$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft File: vCE9aodm-DafWThfda8AgjreZgQ.mft (raw, json) Hash identifier: G5A6AljDBKMroS4J+4gf0HkCDmMH0KzJ7mZO2WARNQ4= Subject key identifier: E5:37:31:37:0F:30:FD:B2:60:24:BF:A4:9C:E6:31:57:A0:6E:E4:97 Authority key identifier: BC:21:3D:6A:87:66:F8:36:9F:59:38:5F:75:AF:00:82:3A:DE:66:04 Certificate issuer: /CN=BC213D6A8766F8369F59385F75AF00823ADE6604 Certificate serial: 1A23 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vCE9aodm-DafWThfda8AgjreZgQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft Manifest number: 1A23 Signing time: Wed 05 Nov 2025 12:41:09 +0000 Manifest this update: Wed 05 Nov 2025 12:41:09 +0000 Manifest next update: Wed 05 Nov 2025 18:41:09 +0000 Files and hashes: 1: vCE9aodm-DafWThfda8AgjreZgQ.crl (hash: 8vQC/w3i+N1kOU2pGJeczUe0v+VVM0LZNEkAk392mBw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vCE9aodm-DafWThfda8AgjreZgQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6691 (0x1a23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BC213D6A8766F8369F59385F75AF00823ADE6604 Validity Not Before: Nov 5 12:41:09 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=E53731370F30FDB26024BFA49CE63157A06EE497 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:0b:fe:3b:37:bc:61:45:56:d7:30:80:48:3b: 74:d7:66:f5:fa:3d:5b:1f:ec:fd:85:de:58:b3:5a: 8b:ba:06:8b:d7:8d:c0:39:27:70:29:a3:8f:d5:a4: a5:ae:2b:ea:27:e1:0b:11:75:8d:6e:0d:bb:38:b9: 5b:af:bf:3e:90:db:2c:9d:22:b9:c5:1a:fc:66:27: 9f:2c:6d:65:05:df:9a:98:38:88:b3:67:60:c4:0f: 0d:17:00:86:f8:fe:9d:9f:e0:c6:af:b6:b8:12:60: 4d:67:e3:a6:cf:b1:81:24:eb:4d:88:81:10:90:b2: 85:5b:6b:f3:f5:7d:da:bc:ed:bd:41:fb:88:34:7a: 4e:65:18:0d:e0:25:e2:b4:c0:77:b7:d7:4f:3a:0a: af:1c:c1:2f:be:89:7d:59:5b:b2:91:5b:dc:9a:79: 78:be:27:1c:1c:e9:ea:cc:62:e0:2d:aa:0e:ab:e8: c0:92:a2:cd:07:db:86:7e:59:51:60:05:6f:a1:59: 3e:20:05:a4:16:c4:85:11:68:a3:61:cf:e4:ba:5f: c7:e0:f6:a1:0f:5c:76:30:d7:fa:56:b7:b8:6a:ab: e7:17:11:51:75:86:27:1e:f7:a6:4a:c2:10:2d:a1: fb:4d:71:da:9f:09:8e:b1:4b:3f:9b:a8:c6:c9:44: 22:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:37:31:37:0F:30:FD:B2:60:24:BF:A4:9C:E6:31:57:A0:6E:E4:97 X509v3 Authority Key Identifier: keyid:BC:21:3D:6A:87:66:F8:36:9F:59:38:5F:75:AF:00:82:3A:DE:66:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vCE9aodm-DafWThfda8AgjreZgQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:89:8f:ff:e9:c0:87:e2:2f:1f:17:61:e3:d7:0a:a7:5d:50: c5:a3:50:49:60:dc:ff:d2:40:ca:52:0a:51:66:23:b8:b4:51: a0:0b:b3:ca:7c:0f:15:00:62:07:cd:14:6c:65:ad:45:18:1c: 2f:70:5c:96:0f:d2:e0:0d:98:02:7c:5f:9e:07:b1:ff:b5:2e: 61:63:09:20:d9:80:82:e6:a3:00:bd:9f:d8:78:77:76:08:1f: bc:f8:d5:76:4f:d3:bd:dd:e4:4c:53:c3:d2:d1:69:2d:f2:53: c1:56:d0:86:d5:9f:46:4c:e9:ab:4e:b7:60:b2:7e:e2:1b:1c: e6:51:3b:ad:52:dc:cc:55:5c:ee:7b:73:16:d1:b5:07:65:30: a3:0c:43:8a:55:ae:6d:24:ef:2d:46:1a:63:86:e9:f9:8c:06: 99:6b:a9:f0:dc:fb:05:ab:88:03:6f:07:36:61:35:a7:11:27: ab:b5:84:61:8a:e0:f5:88:d0:04:35:94:f1:a2:bc:7c:a0:e5: fe:55:6c:3e:c6:e2:61:2a:92:00:4e:29:8f:4f:66:b2:b5:06: c7:b1:fa:c4:61:1c:9a:6b:35:93:3a:df:32:83:17:ba:2f:d9: e6:31:81:c2:39:b2:ed:52:27:db:8d:b0:86:c7:91:43:2e:00: 86:fe:a9:74 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICGiMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkMy MTNENkE4NzY2RjgzNjlGNTkzODVGNzVBRjAwODIzQURFNjYwNDAeFw0yNTExMDUx MjQxMDlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEU1MzczMTM3MEYzMEZE QjI2MDI0QkZBNDlDRTYzMTU3QTA2RUU0OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnC/47N7xhRVbXMIBIO3TXZvX6PVsf7P2F3lizWou6BovXjcA5 J3Apo4/VpKWuK+on4QsRdY1uDbs4uVuvvz6Q2yydIrnFGvxmJ58sbWUF35qYOIiz Z2DEDw0XAIb4/p2f4MavtrgSYE1n46bPsYEk602IgRCQsoVba/P1fdq87b1B+4g0 ek5lGA3gJeK0wHe31086Cq8cwS++iX1ZW7KRW9yaeXi+Jxwc6erMYuAtqg6r6MCS os0H24Z+WVFgBW+hWT4gBaQWxIURaKNhz+S6X8fg9qEPXHYw1/pWt7hqq+cXEVF1 hice96ZKwhAtoftNcdqfCY6xSz+bqMbJRCJrAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU5TcxNw8w/bJgJL+knOYxV6Bu5JcwHwYDVR0jBBgwFoAUvCE9aodm+DafWThf da8AgjreZgQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 Ny92Q0U5YW9kbS1EYWZXVGhmZGE4QWdqcmVaZ1EuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZDRTlhb2RtLURhZldUaGZkYThBZ2pyZVpnUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzcvdkNFOWFvZG0tRGFm V1RoZmRhOEFnanJlWmdRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADSJj//pwIfiLx8XYePXCqddUMWjUElg3P/SQMpSClFmI7i0UaALs8p8DxUA YgfNFGxlrUUYHC9wXJYP0uANmAJ8X54Hsf+1LmFjCSDZgILmowC9n9h4d3YIH7z4 1XZP073d5ExTw9LRaS3yU8FW0IbVn0ZM6atOt2CyfuIbHOZRO61S3MxVXO57cxbR tQdlMKMMQ4pVrm0k7y1GGmOG6fmMBplrqfDc+wWriANvBzZhNacRJ6u1hGGK4PWI 0AQ1lPGivHyg5f5VbD7G4mEqkgBOKY9PZrK1Bsex+sRhHJprNZM63zKDF7ov2eYx gcI5su1SJ9uNsIbHkUMuAIb+qXQ= -----END CERTIFICATE-----Generated at Wed Nov 5 15:41:31 2025 by rpki-client