
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
File: fPRMBtXqffDL1PaFCPFOhNoIt1I.mft (raw, json)
Hash identifier: pWZ1i9IUX6GHcEKj3DkxiovzfwInR4K7axTayZvWHQs=
Subject key identifier: 7C:23:A7:76:81:71:4E:FB:35:C9:01:DA:63:0F:2C:52:5E:FE:19:BF
Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Certificate serial: 1BD4
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
Manifest number: 1BC7
Signing time: Sun 01 Mar 2026 21:28:31 +0000
Manifest this update: Sun 01 Mar 2026 21:28:31 +0000
Manifest next update: Mon 02 Mar 2026 03:28:31 +0000
Files and hashes: 1: HIkT_nEnsLxGeI-3zJUHhtNyWj8.roa (hash: IhDC9QUQgRmJWF3Vdetq/G4pSKe6C+p+OntJsqXr45o=)
2: JysggbimOtIIYLd8H4W2mvAaKtk.roa (hash: 3dVEhqycSb5TWHE0dMoeeLFGJNYtZHoiwDeanRn76Yc=)
3: OYh5JEj0uWuUFwdKjB10pF76_pI.roa (hash: An6u7oH3sagNhBru0T5ojCoKJVfFfrmJ66mlx7PcbhI=)
4: USiwWmP7_uZv84RfFsFEk-_9H8Q.roa (hash: b7crNyxxWRj94oFuRTJxzkl+UkzfJZ2V5euQ8agMh3o=)
5: cIWlcgIlWrr7dPhvnLjAEmryGDc.roa (hash: qYlW/Je7TxRMGGbrH6KCQs+TJv0I6bBgau3xwOaOT6g=)
6: fPRMBtXqffDL1PaFCPFOhNoIt1I.crl (hash: EZ0G4TSekMTh3udcC8M0YPNpziF8LsMZY6IQI1K45JE=)
7: gALoy-WEClG9nOagRiQccU0WnpE.roa (hash: Gmv5mtUHklFp3j+m8mMU5eiB9lpckT1KXPsOboMEr50=)
8: nlfKk31w0-JMOBpbuydpYlmgaK4.roa (hash: Pd6xFisxhVIf9N5p5BSqwtwrTZp9+Wnd5CgCa9g0/nM=)
9: r78L_jfDaGDjaH3rsP83eK4kcG4.roa (hash: u1or2If1pLNDG9eB56Xw8Z+2kHObmlhnvE4GqSl5VaQ=)
10: xB_JUhaUTOLRuggWEFRDEbGKbdA.roa (hash: MUeQ6SBwA1FY7z2svn5ifPBc7LhDADwZ7QfDARqfH+4=)
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Mar 2026 03:28:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7124 (0x1bd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Validity
Not Before: Mar 1 21:28:31 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=7C23A77681714EFB35C901DA630F2C525EFE19BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:2a:bb:7b:59:64:df:24:f6:6c:eb:bb:11:8a:
b8:10:c4:dc:0b:39:e9:39:6c:d6:f4:fe:8e:d2:6e:
e7:2d:e0:8d:d1:3e:30:0e:e9:e9:40:0f:13:58:9a:
69:08:05:09:2f:da:e8:f6:ad:0c:58:f4:89:f1:ca:
1d:29:f9:c3:d9:7f:c6:67:52:8e:67:28:ac:e3:d8:
38:37:9d:d0:40:be:39:4c:d1:d0:16:c4:e8:ef:c9:
be:0c:de:94:15:2f:53:6a:a7:3a:00:77:42:a3:19:
af:82:30:ff:13:d5:ad:8d:1e:56:28:9f:59:a7:74:
5d:f8:3c:7e:c9:cf:96:8d:f7:12:24:92:e7:5d:da:
7a:86:6c:c4:44:4e:34:4c:12:22:b8:ae:6b:4f:21:
78:f5:ca:31:5f:72:7c:2d:16:ae:01:e0:b5:f1:52:
ae:78:6d:ac:46:c0:99:f9:ea:79:13:92:fa:7f:3e:
3b:d6:b1:98:50:b4:d0:4d:24:f2:1d:87:61:f9:75:
25:cc:b7:5f:cc:c7:a8:38:03:d3:32:d6:7a:73:37:
e7:d2:db:ab:8a:b2:86:aa:9f:8d:c0:b6:f4:6e:cf:
8d:8f:3c:69:99:b6:07:1d:af:c5:23:e0:a2:01:63:
df:7a:72:b4:89:b0:38:aa:e4:f5:97:12:29:1d:f1:
07:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:23:A7:76:81:71:4E:FB:35:C9:01:DA:63:0F:2C:52:5E:FE:19:BF
X509v3 Authority Key Identifier:
keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3a:27:10:8f:72:82:af:84:93:72:0d:35:cf:ba:f6:81:66:ae:
66:8e:ee:ce:1a:ae:46:c9:5f:16:33:3c:19:c2:de:f1:08:26:
b8:12:6b:4e:3c:b0:45:f4:4f:f2:b3:d8:2c:7b:3c:03:e2:02:
84:d7:24:8f:f6:b8:a1:93:e6:bb:51:8c:65:25:05:6b:18:67:
80:d5:89:79:13:7c:6c:63:02:cf:90:e7:32:63:93:e2:f4:4a:
b9:82:7f:8f:c6:f0:7b:0e:2f:a0:f6:c3:b6:29:81:6b:c9:bd:
cd:9e:21:c7:c3:9f:21:d7:f7:12:72:af:9e:ff:3c:df:ab:52:
b0:25:33:83:c7:80:f6:ad:23:08:a1:7e:c3:60:c2:94:7d:db:
c3:a1:94:0e:d5:4c:4d:78:3a:e5:12:db:4c:4a:71:36:a5:e4:
11:c7:86:22:aa:c9:fa:14:74:1f:73:10:80:1f:3f:a1:85:6b:
00:9d:a2:a5:84:18:d4:c9:fa:da:7b:2e:57:f6:f7:be:8c:aa:
e0:07:ea:f4:f3:26:19:0a:89:2a:53:27:81:e5:1e:7f:c9:0d:
e4:c1:33:e9:17:90:b3:5e:03:e4:b6:19:c8:1e:d3:20:82:35:
68:e9:ae:20:06:73:7d:38:34:fc:e2:37:d8:66:62:71:52:09:
72:a3:e4:ee
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICG9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG
NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNjAzMDEy
MTI4MzFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDdDMjNBNzc2ODE3MTRF
RkIzNUM5MDFEQTYzMEYyQzUyNUVGRTE5QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuKrt7WWTfJPZs67sRirgQxNwLOek5bNb0/o7Sbuct4I3RPjAO
6elADxNYmmkIBQkv2uj2rQxY9Inxyh0p+cPZf8ZnUo5nKKzj2Dg3ndBAvjlM0dAW
xOjvyb4M3pQVL1NqpzoAd0KjGa+CMP8T1a2NHlYon1mndF34PH7Jz5aN9xIkkudd
2nqGbMRETjRMEiK4rmtPIXj1yjFfcnwtFq4B4LXxUq54baxGwJn56nkTkvp/PjvW
sZhQtNBNJPIdh2H5dSXMt1/Mx6g4A9My1npzN+fS26uKsoaqn43AtvRuz42PPGmZ
tgcdr8Uj4KIBY996crSJsDiq5PWXEikd8QdHAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUfCOndoFxTvs1yQHaYw8sUl7+Gb8wHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF
CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3
OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvZlBSTUJ0WHFmZkRM
MVBhRkNQRk9oTm9JdDFJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBADonEI9ygq+Ek3INNc+69oFmrmaO7s4arkbJXxYzPBnC3vEIJrgSa048sEX0
T/Kz2Cx7PAPiAoTXJI/2uKGT5rtRjGUlBWsYZ4DViXkTfGxjAs+Q5zJjk+L0SrmC
f4/G8HsOL6D2w7YpgWvJvc2eIcfDnyHX9xJyr57/PN+rUrAlM4PHgPatIwihfsNg
wpR928OhlA7VTE14OuUS20xKcTal5BHHhiKqyfoUdB9zEIAfP6GFawCdoqWEGNTJ
+tp7Llf2976MquAH6vTzJhkKiSpTJ4HlHn/JDeTBM+kXkLNeA+S2Gcge0yCCNWjp
riAGc304NPziN9hmYnFSCXKj5O4=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:23:30 2026 by rpki-client