$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft File: NxT4EtSpDicn7ABvXkzukIk0r3g.mft (raw, json) Hash identifier: c1iuhWBHsDm/8+qDQ9N0b2mVOSmHBRFE4No9+ZAH/+I= Subject key identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA Authority key identifier: 37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 Certificate issuer: /CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Certificate serial: 2033 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft Manifest number: 2033 Signing time: Wed 05 Nov 2025 14:11:21 +0000 Manifest this update: Wed 05 Nov 2025 14:11:21 +0000 Manifest next update: Wed 05 Nov 2025 20:11:21 +0000 Files and hashes: 1: NxT4EtSpDicn7ABvXkzukIk0r3g.crl (hash: TARgcCUQ1+FduGPhZAeEd1YmLkUw/6vc+ALEkDcm1zo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8243 (0x2033) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Validity Not Before: Nov 5 14:11:21 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=D4727BD1540DF9B6C4FCC174C40A002280302BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:3b:6c:95:b3:19:b9:3c:7f:39:15:f1:fd: b5:9a:0d:ba:0a:83:cf:0b:a9:32:4a:ca:fd:8f:1b: 6f:47:00:29:45:8d:60:ee:28:18:fd:d7:fb:7f:64: ef:7e:1a:0a:cf:8c:34:ba:5b:61:b5:06:1f:0b:0d: e3:bc:71:9b:9c:a1:a8:2c:7b:f9:40:62:42:f9:7a: bb:ef:ee:7b:87:00:71:3b:9d:88:82:03:e1:31:35: 45:68:19:50:53:82:cf:b2:98:1d:7d:9b:ea:4e:fd: e0:a5:fc:fc:e8:78:8f:1e:bc:32:20:2e:38:36:d5: 9b:80:27:94:10:10:57:d4:8f:1e:eb:a2:1e:a4:4e: 25:cf:74:bb:2f:a0:63:d9:e0:46:f0:ea:a8:3f:0f: a6:15:6a:18:76:b1:18:10:34:b2:12:65:9a:8e:24: 55:5c:e4:42:15:ac:20:09:ac:fd:4c:d9:e4:ae:f9: cf:6d:24:a6:9e:58:90:f9:7c:bf:53:a1:79:36:b5: b6:5f:4d:61:ac:0b:4e:c0:02:8d:ed:02:71:78:51: 30:c9:c9:fe:b6:8c:43:03:1e:8c:21:e5:3a:c1:50: 8e:02:c4:07:e4:5a:c2:d7:3e:c3:0d:16:fd:ef:36: d7:b2:a6:7c:43:3b:d4:c0:9e:5d:4e:17:63:ec:3a: b3:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA X509v3 Authority Key Identifier: keyid:37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:7b:84:6d:31:81:34:8a:6c:ba:3e:8e:67:f7:18:33:32:e4: d0:1f:cb:ec:2d:fb:9b:08:23:a7:ce:d1:36:c3:22:4d:03:52: 51:ea:d4:80:30:fb:a0:d1:14:f9:26:e1:26:52:9b:63:6e:b2: e7:a3:40:67:db:ca:29:ee:fa:9b:39:67:57:e6:18:69:7b:d6: 02:08:75:aa:55:d0:78:e7:03:b4:6e:69:f7:9b:95:bd:a3:8b: fe:e0:62:ab:84:11:0a:ae:e8:0d:70:71:e5:45:59:19:23:46: 48:9c:7c:f9:e6:ce:30:bf:e8:81:92:7a:de:26:51:2c:bf:5c: 67:44:09:3a:48:58:ed:cd:29:94:31:c6:d8:ed:a7:9a:4f:c8: 14:e1:5e:58:6b:24:04:1c:2a:49:12:dc:73:73:cc:b3:1b:82: 35:c1:f0:f8:d7:71:2d:36:9a:03:51:e2:62:7b:79:e4:8c:97: 9b:53:c6:bd:6c:ec:f3:94:d0:60:da:9c:38:ed:d8:c5:c2:c8: 64:84:80:c7:5d:b0:bb:52:7a:25:75:ea:5d:73:01:42:55:61: f3:74:24:16:dd:76:99:0e:fa:46:8d:10:20:2a:69:16:6d:99: 8e:a2:2c:d2:d3:7e:df:5d:56:2e:02:5f:1f:ff:3a:24:df:e3: 88:b5:f5:3b -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcx NEY4MTJENEE5MEUyNzI3RUMwMDZGNUU0Q0VFOTA4OTM0QUY3ODAeFw0yNTExMDUx NDExMjFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ0NzI3QkQxNTQwREY5 QjZDNEZDQzE3NEM0MEEwMDIyODAzMDJCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4kDtslbMZuTx/ORXx/bWaDboKg88LqTJKyv2PG29HAClFjWDu KBj91/t/ZO9+GgrPjDS6W2G1Bh8LDeO8cZucoagse/lAYkL5ervv7nuHAHE7nYiC A+ExNUVoGVBTgs+ymB19m+pO/eCl/PzoeI8evDIgLjg21ZuAJ5QQEFfUjx7roh6k TiXPdLsvoGPZ4Ebw6qg/D6YVahh2sRgQNLISZZqOJFVc5EIVrCAJrP1M2eSu+c9t JKaeWJD5fL9ToXk2tbZfTWGsC07AAo3tAnF4UTDJyf62jEMDHowh5TrBUI4CxAfk WsLXPsMNFv3vNteypnxDO9TAnl1OF2PsOrNNAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU1HJ70VQN+bbE/MF0xAoAIoAwK9owHwYDVR0jBBgwFoAUNxT4EtSpDicn7ABv XkzukIk0r3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz MC9OeFQ0RXRTcERpY243QUJ2WGt6dWtJazByM2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL054VDRFdFNwRGljbjdBQnZYa3p1a0lrMHIzZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMzAvTnhUNEV0U3BEaWNu N0FCdlhrenVrSWswcjNnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAC57hG0xgTSKbLo+jmf3GDMy5NAfy+wt+5sII6fO0TbDIk0DUlHq1IAw+6DR FPkm4SZSm2NusuejQGfbyinu+ps5Z1fmGGl71gIIdapV0HjnA7Ruafeblb2ji/7g YquEEQqu6A1wceVFWRkjRkicfPnmzjC/6IGSet4mUSy/XGdECTpIWO3NKZQxxtjt p5pPyBThXlhrJAQcKkkS3HNzzLMbgjXB8PjXcS02mgNR4mJ7eeSMl5tTxr1s7POU 0GDanDjt2MXCyGSEgMddsLtSeiV16l1zAUJVYfN0JBbddpkO+kaNECAqaRZtmY6i LNLTft9dVi4CXx//OiTf44i19Ts= -----END CERTIFICATE-----Generated at Wed Nov 5 17:34:36 2025 by rpki-client