$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft File: vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft (raw, json) Hash identifier: t96nGthZ/xMJ94v6a6y8vtRCSWtAwi4qpfJmlRtHPj0= Subject key identifier: 56:CA:4C:99:B6:C7:E8:0B:5F:09:94:1B:6E:F6:A3:5C:59:76:15:A1 Authority key identifier: BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 Certificate issuer: /CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Certificate serial: 1FDA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft Manifest number: 1FD5 Signing time: Wed 13 Aug 2025 16:02:34 +0000 Manifest this update: Wed 13 Aug 2025 16:02:34 +0000 Manifest next update: Wed 13 Aug 2025 22:02:34 +0000 Files and hashes: 1: 56m64Ou0nCfyZ4zVW6CqefNP7gY.roa (hash: 7Ep7Bwvng+B6VLF371ylPSSDWFXrMowJ7fainn1ZrrQ=) 2: vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl (hash: mSf0eVAnVO/INtKvuN2La2RMe4YmhDKKcpka0WW1/tc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 22:02:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8154 (0x1fda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Validity Not Before: Aug 13 16:02:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=56CA4C99B6C7E80B5F09941B6EF6A35C597615A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:95:98:3c:86:db:0c:4f:fa:c0:9b:3b:6f:00: 11:c2:b7:65:ce:dd:c6:4e:0d:fb:7c:f3:5a:2f:f0: 10:6b:e5:75:0e:99:a2:e9:d3:4c:eb:83:fb:a4:66: 0c:ad:ec:f6:aa:26:ab:30:fc:08:e2:52:64:ec:74: d7:61:93:6e:29:a2:f2:11:6b:42:3c:a3:99:15:72: 97:8c:33:37:9a:43:88:4b:33:b6:d5:96:8d:91:99: f3:92:5f:ae:e4:ea:42:3b:7d:19:fb:b5:f4:42:ea: 80:f4:f9:50:8d:82:d0:69:cd:e3:11:a2:63:16:df: 60:c2:43:45:45:3f:27:11:e4:74:86:09:05:7f:fd: bb:6a:9f:c7:09:67:25:1d:b5:fc:86:51:6a:c8:38: 2d:a3:ed:17:8b:d1:e3:ca:9b:65:c3:4d:15:73:e5: 68:ae:5c:45:d4:8f:33:47:f3:2f:13:99:55:cd:40: ff:0f:b6:3b:91:43:7d:a6:a1:08:2a:e6:66:b9:05: 59:78:d5:a3:47:9e:87:f7:b5:55:5c:2a:5d:2e:5f: 8e:b7:b2:c9:6b:77:ea:73:50:b5:be:56:84:77:09: 23:2c:a4:ce:cd:01:12:32:24:37:97:08:a5:7d:48: 37:77:94:28:35:f7:4d:5f:51:6e:a0:a0:51:45:56: 3e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:CA:4C:99:B6:C7:E8:0B:5F:09:94:1B:6E:F6:A3:5C:59:76:15:A1 X509v3 Authority Key Identifier: keyid:BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:e5:48:53:0e:7e:f6:a7:92:ed:91:22:3c:87:92:01:55:0b: 47:97:6e:d8:48:1a:c2:ba:c0:3d:53:83:99:00:26:43:86:cf: de:bc:60:bf:38:fe:ea:46:ba:42:f5:fa:2b:38:b9:9f:ef:ae: 21:84:38:12:ef:31:e5:ab:ca:73:dd:46:6c:00:4e:93:db:b1: 73:39:e0:a6:c8:fc:cd:6b:8d:25:b5:c9:c6:d4:52:dc:b9:dc: 7f:87:2b:65:cc:00:8d:14:85:04:23:bd:dd:a5:4d:17:b1:72: d1:4c:13:fb:1e:33:cd:36:ef:ad:34:ca:b5:06:e2:dd:9a:8d: a2:36:ed:b7:8b:dc:e2:93:0e:02:1d:44:23:54:dc:59:61:c4: 80:9b:b8:3d:17:29:85:f0:e8:f5:7c:84:d5:d5:cb:aa:5d:b8: 53:31:9a:04:24:d9:77:f6:e6:b5:22:f0:4a:5a:17:a0:d2:3d: 88:6b:b5:a9:6e:5a:fd:df:a7:75:70:f2:63:c6:2a:7e:4e:80: e7:1b:ad:bf:8b:26:7e:7c:1b:72:6c:c9:c8:4b:21:7c:fc:de: ba:cd:3d:c4:f9:21:d2:12:d4:2b:f0:fb:7f:3e:c5:77:87:a7: c2:87:7f:fa:0f:3f:bf:e2:a0:03:00:f1:78:fd:70:47:3c:0a: ff:e2:a4:1a -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICH9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkNG NDAxN0E2RTI5MTVGMjYxNDdENDE5RTVGN0E3RDE2NEQwNDk4NDAeFw0yNTA4MTMx NjAyMzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU2Q0E0Qzk5QjZDN0U4 MEI1RjA5OTQxQjZFRjZBMzVDNTk3NjE1QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTlZg8htsMT/rAmztvABHCt2XO3cZODft881ov8BBr5XUOmaLp 00zrg/ukZgyt7PaqJqsw/AjiUmTsdNdhk24povIRa0I8o5kVcpeMMzeaQ4hLM7bV lo2RmfOSX67k6kI7fRn7tfRC6oD0+VCNgtBpzeMRomMW32DCQ0VFPycR5HSGCQV/ /btqn8cJZyUdtfyGUWrIOC2j7ReL0ePKm2XDTRVz5WiuXEXUjzNH8y8TmVXNQP8P tjuRQ32moQgq5ma5BVl41aNHnof3tVVcKl0uX463sslrd+pzULW+VoR3CSMspM7N ARIyJDeXCKV9SDd3lCg1901fUW6goFFFVj63AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUVspMmbbH6AtfCZQbbvajXFl2FaEwHwYDVR0jBBgwFoAUvPQBem4pFfJhR9QZ 5fen0WTQSYQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3 Mi92UFFCZW00cEZmSmhSOVFaNWZlbjBXVFFTWVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZQUUJlbTRwRmZKaFI5UVo1ZmVuMFdUUVNZUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzIvdlBRQmVtNHBGZkpo UjlRWjVmZW4wV1RRU1lRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAK7lSFMOfvanku2RIjyHkgFVC0eXbthIGsK6wD1Tg5kAJkOGz968YL84/upG ukL1+is4uZ/vriGEOBLvMeWrynPdRmwATpPbsXM54KbI/M1rjSW1ycbUUty53H+H K2XMAI0UhQQjvd2lTRexctFME/seM8027600yrUG4t2ajaI27beL3OKTDgIdRCNU 3FlhxICbuD0XKYXw6PV8hNXVy6pduFMxmgQk2Xf25rUi8EpaF6DSPYhrtaluWv3f p3Vw8mPGKn5OgOcbrb+LJn58G3JsychLIXz83rrNPcT5IdIS1Cvw+38+xXeHp8KH f/oPP7/ioAMA8Xj9cEc8Cv/ipBo= -----END CERTIFICATE-----Generated at Wed Aug 13 20:24:01 2025 by rpki-client