$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft File: 289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft (raw, json) Hash identifier: pfuNY4n8Q6uM7YGw9G4TTHI/5sInVtF0N7DfPuamXv4= Subject key identifier: 29:EB:8B:A6:56:9E:7F:6D:2E:44:BD:81:59:33:3C:46:C6:1E:AC:D0 Authority key identifier: 28:9B:A9:CB:EB:71:D9:60:3B:ED:96:3E:3B:60:B1:79:0E:8F:78:A2 Certificate issuer: /CN=289BA9CBEB71D9603BED963E3B60B1790E8F78A2 Certificate serial: 14FE363ED00A05B8D541FEB28F427F4532C0BA38 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft Manifest number: 04 Signing time: Fri 17 Apr 2026 13:19:43 +0000 Manifest this update: Fri 17 Apr 2026 13:14:43 +0000 Manifest next update: Sat 18 Apr 2026 16:26:43 +0000 Files and hashes: 1: 289BA9CBEB71D9603BED963E3B60B1790E8F78A2.crl (hash: GTM0Uzoqbr544ww1T52dCWx0siWTVceytgjcmxu6iPk=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.crl rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 16:26:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:fe:36:3e:d0:0a:05:b8:d5:41:fe:b2:8f:42:7f:45:32:c0:ba:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=289BA9CBEB71D9603BED963E3B60B1790E8F78A2 Validity Not Before: Apr 17 13:14:43 2026 GMT Not After : Apr 18 16:26:43 2026 GMT Subject: CN=29EB8BA6569E7F6D2E44BD8159333C46C61EACD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4b:f9:12:9a:78:74:84:d6:65:26:a9:fa:86: f4:7e:a9:c8:3d:dd:f5:b5:c0:92:dd:a8:6c:61:7b: 53:ff:14:ea:a8:d9:5c:21:08:90:e9:64:21:e6:de: a5:28:d4:bb:32:81:7c:96:96:e2:6d:cb:74:e4:17: 59:5b:46:84:0a:96:38:c9:c4:59:c6:d2:3f:d6:b1: 60:27:d9:0b:d0:dd:fe:2e:88:f4:73:19:15:6a:c0: 2d:7f:a9:08:88:86:29:03:01:43:70:be:88:cb:28: a9:f4:d1:b4:84:9d:ae:05:32:77:74:18:6a:d3:04: 27:78:08:99:d5:7a:36:94:d4:8c:32:9c:6c:0b:21: 14:ca:bb:58:30:b0:e6:06:ea:b5:95:80:a5:78:6a: 83:e1:65:ed:89:7c:5b:7a:4b:60:dc:20:26:ba:e8: 76:d3:58:11:5b:f7:74:83:d8:91:84:0d:e0:63:26: 98:9d:77:a5:cb:4b:44:f4:7d:6e:9d:7d:b3:bb:eb: fd:a1:3f:3b:84:d0:e8:60:87:2b:f5:c7:00:45:45: db:3b:6a:84:54:bb:ab:44:e4:1a:1d:45:7b:a1:2d: 94:fc:65:47:2b:ac:4f:01:21:d8:d9:e5:fd:21:1b: a5:6a:c7:c3:5b:c9:95:8a:33:63:ff:19:fe:cd:ad: e3:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:EB:8B:A6:56:9E:7F:6D:2E:44:BD:81:59:33:3C:46:C6:1E:AC:D0 X509v3 Authority Key Identifier: keyid:28:9B:A9:CB:EB:71:D9:60:3B:ED:96:3E:3B:60:B1:79:0E:8F:78:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096693899595874305/0/289BA9CBEB71D9603BED963E3B60B1790E8F78A2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:0f:4a:6d:86:27:eb:95:b5:ff:6d:4a:c8:be:30:05:88:c8: 8c:09:47:cc:f8:fa:84:53:e6:f7:2a:b3:1e:a3:76:3c:56:21: b5:22:46:48:25:80:f1:e2:18:c4:96:9e:a2:f7:50:4e:5e:1b: 35:9e:6c:79:30:19:ad:e4:5e:bb:36:39:b0:2a:d9:18:77:03: fe:b5:ac:1e:bc:d4:c9:14:6e:79:67:b9:0c:d9:e8:67:0f:bc: fb:24:a6:4c:6a:36:a4:ee:e3:96:ee:ef:f2:7c:a1:bc:b2:8a: 4d:f0:9c:59:b7:44:aa:c2:4c:67:f6:86:38:ba:d7:43:bb:1d: df:4e:21:6e:08:76:0b:ff:49:8f:23:2c:0c:00:01:3e:e9:ff: 72:59:c0:7a:1a:11:e2:5f:7a:0a:12:16:40:12:47:07:8f:33: 48:c7:3a:10:86:59:5d:a1:98:36:c8:c6:ee:fa:7b:e3:ee:8d: 4a:77:4e:e9:a2:9e:68:11:61:7b:6a:35:49:ba:1a:cf:ca:4c: f6:ad:be:77:cf:14:54:3b:d9:95:ed:c4:e7:21:1b:1e:d7:7e: 17:e2:2b:53:1d:1a:98:d3:fd:50:db:2e:36:bd:1e:aa:ec:00: 64:e4:4c:51:71:11:23:ec:41:84:f9:76:98:4e:49:45:7e:b7: 74:9e:2c:bf -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUFP42PtAKBbjVQf6yj0J/RTLAujgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg5QkE5Q0JFQjcxRDk2MDNCRUQ5NjNFM0I2MEIxNzkw RThGNzhBMjAeFw0yNjA0MTcxMzE0NDNaFw0yNjA0MTgxNjI2NDNaMDMxMTAvBgNV BAMTKDI5RUI4QkE2NTY5RTdGNkQyRTQ0QkQ4MTU5MzMzQzQ2QzYxRUFDRDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbS/kSmnh0hNZlJqn6hvR+qcg9 3fW1wJLdqGxhe1P/FOqo2VwhCJDpZCHm3qUo1LsygXyWluJty3TkF1lbRoQKljjJ xFnG0j/WsWAn2QvQ3f4uiPRzGRVqwC1/qQiIhikDAUNwvojLKKn00bSEna4FMnd0 GGrTBCd4CJnVejaU1IwynGwLIRTKu1gwsOYG6rWVgKV4aoPhZe2JfFt6S2DcICa6 6HbTWBFb93SD2JGEDeBjJpidd6XLS0T0fW6dfbO76/2hPzuE0Ohghyv1xwBFRds7 aoRUu6tE5BodRXuhLZT8ZUcrrE8BIdjZ5f0hG6Vqx8NbyZWKM2P/Gf7NreMtAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUKeuLplaef20uRL2BWTM8RsYerNAwHwYDVR0j BBgwFoAUKJupy+tx2WA77ZY+O2CxeQ6PeKIwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjY5Mzg5OTU5NTg3NDMwNS8wLzI4OUJBOUNCRUI3MUQ5NjAzQkVEOTYzRTNCNjBC MTc5MEU4Rjc4QTIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMjg5QkE5Q0JFQjcxRDk2MDNCRUQ5NjNFM0I2MEIxNzkwRThGNzhBMi5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY2OTM4OTk1OTU4NzQzMDUvMC8yODlCQTlDQkVCNzFE OTYwM0JFRDk2M0UzQjYwQjE3OTBFOEY3OEEyLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWg9KbYYn65W1 /21KyL4wBYjIjAlHzPj6hFPm9yqzHqN2PFYhtSJGSCWA8eIYxJaeovdQTl4bNZ5s eTAZreReuzY5sCrZGHcD/rWsHrzUyRRueWe5DNnoZw+8+ySmTGo2pO7jlu7v8nyh vLKKTfCcWbdEqsJMZ/aGOLrXQ7sd304hbgh2C/9JjyMsDAABPun/clnAehoR4l96 ChIWQBJHB48zSMc6EIZZXaGYNsjG7vp74+6NSndO6aKeaBFhe2o1Sboaz8pM9q2+ d88UVDvZle3E5yEbHtd+F+IrUx0amNP9UNsuNr0equwAZORMUXERI+xBhPl2mE5J RX63dJ4svw== -----END CERTIFICATE-----Generated at Fri Apr 17 21:20:14 2026 by rpki-client