$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft File: 528FB7389148F9961BE07564A1BCC28DE1440954.mft (raw, json) Hash identifier: 9CcSfcJcwamtPw3pPMFMiLSpMWIS6FMBwFMi28wbqwo= Subject key identifier: ED:E8:EC:12:45:78:0C:CD:86:D9:10:CC:A3:1C:C8:19:86:F8:42:FE Authority key identifier: 52:8F:B7:38:91:48:F9:96:1B:E0:75:64:A1:BC:C2:8D:E1:44:09:54 Certificate issuer: /CN=528FB7389148F9961BE07564A1BCC28DE1440954 Certificate serial: 4939F8A9CBE1D0807F39DD54C167C40225835449 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/528FB7389148F9961BE07564A1BCC28DE1440954.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft Manifest number: 39 Signing time: Mon 02 Mar 2026 08:38:17 +0000 Manifest this update: Mon 02 Mar 2026 08:33:17 +0000 Manifest next update: Tue 03 Mar 2026 10:12:17 +0000 Files and hashes: 1: 3130332e3135322e3234372e302f32342d3234203d3e20313532343735.roa (hash: phf4Dfqb5M3Ykxs2j+sNy+Y1lZxL1CrzZ7fuUfc1kQM=) 2: 528FB7389148F9961BE07564A1BCC28DE1440954.crl (hash: jYqped5KEXC/uLQ/X0NFRKZVG/aSOecGMR/fVcRuNUU=) 3: 3130332e3135322e3234372e302f32342d3234203d3e20313335333931.roa (hash: EcqA+WlWeIsBbUwVfChqaarTFSzboqSnaqEftxipkFg=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.crl rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/528FB7389148F9961BE07564A1BCC28DE1440954.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 04:07:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:39:f8:a9:cb:e1:d0:80:7f:39:dd:54:c1:67:c4:02:25:83:54:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=528FB7389148F9961BE07564A1BCC28DE1440954 Validity Not Before: Mar 2 08:33:17 2026 GMT Not After : Mar 3 10:12:17 2026 GMT Subject: CN=EDE8EC1245780CCD86D910CCA31CC81986F842FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:11:12:03:3e:3e:09:cb:52:71:2f:a0:36:bb: f4:fa:84:17:50:42:b5:db:66:44:28:a3:a4:f7:5b: cb:a7:92:90:ca:df:7a:dd:11:19:0f:5d:5f:7c:b0: c6:17:be:22:40:70:f2:8f:5c:98:ea:61:76:49:84: ab:7b:d2:34:da:f1:25:67:a7:83:3f:60:5d:e4:81: 8c:5e:62:67:fa:79:74:53:8c:7b:75:57:74:66:90: c3:f1:52:85:df:e6:2f:56:d0:0c:31:ef:d6:11:ab: 91:b3:c5:cc:38:5b:a6:a9:f1:43:10:54:f1:e4:5b: 4c:cf:bb:ef:6f:bd:d7:28:a7:41:10:6b:0e:6e:f4: 93:89:7b:df:d8:c8:e8:a6:3c:37:fd:09:89:f0:d9: bf:c8:32:3e:04:07:7e:98:fa:29:2d:a9:b9:fe:88: 89:60:37:5f:b2:a6:81:57:27:a7:36:a6:0c:15:d6: 4c:39:a0:88:c6:46:17:ce:74:87:bc:52:d3:53:ac: 00:08:07:8f:7c:6b:e0:c4:ba:de:fc:45:9c:d3:f7: 3d:9d:fe:8d:07:7f:cc:a0:10:ed:73:27:ee:fc:01: 68:5e:fb:f0:6d:b6:0e:08:1c:56:58:99:cd:b3:1c: 3d:95:3e:c3:75:74:3e:7f:d9:a9:32:5c:65:c7:bf: e5:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:E8:EC:12:45:78:0C:CD:86:D9:10:CC:A3:1C:C8:19:86:F8:42:FE X509v3 Authority Key Identifier: keyid:52:8F:B7:38:91:48:F9:96:1B:E0:75:64:A1:BC:C2:8D:E1:44:09:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/528FB7389148F9961BE07564A1BCC28DE1440954.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065591195721531393/0/528FB7389148F9961BE07564A1BCC28DE1440954.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:dc:53:2b:7a:1b:9d:ed:3b:f7:9b:7d:ec:cd:7e:d3:60:48: 35:2a:8b:bd:80:a5:6f:5e:c4:3a:ae:72:9b:d1:12:34:ec:9a: 45:d6:14:54:ed:28:38:4c:5e:41:2d:88:c5:c2:a5:5a:69:80: c6:20:08:96:61:65:41:2e:6f:84:d0:95:7a:05:a7:54:7b:94: 26:3b:1d:a6:69:33:16:cb:e7:d7:26:3e:a0:11:1c:93:5a:ef: 68:aa:4a:85:54:60:c7:c8:5b:c9:6a:aa:f7:14:03:7f:80:63: 1f:e8:04:01:b9:2d:bd:29:bb:ef:2a:ec:43:92:33:8f:71:51: 00:83:d4:96:8d:40:cf:a6:e1:42:6a:10:85:95:3f:b6:59:37: 04:09:8f:42:6e:61:ef:9b:ab:c2:42:a1:88:77:9b:14:ba:c9: 2d:83:05:82:cb:05:14:97:b3:ea:e1:3f:ca:f8:b0:b3:52:ff: 0c:16:60:fc:a7:15:28:12:b7:24:f9:29:a2:f7:bd:14:d0:dc: a2:2a:5b:41:42:20:ec:b1:36:db:80:60:fd:23:4f:a1:48:b8: 57:ae:a1:6b:ac:bf:fc:08:ce:aa:d2:11:52:d5:9a:5e:ad:54: ca:a7:5f:67:8d:a5:59:4a:4d:e0:7c:3e:80:c5:48:8a:3f:54: 77:f9:d7:b0 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUSTn4qcvh0IB/Od1UwWfEAiWDVEkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTI4RkI3Mzg5MTQ4Rjk5NjFCRTA3NTY0QTFCQ0MyOERF MTQ0MDk1NDAeFw0yNjAzMDIwODMzMTdaFw0yNjAzMDMxMDEyMTdaMDMxMTAvBgNV BAMTKEVERThFQzEyNDU3ODBDQ0Q4NkQ5MTBDQ0EzMUNDODE5ODZGODQyRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAERIDPj4Jy1JxL6A2u/T6hBdQ QrXbZkQoo6T3W8unkpDK33rdERkPXV98sMYXviJAcPKPXJjqYXZJhKt70jTa8SVn p4M/YF3kgYxeYmf6eXRTjHt1V3RmkMPxUoXf5i9W0Awx79YRq5Gzxcw4W6ap8UMQ VPHkW0zPu+9vvdcop0EQaw5u9JOJe9/YyOimPDf9CYnw2b/IMj4EB36Y+iktqbn+ iIlgN1+ypoFXJ6c2pgwV1kw5oIjGRhfOdIe8UtNTrAAIB498a+DEut78RZzT9z2d /o0Hf8ygEO1zJ+78AWhe+/Bttg4IHFZYmc2zHD2VPsN1dD5/2akyXGXHv+WTAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU7ejsEkV4DM2G2RDMoxzIGYb4Qv4wHwYDVR0j BBgwFoAUUo+3OJFI+ZYb4HVkobzCjeFECVQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU5MTE5NTcyMTUzMTM5My8wLzUyOEZCNzM4OTE0OEY5OTYxQkUwNzU2NEExQkND MjhERTE0NDA5NTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNTI4RkI3Mzg5MTQ4Rjk5NjFCRTA3NTY0QTFCQ0MyOERFMTQ0MDk1NC5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1OTExOTU3MjE1MzEzOTMvMC81MjhGQjczODkxNDhG OTk2MUJFMDc1NjRBMUJDQzI4REUxNDQwOTU0Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtdxTK3obne07 95t97M1+02BINSqLvYClb17EOq5ym9ESNOyaRdYUVO0oOExeQS2IxcKlWmmAxiAI lmFlQS5vhNCVegWnVHuUJjsdpmkzFsvn1yY+oBEck1rvaKpKhVRgx8hbyWqq9xQD f4BjH+gEAbktvSm77yrsQ5Izj3FRAIPUlo1Az6bhQmoQhZU/tlk3BAmPQm5h75ur wkKhiHebFLrJLYMFgssFFJez6uE/yviws1L/DBZg/KcVKBK3JPkpove9FNDcoipb QUIg7LE224Bg/SNPoUi4V66ha6y//AjOqtIRUtWaXq1UyqdfZ42lWUpN4Hw+gMVI ij9Ud/nXsA== -----END CERTIFICATE-----Generated at Mon Mar 2 18:45:19 2026 by rpki-client