$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft File: KCAlirZf9h_V1m2Vlk9I76NdzIY.mft (raw, json) Hash identifier: +3u0xywkBQfW7ArJjFbMsmeJrYciLrZqjOqOE3ftfus= Subject key identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Certificate serial: 174B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft Manifest number: 1746 Signing time: Wed 05 Nov 2025 19:42:45 +0000 Manifest this update: Wed 05 Nov 2025 19:42:45 +0000 Manifest next update: Thu 06 Nov 2025 01:42:45 +0000 Files and hashes: 1: I9uSXffH-pwTghGYA_o9PiW31PU.roa (hash: nwRRWYa9JDWQiBl3beIie/BcmhzWO1BFjAfKhqo9ItM=) 2: KCAlirZf9h_V1m2Vlk9I76NdzIY.crl (hash: yzBEDUmcuQ4FRXsaU29gmVbrAj3nKlSTGIdpJjtSrFw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5963 (0x174b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Validity Not Before: Nov 5 19:42:45 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=F22C52B900B880022A9210A686FE1A8006C4DAEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:00:01:ef:f8:9d:ec:b2:12:09:20:58:1f:f3: bd:ff:df:54:3b:c9:ac:13:5f:ac:3e:9a:f0:59:2a: 74:83:21:ab:51:13:b2:13:63:81:d9:61:f8:5e:72: 60:1f:12:b1:10:b8:dc:7a:b2:56:21:d0:fb:d7:f2: aa:49:63:be:c8:7f:19:56:97:04:da:4e:53:1c:16: c3:31:42:cb:b6:b8:63:dc:61:e5:98:a1:85:70:f3: 67:09:3e:d7:5d:db:ba:22:5d:14:68:44:54:17:ce: af:66:c2:4f:e8:75:a9:e8:cc:15:f5:4e:86:ae:4d: bd:6c:c9:56:d8:e9:b3:55:b2:0b:eb:a7:5b:fb:a0: b1:ff:b0:ab:0f:f4:d2:07:47:cb:2c:90:1f:0e:ef: ef:7f:4a:20:a2:34:ae:d9:44:8f:d9:a7:52:23:ad: 22:31:a4:2d:eb:05:2e:7a:97:20:23:ab:b8:dc:74: 6e:b5:ef:14:54:01:f8:0d:d1:90:ef:1f:be:ed:99: aa:81:f8:f5:48:90:4c:c3:2c:07:cd:df:be:58:06: 0f:72:e1:81:bf:f1:58:33:a0:10:5c:bc:6c:0d:34: 36:2e:f3:d8:1a:b3:bd:d0:1b:c2:fa:72:fd:13:9f: ab:9b:01:90:e8:66:7d:12:2b:b9:80:20:93:cb:4f: 3f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB X509v3 Authority Key Identifier: keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:01:6a:be:d9:b6:69:80:2d:0b:b9:5d:6f:9c:68:54:32:53: ed:97:ce:8a:5b:3b:42:fb:4b:77:4d:55:f1:27:93:75:bd:4c: b3:dd:6f:32:75:49:c2:95:2b:0f:92:48:13:6a:c0:e9:e5:76: 10:c7:99:31:1a:3e:6b:0b:4b:1f:7c:ea:50:a7:26:da:69:54: 3c:77:76:c3:77:45:cb:9b:72:f9:d5:b9:6d:7b:0f:20:b4:b0: 60:42:85:71:77:6f:0f:e5:c6:0f:47:df:fd:2b:15:98:a8:6f: 97:fc:19:5e:fc:75:eb:5a:e7:c0:c2:8f:27:7a:e0:a6:df:b2: fd:3b:b8:99:4e:fd:8c:9b:33:21:55:0e:24:8d:80:d2:d8:21: 92:8c:54:04:db:27:1f:e4:ac:bf:d3:e0:f5:b5:86:19:b7:4e: 5d:98:78:0d:16:a3:50:66:ea:f9:16:bd:e9:3e:fd:9d:59:17: f5:02:38:bb:7d:83:44:f4:ae:74:42:12:fd:65:f0:03:4f:e3: fd:8f:6b:52:74:4c:93:36:7b:d1:f5:ac:9c:7e:67:a4:25:3a: 4e:e8:80:89:3d:9c:95:23:11:11:49:ca:1f:3b:79:fc:b7:76: ca:23:31:cd:82:89:0e:7a:77:16:87:e6:8c:4e:43:52:58:2f: c3:b5:94:94 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICF0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNTExMDUx OTQyNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEYyMkM1MkI5MDBCODgw MDIyQTkyMTBBNjg2RkUxQTgwMDZDNERBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYAAHv+J3sshIJIFgf873/31Q7yawTX6w+mvBZKnSDIatRE7IT Y4HZYfhecmAfErEQuNx6slYh0PvX8qpJY77IfxlWlwTaTlMcFsMxQsu2uGPcYeWY oYVw82cJPtdd27oiXRRoRFQXzq9mwk/odanozBX1ToauTb1syVbY6bNVsgvrp1v7 oLH/sKsP9NIHR8sskB8O7+9/SiCiNK7ZRI/Zp1IjrSIxpC3rBS56lyAjq7jcdG61 7xRUAfgN0ZDvH77tmaqB+PVIkEzDLAfN375YBg9y4YG/8VgzoBBcvGwNNDYu89ga s73QG8L6cv0Tn6ubAZDoZn0SK7mAIJPLTz83AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU8ixSuQC4gAIqkhCmhv4agAbE2uswHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvS0NBbGlyWmY5aF9W MW0yVmxrOUk3Nk5keklZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBACwBar7ZtmmALQu5XW+caFQyU+2XzopbO0L7S3dNVfEnk3W9TLPdbzJ1ScKV Kw+SSBNqwOnldhDHmTEaPmsLSx986lCnJtppVDx3dsN3RcubcvnVuW17DyC0sGBC hXF3bw/lxg9H3/0rFZiob5f8GV78deta58DCjyd64Kbfsv07uJlO/YybMyFVDiSN gNLYIZKMVATbJx/krL/T4PW1hhm3Tl2YeA0Wo1Bm6vkWvek+/Z1ZF/UCOLt9g0T0 rnRCEv1l8ANP4/2Pa1J0TJM2e9H1rJx+Z6QlOk7ogIk9nJUjERFJyh87efy3dsoj Mc2CiQ56dxaH5oxOQ1JYL8O1lJQ= -----END CERTIFICATE-----Generated at Wed Nov 5 23:09:08 2025 by rpki-client