$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft File: w9r9_4KPO0NdEnBkqVb13VOivD0.mft (raw, json) Hash identifier: AhKxlrUqXyBqej2xkHDfopYg0o3chn39mIMokzvmVQE= Subject key identifier: 8E:E5:CB:2E:27:FF:AB:48:4C:FE:D0:A5:64:8D:26:9B:37:D2:0E:E5 Authority key identifier: C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D Certificate issuer: /CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Certificate serial: 039B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft Manifest number: 0399 Signing time: Mon 02 Mar 2026 08:28:12 +0000 Manifest this update: Mon 02 Mar 2026 08:28:12 +0000 Manifest next update: Mon 02 Mar 2026 14:28:12 +0000 Files and hashes: 1: 8voVhgIMSHYOly56t_xyMcphEAk.roa (hash: Zve3JGBpr96I7P2FGoZun6H4kwIc0NADRMp0+IZbH2M=) 2: B4VakvjmikOE0cZukdRqw0KrCTI.roa (hash: L9vozjtlPeTyphy2by0sIiAgYomNTYPFBsvoKjJcz0g=) 3: w9r9_4KPO0NdEnBkqVb13VOivD0.crl (hash: 1EklGVHGnIn/ZSagTw+iXKRmNWbZ/rfh3D1tpDIMKP4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 14:28:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 923 (0x39b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Validity Not Before: Mar 2 08:28:12 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=8EE5CB2E27FFAB484CFED0A5648D269B37D20EE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:22:97:b6:c6:2b:4c:24:f8:65:35:f0:e4:bf: 30:4d:00:3c:3e:de:58:b5:62:13:ee:18:4a:ca:d7: b4:4c:b8:93:4d:e3:c2:84:bb:f6:fa:bf:1b:5c:d2: 97:a0:4f:1c:8b:82:69:5c:ab:02:78:63:b0:d5:2e: 1d:42:eb:cc:bd:51:23:67:43:32:7f:e4:c9:24:64: 35:24:cf:dd:ae:d2:a9:60:07:4b:01:9d:3d:d8:da: 4e:ca:ca:c3:32:96:8d:c9:6a:9d:de:f8:0d:f4:87: f4:46:94:6f:b1:d6:fc:5e:a6:f5:d8:88:b6:6a:67: 28:f0:78:83:c3:f4:f3:6b:df:c9:6e:53:c5:0b:25: cc:bd:55:d0:35:b7:b8:2a:86:4e:38:c6:04:61:ca: a8:e6:e5:e4:02:95:2d:4b:57:f9:d8:db:1f:b8:bd: 40:20:38:9d:90:fd:e8:ac:8b:c1:0d:33:2a:98:db: ae:ca:91:30:1d:55:3a:4b:4d:4d:6e:23:be:0b:9a: df:0f:8c:13:63:03:14:9b:89:06:41:5a:f9:3b:b8: a5:6d:0c:4e:3b:dd:c2:8f:c0:11:17:cb:66:fe:46: d3:0d:72:29:64:d8:ca:b9:7d:c2:cc:b2:ad:0b:1a: e8:79:f0:4e:5b:34:bf:20:63:7f:53:0e:65:86:a2: 23:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E5:CB:2E:27:FF:AB:48:4C:FE:D0:A5:64:8D:26:9B:37:D2:0E:E5 X509v3 Authority Key Identifier: keyid:C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:ea:6f:0a:46:21:e5:b6:30:53:4d:15:34:3b:74:a4:19:bf: 62:69:30:57:6a:db:d0:5c:c6:9f:95:d2:33:bc:59:c0:a3:1b: 6d:5b:4a:00:63:9f:e2:7f:dd:77:58:65:5e:71:34:43:52:08: 47:0b:79:0f:fd:79:1c:c6:21:3a:d8:24:6c:99:e9:4d:eb:64: 04:4c:16:32:ef:3a:3c:a9:5c:b9:3b:77:26:26:70:7e:c5:46: 67:6a:c1:7d:39:71:01:89:2f:4c:be:90:42:16:7e:47:55:35: ae:33:b8:b5:59:1d:74:58:a8:97:90:56:e4:36:3c:ae:3f:93: ec:c9:87:3d:08:1e:50:c1:7b:45:aa:19:bc:b1:07:2c:bb:d5: 4e:e5:7e:fc:d4:c9:d4:29:6a:49:e3:4d:2c:0f:aa:90:ff:19: 74:ff:bc:7c:8f:36:bf:02:34:e4:52:97:d6:13:21:b9:a7:68: 4a:de:03:9f:4c:98:59:40:90:9f:86:96:31:94:9c:27:5a:7f: 85:35:ed:e1:f4:67:74:10:7c:53:25:67:b2:8f:07:09:70:06: 93:d7:b2:4d:5d:a2:1a:82:1f:f3:63:b5:85:84:e7:15:69:e2: 12:f0:1a:a5:d8:85:d8:d4:7c:7a:ce:21:43:03:d1:39:60:49: 81:8c:fd:e4 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICA5swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzNE QUZERkY4MjhGM0I0MzVEMTI3MDY0QTk1NkY1REQ1M0EyQkMzRDAeFw0yNjAzMDIw ODI4MTJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDhFRTVDQjJFMjdGRkFC NDg0Q0ZFRDBBNTY0OEQyNjlCMzdEMjBFRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbIpe2xitMJPhlNfDkvzBNADw+3li1YhPuGErK17RMuJNN48KE u/b6vxtc0pegTxyLgmlcqwJ4Y7DVLh1C68y9USNnQzJ/5MkkZDUkz92u0qlgB0sB nT3Y2k7KysMylo3Jap3e+A30h/RGlG+x1vxepvXYiLZqZyjweIPD9PNr38luU8UL Jcy9VdA1t7gqhk44xgRhyqjm5eQClS1LV/nY2x+4vUAgOJ2Q/eisi8ENMyqY267K kTAdVTpLTU1uI74Lmt8PjBNjAxSbiQZBWvk7uKVtDE473cKPwBEXy2b+RtMNcilk 2Mq5fcLMsq0LGuh58E5bNL8gY39TDmWGoiPtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUjuXLLif/q0hM/tClZI0mmzfSDuUwHwYDVR0jBBgwFoAUw9r9/4KPO0NdEnBk qVb13VOivD0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy NS93OXI5XzRLUE8wTmRFbkJrcVZiMTNWT2l2RDAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3c5cjlfNEtQTzBOZEVuQmtxVmIxM1ZPaXZEMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjUvdzlyOV80S1BPME5k RW5Ca3FWYjEzVk9pdkQwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADDqbwpGIeW2MFNNFTQ7dKQZv2JpMFdq29Bcxp+V0jO8WcCjG21bSgBjn+J/ 3XdYZV5xNENSCEcLeQ/9eRzGITrYJGyZ6U3rZARMFjLvOjypXLk7dyYmcH7FRmdq wX05cQGJL0y+kEIWfkdVNa4zuLVZHXRYqJeQVuQ2PK4/k+zJhz0IHlDBe0WqGbyx Byy71U7lfvzUydQpaknjTSwPqpD/GXT/vHyPNr8CNORSl9YTIbmnaEreA59MmFlA kJ+GljGUnCdaf4U17eH0Z3QQfFMlZ7KPBwlwBpPXsk1dohqCH/NjtYWE5xVp4hLw GqXYhdjUfHrOIUMD0TlgSYGM/eQ= -----END CERTIFICATE-----Generated at Mon Mar 2 12:39:38 2026 by rpki-client