$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft File: h2aIiphaWvBfbvEvvU9k8h9SYYg.mft (raw, json) Hash identifier: 768V/eKi9WadXykyR/APaLlf6JhPtGKb9LLF3kvAwbA= Subject key identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 Authority key identifier: 87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 Certificate issuer: /CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Certificate serial: 0D49 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft Manifest number: 0D49 Signing time: Wed 05 Nov 2025 11:41:08 +0000 Manifest this update: Wed 05 Nov 2025 11:41:08 +0000 Manifest next update: Wed 05 Nov 2025 17:41:08 +0000 Files and hashes: 1: h2aIiphaWvBfbvEvvU9k8h9SYYg.crl (hash: o4VRWBtG/ZzKZM6lorn7SnX09+PkbgYnTGVukinWeZ4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 17:41:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3401 (0xd49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Validity Not Before: Nov 5 11:41:08 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D8678AA95370861C4193AE13A081E75CD1C41BD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c0:ff:85:04:90:e9:70:da:7d:d0:ea:7d:8b: f6:99:03:3a:0b:5c:4f:4b:1d:e7:7c:aa:93:12:9b: 33:7a:64:7a:38:d4:29:2c:60:d6:c5:0d:77:99:c0: e4:16:48:ab:00:f5:64:65:d8:0a:ec:21:39:34:6b: b5:43:4d:93:7c:a3:75:4d:a4:6c:bb:0a:28:9f:f1: 78:f1:e1:5f:91:17:0b:da:4f:2f:1d:56:e4:24:b0: 7e:af:5e:6b:11:88:36:ec:f0:b6:9a:83:90:cb:da: 27:0b:e9:17:93:48:fe:4e:e1:ce:2a:50:b6:91:8c: 3a:00:a3:d5:53:9d:5f:52:f5:d2:4e:d2:6e:67:31: ef:4c:91:28:a1:30:5b:37:15:cd:90:4f:f1:ba:64: f0:24:57:f3:d8:5e:d7:c8:26:d4:b9:15:7d:07:1c: 45:c4:03:72:96:41:c5:f4:fe:d9:00:51:8f:1e:4f: c7:e3:d8:15:9e:1d:0f:86:07:5e:f1:e1:70:cb:65: 14:6e:8a:c9:eb:fc:b0:2b:e7:ba:ca:53:c2:c8:00: f3:bd:b9:96:55:5a:52:26:d8:aa:3d:40:75:57:15: a0:69:dc:7e:c8:81:d1:0e:e0:1c:c6:78:3a:f5:09: 9a:8f:3f:21:84:bc:b4:6b:ef:da:46:f4:ea:38:f8: 7c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 X509v3 Authority Key Identifier: keyid:87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:49:e3:a4:c1:de:12:14:a1:89:01:de:84:31:2b:be:4f:b6: 0f:5c:1c:9b:fa:4a:c6:00:64:7c:20:35:e2:12:4d:c4:ef:6a: b8:68:cf:8d:2f:b5:c4:ec:e3:1c:44:77:eb:dd:c1:fd:15:24: db:82:62:14:6b:86:d6:40:cb:50:f8:89:cf:75:19:9c:33:e7: 31:85:0c:07:79:27:ad:bd:60:87:c1:80:8b:07:34:63:de:b4: be:f6:c1:f6:f3:e4:6e:a2:c0:26:6a:42:92:19:fa:44:ff:f7: dd:58:87:13:c7:1a:d3:47:af:0a:95:96:2d:b2:cd:89:18:a2: f5:2d:60:db:95:85:c3:2d:b8:a4:8d:dd:6c:a0:ec:5c:2b:a9: 82:f3:2b:c8:d2:e1:84:c5:12:90:ba:c8:a0:06:55:3c:0b:40: b0:2e:96:c2:25:72:43:bd:19:3d:c6:b2:27:c6:68:d5:62:2d: 35:6d:94:43:f0:c7:23:09:47:2e:8d:8f:69:22:80:72:83:45: e9:94:f9:4f:41:1a:af:7c:25:0c:a3:1f:1c:93:5e:29:fd:0c: d9:02:ea:82:4a:3d:c1:90:63:91:cd:3a:e0:d0:dd:77:cd:b5: 19:02:bf:4a:4a:6e:0f:07:fd:7c:52:85:c7:5e:2c:78:a7:0d: bd:89:b0:6e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODc2 Njg4OEE5ODVBNUFGMDVGNkVGMTJGQkQ0RjY0RjIxRjUyNjE4ODAeFw0yNTExMDUx MTQxMDhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ4Njc4QUE5NTM3MDg2 MUM0MTkzQUUxM0EwODFFNzVDRDFDNDFCRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJwP+FBJDpcNp90Op9i/aZAzoLXE9LHed8qpMSmzN6ZHo41Cks YNbFDXeZwOQWSKsA9WRl2ArsITk0a7VDTZN8o3VNpGy7Ciif8Xjx4V+RFwvaTy8d VuQksH6vXmsRiDbs8Laag5DL2icL6ReTSP5O4c4qULaRjDoAo9VTnV9S9dJO0m5n Me9MkSihMFs3Fc2QT/G6ZPAkV/PYXtfIJtS5FX0HHEXEA3KWQcX0/tkAUY8eT8fj 2BWeHQ+GB17x4XDLZRRuisnr/LAr57rKU8LIAPO9uZZVWlIm2Ko9QHVXFaBp3H7I gdEO4BzGeDr1CZqPPyGEvLRr79pG9Oo4+HwVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2GeKqVNwhhxBk64ToIHnXNHEG9cwHwYDVR0jBBgwFoAUh2aIiphaWvBfbvEv vU9k8h9SYYgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgx Ny9oMmFJaXBoYVd2QmZidkV2dlU5azhoOVNZWWcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2gyYUlpcGhhV3ZCZmJ2RXZ2VTlrOGg5U1lZZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MTcvaDJhSWlwaGFXdkJm YnZFdnZVOWs4aDlTWVlnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAhJ46TB3hIUoYkB3oQxK75Ptg9cHJv6SsYAZHwgNeISTcTvarhoz40vtcTs 4xxEd+vdwf0VJNuCYhRrhtZAy1D4ic91GZwz5zGFDAd5J629YIfBgIsHNGPetL72 wfbz5G6iwCZqQpIZ+kT/991YhxPHGtNHrwqVli2yzYkYovUtYNuVhcMtuKSN3Wyg 7FwrqYLzK8jS4YTFEpC6yKAGVTwLQLAulsIlckO9GT3GsifGaNViLTVtlEPwxyMJ Ry6Nj2kigHKDRemU+U9BGq98JQyjHxyTXin9DNkC6oJKPcGQY5HNOuDQ3XfNtRkC v0pKbg8H/XxShcdeLHinDb2JsG4= -----END CERTIFICATE-----Generated at Wed Nov 5 15:34:09 2025 by rpki-client