$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft File: w9r9_4KPO0NdEnBkqVb13VOivD0.mft (raw, json) Hash identifier: 6HiYp4v605SatXjJlPzsuqKH8/pFxx+isf12BuGm5q8= Subject key identifier: 8E:E5:CB:2E:27:FF:AB:48:4C:FE:D0:A5:64:8D:26:9B:37:D2:0E:E5 Authority key identifier: C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D Certificate issuer: /CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Certificate serial: 0158 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft Manifest number: 0156 Signing time: Wed 05 Nov 2025 10:13:50 +0000 Manifest this update: Wed 05 Nov 2025 10:13:50 +0000 Manifest next update: Wed 05 Nov 2025 16:13:50 +0000 Files and hashes: 1: 8voVhgIMSHYOly56t_xyMcphEAk.roa (hash: Zve3JGBpr96I7P2FGoZun6H4kwIc0NADRMp0+IZbH2M=) 2: B4VakvjmikOE0cZukdRqw0KrCTI.roa (hash: L9vozjtlPeTyphy2by0sIiAgYomNTYPFBsvoKjJcz0g=) 3: w9r9_4KPO0NdEnBkqVb13VOivD0.crl (hash: d2ikwKb6oSS428a0cwMSGsf7yafnJ2xbjYYgQ+4CkGc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:13:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 344 (0x158) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Validity Not Before: Nov 5 10:13:50 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=8EE5CB2E27FFAB484CFED0A5648D269B37D20EE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:22:97:b6:c6:2b:4c:24:f8:65:35:f0:e4:bf: 30:4d:00:3c:3e:de:58:b5:62:13:ee:18:4a:ca:d7: b4:4c:b8:93:4d:e3:c2:84:bb:f6:fa:bf:1b:5c:d2: 97:a0:4f:1c:8b:82:69:5c:ab:02:78:63:b0:d5:2e: 1d:42:eb:cc:bd:51:23:67:43:32:7f:e4:c9:24:64: 35:24:cf:dd:ae:d2:a9:60:07:4b:01:9d:3d:d8:da: 4e:ca:ca:c3:32:96:8d:c9:6a:9d:de:f8:0d:f4:87: f4:46:94:6f:b1:d6:fc:5e:a6:f5:d8:88:b6:6a:67: 28:f0:78:83:c3:f4:f3:6b:df:c9:6e:53:c5:0b:25: cc:bd:55:d0:35:b7:b8:2a:86:4e:38:c6:04:61:ca: a8:e6:e5:e4:02:95:2d:4b:57:f9:d8:db:1f:b8:bd: 40:20:38:9d:90:fd:e8:ac:8b:c1:0d:33:2a:98:db: ae:ca:91:30:1d:55:3a:4b:4d:4d:6e:23:be:0b:9a: df:0f:8c:13:63:03:14:9b:89:06:41:5a:f9:3b:b8: a5:6d:0c:4e:3b:dd:c2:8f:c0:11:17:cb:66:fe:46: d3:0d:72:29:64:d8:ca:b9:7d:c2:cc:b2:ad:0b:1a: e8:79:f0:4e:5b:34:bf:20:63:7f:53:0e:65:86:a2: 23:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E5:CB:2E:27:FF:AB:48:4C:FE:D0:A5:64:8D:26:9B:37:D2:0E:E5 X509v3 Authority Key Identifier: keyid:C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:5f:87:23:aa:d1:e1:87:a0:66:00:2d:87:71:c7:e5:f1:9c: 3b:7c:22:f9:38:69:7d:79:d9:8a:b7:ff:0d:a1:85:0b:08:47: 28:2a:d6:4b:07:6e:06:da:33:bb:4a:83:52:06:51:df:c1:c6: 63:be:1f:70:24:75:22:25:23:6e:e1:82:f0:db:a6:1a:79:a2: 90:6f:2b:9b:e7:c7:0e:5a:f1:fb:8f:ab:c3:64:38:b8:4f:26: 3e:08:f9:02:1a:b3:35:d3:f5:79:9f:91:7a:5b:af:06:74:0e: a5:45:84:d2:83:08:9c:1e:26:3f:8a:5a:8b:9b:e7:d6:37:9c: fb:b8:4e:0b:aa:b7:a8:aa:cc:5f:af:39:9e:9d:19:d1:e5:00: 1f:4a:b5:83:40:27:2f:9b:01:0a:86:ef:0b:eb:d1:16:47:a5: 0e:65:42:5c:93:c4:0b:0d:23:f1:63:a4:c2:ad:8e:2e:95:17: ea:3a:d4:8f:17:63:73:d7:30:fc:63:26:56:49:31:3d:e3:9e: f9:c4:3e:e7:0b:16:c7:6c:8f:e0:df:e5:1d:99:c0:38:28:9c: 22:74:64:de:36:8c:e0:3d:1b:9b:a6:a4:f6:01:79:33:11:d1: 4e:35:2e:25:da:48:7e:f2:55:2b:f6:dd:4c:b8:54:c9:e7:83: ac:44:c5:10 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzNE QUZERkY4MjhGM0I0MzVEMTI3MDY0QTk1NkY1REQ1M0EyQkMzRDAeFw0yNTExMDUx MDEzNTBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDhFRTVDQjJFMjdGRkFC NDg0Q0ZFRDBBNTY0OEQyNjlCMzdEMjBFRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbIpe2xitMJPhlNfDkvzBNADw+3li1YhPuGErK17RMuJNN48KE u/b6vxtc0pegTxyLgmlcqwJ4Y7DVLh1C68y9USNnQzJ/5MkkZDUkz92u0qlgB0sB nT3Y2k7KysMylo3Jap3e+A30h/RGlG+x1vxepvXYiLZqZyjweIPD9PNr38luU8UL Jcy9VdA1t7gqhk44xgRhyqjm5eQClS1LV/nY2x+4vUAgOJ2Q/eisi8ENMyqY267K kTAdVTpLTU1uI74Lmt8PjBNjAxSbiQZBWvk7uKVtDE473cKPwBEXy2b+RtMNcilk 2Mq5fcLMsq0LGuh58E5bNL8gY39TDmWGoiPtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUjuXLLif/q0hM/tClZI0mmzfSDuUwHwYDVR0jBBgwFoAUw9r9/4KPO0NdEnBk qVb13VOivD0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy NS93OXI5XzRLUE8wTmRFbkJrcVZiMTNWT2l2RDAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3c5cjlfNEtQTzBOZEVuQmtxVmIxM1ZPaXZEMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjUvdzlyOV80S1BPME5k RW5Ca3FWYjEzVk9pdkQwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABBfhyOq0eGHoGYALYdxx+XxnDt8Ivk4aX152Yq3/w2hhQsIRygq1ksHbgba M7tKg1IGUd/BxmO+H3AkdSIlI27hgvDbphp5opBvK5vnxw5a8fuPq8NkOLhPJj4I +QIaszXT9XmfkXpbrwZ0DqVFhNKDCJweJj+KWoub59Y3nPu4Tguqt6iqzF+vOZ6d GdHlAB9KtYNAJy+bAQqG7wvr0RZHpQ5lQlyTxAsNI/FjpMKtji6VF+o61I8XY3PX MPxjJlZJMT3jnvnEPucLFsdsj+Df5R2ZwDgonCJ0ZN42jOA9G5umpPYBeTMR0U41 LiXaSH7yVSv23Uy4VMnng6xExRA= -----END CERTIFICATE-----Generated at Wed Nov 5 16:05:14 2025 by rpki-client