$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft File: 5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft (raw, json) Hash identifier: 19Kz4KJiQhNttukY8OdW9CVQQS4ZCStasG0QRBFYrLs= Subject key identifier: C8:78:A0:D0:50:B9:93:35:16:51:7E:A5:08:7E:BA:12:24:41:2D:63 Authority key identifier: E5:ED:C5:64:FE:8B:02:F2:CF:87:00:93:BB:FD:DC:32:7D:6D:93:95 Certificate issuer: /CN=E5EDC564FE8B02F2CF870093BBFDDC327D6D9395 Certificate serial: 20D8 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft Manifest number: 20D8 Signing time: Wed 05 Nov 2025 10:11:35 +0000 Manifest this update: Wed 05 Nov 2025 10:11:35 +0000 Manifest next update: Wed 05 Nov 2025 16:11:35 +0000 Files and hashes: 1: 5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl (hash: nOTXgCLryKTM07xBJeDO8upchJxNyYNFXEhXrXXij58=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:11:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8408 (0x20d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5EDC564FE8B02F2CF870093BBFDDC327D6D9395 Validity Not Before: Nov 5 10:11:35 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=C878A0D050B9933516517EA5087EBA1224412D63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:23:3f:58:00:f8:4d:85:6d:6f:ef:7d:5b:80: b1:14:d9:33:7e:2a:3c:4a:40:6e:b4:29:f8:90:f2: 8b:d4:49:d1:9a:0b:ed:d7:e0:8c:bb:a3:7e:30:ec: 1e:a5:d9:89:32:0c:63:44:c5:a8:e8:d3:b2:e5:9f: 5e:f4:23:d9:7c:e7:09:8b:38:36:aa:9a:07:e0:00: 42:15:39:f5:36:a3:2e:3a:3c:aa:5c:07:6b:79:a7: b5:02:02:1e:a8:ab:1d:ea:5d:f9:db:8c:7c:0f:1b: 3f:3c:75:b1:37:2a:86:58:68:50:c2:95:1f:02:05: 79:3c:06:55:8f:42:c2:d8:f4:fc:d2:79:20:3c:c9: 1b:d5:2f:41:96:af:7e:2b:b5:e9:2a:12:35:79:e5: 44:c8:05:0f:4d:c8:65:32:fd:30:0d:49:b0:e9:84: 8d:5c:e1:22:84:7d:29:62:c0:fb:d4:88:65:d5:65: 1c:66:1c:6f:4c:07:1a:2c:0e:44:f8:63:9d:c7:08: 8b:83:d7:af:b2:c0:b3:47:79:fe:0f:f5:da:cc:8b: 7f:a5:59:6f:ef:65:2f:f5:30:63:ee:b6:73:46:5a: df:4b:07:20:4f:55:2a:c7:8d:d1:49:c0:58:42:e6: 15:86:b6:04:aa:b0:9f:54:69:3f:1b:61:86:83:18: be:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:78:A0:D0:50:B9:93:35:16:51:7E:A5:08:7E:BA:12:24:41:2D:63 X509v3 Authority Key Identifier: keyid:E5:ED:C5:64:FE:8B:02:F2:CF:87:00:93:BB:FD:DC:32:7D:6D:93:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:ca:3a:b7:f2:87:bd:db:ed:b0:3c:fe:7a:66:a4:29:fb:dc: a4:f9:b3:28:52:3a:88:c3:4f:57:ae:c2:c4:71:27:b9:0f:f4: 69:34:b1:8b:b9:22:9f:6b:b5:ed:85:8c:04:94:5b:5a:b3:ee: a2:79:56:a3:68:ac:b5:94:21:44:c0:e7:f6:f2:5a:b8:02:59: 98:04:ce:b9:d7:78:e6:93:54:5b:99:48:3e:a8:64:40:ff:b0: ff:9d:0d:0c:dd:cf:6f:2c:93:45:c4:63:7b:04:6b:95:19:83: 1a:af:7b:6d:a9:ae:2a:20:f6:9c:8d:87:14:06:f0:b6:2c:36: 6a:07:a3:13:63:94:60:0a:9c:0c:b8:d0:ae:8a:49:bf:a2:b1: e7:c0:0a:cc:20:4f:e2:3d:0e:33:3f:60:23:7f:c2:c4:3f:e5: de:de:bf:76:4e:83:c2:6e:94:f9:83:44:7e:98:77:cd:87:8f: 20:3f:21:f2:42:21:97:38:ee:09:f3:b7:47:8f:3b:e2:54:90: 4b:1c:84:d1:c2:fd:74:0d:b7:95:27:bb:c3:08:e9:3e:a8:52: d6:fa:1b:5e:17:05:d7:e6:8b:a8:d4:db:c0:eb:b4:bc:65:d6: 47:fe:63:c0:65:c8:d3:8d:cf:27:9c:9f:78:2c:c5:f0:2b:d3: 96:03:6e:e3 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICINgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVF REM1NjRGRThCMDJGMkNGODcwMDkzQkJGRERDMzI3RDZEOTM5NTAeFw0yNTExMDUx MDExMzVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEM4NzhBMEQwNTBCOTkz MzUxNjUxN0VBNTA4N0VCQTEyMjQ0MTJENjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNIz9YAPhNhW1v731bgLEU2TN+KjxKQG60KfiQ8ovUSdGaC+3X 4Iy7o34w7B6l2YkyDGNExajo07Lln170I9l85wmLODaqmgfgAEIVOfU2oy46PKpc B2t5p7UCAh6oqx3qXfnbjHwPGz88dbE3KoZYaFDClR8CBXk8BlWPQsLY9PzSeSA8 yRvVL0GWr34rtekqEjV55UTIBQ9NyGUy/TANSbDphI1c4SKEfSliwPvUiGXVZRxm HG9MBxosDkT4Y53HCIuD16+ywLNHef4P9drMi3+lWW/vZS/1MGPutnNGWt9LByBP VSrHjdFJwFhC5hWGtgSqsJ9UaT8bYYaDGL53AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUyHig0FC5kzUWUX6lCH66EiRBLWMwHwYDVR0jBBgwFoAU5e3FZP6LAvLPhwCT u/3cMn1tk5UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 OC81ZTNGWlA2TEF2TFBod0NUdV8zY01uMXRrNVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVlM0ZaUDZMQXZMUGh3Q1R1XzNjTW4xdGs1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDgvNWUzRlpQNkxBdkxQ aHdDVHVfM2NNbjF0azVVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEnKOrfyh73b7bA8/npmpCn73KT5syhSOojDT1euwsRxJ7kP9Gk0sYu5Ip9r te2FjASUW1qz7qJ5VqNorLWUIUTA5/byWrgCWZgEzrnXeOaTVFuZSD6oZED/sP+d DQzdz28sk0XEY3sEa5UZgxqve22priog9pyNhxQG8LYsNmoHoxNjlGAKnAy40K6K Sb+isefACswgT+I9DjM/YCN/wsQ/5d7ev3ZOg8JulPmDRH6Yd82HjyA/IfJCIZc4 7gnzt0ePO+JUkEschNHC/XQNt5Unu8MI6T6oUtb6G14XBdfmi6jU28DrtLxl1kf+ Y8BlyNONzyecn3gsxfAr05YDbuM= -----END CERTIFICATE-----Generated at Wed Nov 5 15:34:47 2025 by rpki-client