$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft File: 9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft (raw, json) Hash identifier: BPvhgX2a++B7qEQPK5hz1bUnbFMdgy5c9aA1S7PEc3Y= Subject key identifier: 77:2D:59:F8:1B:38:8C:AD:C0:60:7D:6B:8A:28:46:03:EF:6E:29:6B Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Certificate serial: 14DF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft Manifest number: 14D5 Signing time: Wed 05 Nov 2025 15:12:41 +0000 Manifest this update: Wed 05 Nov 2025 15:12:41 +0000 Manifest next update: Wed 05 Nov 2025 21:12:41 +0000 Files and hashes: 1: 9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl (hash: +rsSUhRVFNSvEA69AvDdm8TNnT3FgbZFIagGB4HSObw=) 2: _K85EDzCVCt1pVVYSb2NSlH5sJs.roa (hash: eSDB40TI669OfppSy2WcGhDz0KocFI5RU5LpLB+t1Ng=) 3: uG9LWLpK67qpxjgXRPMAAm6hR9Y.roa (hash: URTxuyS38BOkzq2ChrFnplSe6g+QKSVcXtGhOX6pla8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5343 (0x14df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Validity Not Before: Nov 5 15:12:41 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=772D59F81B388CADC0607D6B8A284603EF6E296B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:b3:a6:65:9c:e4:3f:1a:f8:4c:65:02:42:d8: 44:71:a7:a6:c2:64:48:59:ca:83:76:f1:7b:1f:f6: e2:c1:10:9d:c4:35:8f:2c:44:94:72:e2:03:e4:6a: d5:04:79:5a:59:d1:4b:3e:8e:96:65:7c:0a:2b:64: 95:41:b9:10:fd:30:c9:29:d7:48:a2:64:1c:9d:3c: 57:5b:69:17:43:d8:fc:a5:4b:1e:c6:18:7f:c5:d9: ce:10:82:cb:d7:4e:ca:b7:de:14:c4:93:7d:ae:b4: 84:02:05:92:7d:9c:05:3d:14:ce:a0:ac:c4:e9:63: ef:0f:67:ea:24:93:25:4a:9c:b0:d6:3b:5c:ea:4c: 3d:09:d0:4b:d7:83:cd:25:46:d6:a3:0a:19:30:9a: 7c:91:70:5b:78:41:3a:fc:65:bf:93:07:10:fe:9d: 95:db:39:84:d9:86:97:e2:e6:b0:0b:be:87:5a:95: 62:74:4f:ae:c9:ee:de:82:4a:26:81:5a:ca:b5:1f: af:7f:fc:02:4e:8c:2e:5f:c7:10:4e:9b:70:15:f4: 10:d1:46:d9:1e:bd:ab:19:07:53:79:d6:11:d3:53: 0a:87:e6:03:94:43:c5:46:b3:22:5d:62:d2:6e:b0: 6b:c3:91:6b:96:5a:e8:ec:bc:c1:46:9b:b8:ab:13: 1c:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:2D:59:F8:1B:38:8C:AD:C0:60:7D:6B:8A:28:46:03:EF:6E:29:6B X509v3 Authority Key Identifier: keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:2e:9b:82:b7:9f:23:64:78:a6:7d:69:8c:d5:fe:56:80:c6: 6e:51:e8:cb:ea:80:69:14:52:33:15:86:2d:5a:3d:51:5b:8b: 35:d4:62:50:8c:bd:27:3a:e6:d4:51:72:bf:1e:e7:eb:30:a1: d7:b3:8c:85:8c:a9:7c:bf:18:53:84:29:41:32:cd:04:14:c2: 2d:5c:34:19:92:6d:6e:f7:17:ca:96:1d:04:f5:6d:dd:52:ef: bd:a7:98:75:46:aa:77:c1:46:e7:23:85:2d:f0:d0:42:2d:ca: ee:2c:49:f6:f5:26:37:3d:54:a5:c5:3b:5f:ce:d2:d7:ee:5d: b1:4e:55:45:76:d5:6b:34:6e:2f:3d:84:97:2f:e4:29:24:63: b8:d9:89:0d:9a:70:a4:8d:97:76:15:7a:30:83:ce:2c:ae:80: 21:cf:de:87:fe:86:5a:09:e2:15:1c:64:2c:cb:0a:53:ad:9e: cb:85:87:16:24:62:c9:a3:7e:a1:9f:dd:8f:59:7c:8e:e8:3d: 25:28:17:7d:64:31:5e:ad:37:6b:27:b3:cb:49:b6:6f:60:a9: 3a:26:78:e0:16:5f:2e:a8:22:d9:f8:9b:50:78:96:f8:ac:7d: e8:53:e4:f2:23:42:e6:e1:21:bb:0f:9e:dd:c2:a3:aa:53:67: 60:ab:19:05 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1 NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNTExMDUx NTEyNDFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDc3MkQ1OUY4MUIzODhD QURDMDYwN0Q2QjhBMjg0NjAzRUY2RTI5NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTs6ZlnOQ/GvhMZQJC2ERxp6bCZEhZyoN28Xsf9uLBEJ3ENY8s RJRy4gPkatUEeVpZ0Us+jpZlfAorZJVBuRD9MMkp10iiZBydPFdbaRdD2PylSx7G GH/F2c4QgsvXTsq33hTEk32utIQCBZJ9nAU9FM6grMTpY+8PZ+okkyVKnLDWO1zq TD0J0EvXg80lRtajChkwmnyRcFt4QTr8Zb+TBxD+nZXbOYTZhpfi5rALvodalWJ0 T67J7t6CSiaBWsq1H69//AJOjC5fxxBOm3AV9BDRRtkevasZB1N51hHTUwqH5gOU Q8VGsyJdYtJusGvDkWuWWujsvMFGm7irExy9AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUdy1Z+Bs4jK3AYH1riihGA+9uKWswHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5 LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5LzlWYkRxcUVBSDRuY0Q4 N1ZRMm9odTBfelhYby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAtLpuCt58jZHimfWmM1f5WgMZuUejL6oBpFFIzFYYtWj1RW4s11GJQjL0nOubU UXK/HufrMKHXs4yFjKl8vxhThClBMs0EFMItXDQZkm1u9xfKlh0E9W3dUu+9p5h1 Rqp3wUbnI4Ut8NBCLcruLEn29SY3PVSlxTtfztLX7l2xTlVFdtVrNG4vPYSXL+Qp JGO42YkNmnCkjZd2FXowg84sroAhz96H/oZaCeIVHGQsywpTrZ7LhYcWJGLJo36h n92PWXyO6D0lKBd9ZDFerTdrJ7PLSbZvYKk6JnjgFl8uqCLZ+JtQeJb4rH3oU+Ty I0Lm4SG7D57dwqOqU2dgqxkF -----END CERTIFICATE-----Generated at Wed Nov 5 17:34:34 2025 by rpki-client