:c7:24:d4:b5:46:19:ca:7f:48:bb: fe:04:35:b3:14:c5:a2:cb:07:f6:a3:3b:c5:f6:d4: be:61:b8:c9:51:23:f1:26:37:7d:c8:a3:68:d8:67: 15:bf:22:61:9c:8a:e3:bf:10:b6:6a:92:5d:56:f2: d7:93:13:83:ec:a7:da:5b:5a:f1:92:a8:11:96:2c: 27:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:73:37:7D:84:63:7C:CE:76:64:C9:65:B5:D0:B1:E1:20:BC:16:CC X509v3 Authority Key Identifier: keyid:3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:3e:43:38:62:43:b8:5c:f3:3f:44:7b:36:8f:d3:c0:e5:e7: 67:fb:be:20:35:29:2e:9a:9c:26:dd:cb:51:df:1d:99:17:a0: f0:e6:ad:19:90:d7:f6:91:f7:ce:7f:b6:95:ba:8f:b1:05:99: b1:b6:be:85:94:fa:6a:66:cf:87:8f:77:74:83:66:8e:60:99: 24:38:41:84:b7:89:be:df:04:49:32:02:95:57:c7:4b:db:4d: b8:47:63:4d:35:f6:a0:40:dd:02:97:6e:c7:39:b7:77:5f:94: 2c:f2:78:ac:40:51:a6:55:15:8e:40:19:07:27:5e:ab:62:6f: 3e:92:c9:89:25:03:02:ad:db:45:46:53:56:20:5a:41:16:09: 33:70:e1:9c:26:1e:54:97:45:c1:db:a7:18:da:9f:34:e0:63: d7:10:94:de:77:ef:b6:35:97:06:d7:a2:53:cf:27:1c:30:28: 1b:e4:df:15:c8:e8:47:50:c2:88:6f:a1:dd:35:47:89:d6:2d: 67:85:ca:ba:0a:70:02:f8:56:af:11:33:52:65:89:93:03:04: 88:6a:a4:27:3d:47:54:d1:4f:85:b7:e5:c1:a4:75:34:1e:7f: 03:a4:35:74:e9:cf:74:c6:2f:9f:f3:5a:d2:2f:ac:3e:f0:84: 2d:e0:f6:89 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUPs/O7zwuWkrxL4CaBEj8o7sId1cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2 QTgwN0EwQTAeFw0yNjAzMDEyMTQzMTZaFw0yNjAzMDIyMjA1MTZaMDMxMTAvBgNV BAMTKDc4NzMzNzdEODQ2MzdDQ0U3NjY0Qzk2NUI1RDBCMUUxMjBCQzE2Q0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHdMUfXJFaxpkwWh8mSusF7Pt lSoh1Tpg6Hls1TSzZn75x/ek0AtGYO1xhwRj+oBD33+sCU1+efOBvRtZZHP07Bgy FeF0E5fVqZX7SXh7Nqwrr5ToR1CEDqHcRfJ/hrWGG+huhgdjOSVAKYU7j0A1L2l3 ON55Eqey0G8uGxQ2SCKeF9YkFYZf5Z0Ynb8wrRHymLp+NC//sqRot5IUgjDnWvCI NMhKhiVSBq6vpIwaHAzAyREd96UcxyTUtUYZyn9Iu/4ENbMUxaLLB/ajO8X21L5h uMlRI/EmN33Io2jYZxW/ImGciuO/ELZqkl1W8teTE4Psp9pbWvGSqBGWLCfJAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUeHM3fYRjfM52ZMlltdCx4SC8FswwHwYDVR0j BBgwFoAUPcMjidjrALsxxqlbNK/IV2qAegowDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4ODU1MzEyOTg1MjkzMS8wLzNEQzMyMzg5RDhFQjAwQkIzMUM2QTk1QjM0QUZD ODU3NkE4MDdBMEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2QTgwN0EwQS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODg1NTMxMjk4NTI5MzEvMC8zREMzMjM4OUQ4RUIw MEJCMzFDNkE5NUIzNEFGQzg1NzZBODA3QTBBLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASj5DOGJDuFzz P0R7No/TwOXnZ/u+IDUpLpqcJt3LUd8dmReg8OatGZDX9pH3zn+2lbqPsQWZsba+ hZT6ambPh493dINmjmCZJDhBhLeJvt8ESTIClVfHS9tNuEdjTTX2oEDdApduxzm3 d1+ULPJ4rEBRplUVjkAZBydeq2JvPpLJiSUDAq3bRUZTViBaQRYJM3DhnCYeVJdF wdunGNqfNOBj1xCU3nfvtjWXBteiU88nHDAoG+TfFcjoR1DCiG+h3TVHidYtZ4XK ugpwAvhWrxEzUmWJkwMEiGqkJz1HVNFPhbflwaR1NB5/A6Q1dOnPdMYvn/Na0i+s PvCELeD2iQ== -----END CERTIFICATE-----Generated at Mon Mar 2 12:46:44 2026 by rpki-client