$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json) Hash identifier: 5p3YQp1dsygHCqA/Mb99w//pqeVw20sq+46yfN0F+1s= Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 081E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft Manifest number: 0808 Signing time: Wed 13 Aug 2025 16:02:06 +0000 Manifest this update: Wed 13 Aug 2025 16:02:06 +0000 Manifest next update: Wed 13 Aug 2025 22:02:06 +0000 Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=) 2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: ArLU9TO+GkR4byyGj0ceIzqEIgUhJpYXCEhtWDd6I/0=) 3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=) 4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=) 5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=) 6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=) 7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 22:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2078 (0x81e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Aug 13 16:02:06 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8: 6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61: 71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be: 1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9: 3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76: a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd: fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0: d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b: 2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7: b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15: f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b: 67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52: b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68: 1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f: 92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea: d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59: f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4: 16:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:2f:33:2e:19:36:6f:fa:ed:19:bf:ce:09:49:c6:b2:6b:fa: c4:2e:cf:af:6d:73:84:85:ed:a9:c9:18:45:ca:1a:ab:70:c1: e6:c2:79:1e:93:80:fc:83:7d:a2:8f:0a:c8:4a:36:91:66:96: 2c:80:cd:5a:9f:99:5b:da:1c:1f:c9:b3:d2:1b:1a:3b:65:5b: 82:81:40:86:71:85:70:f9:ae:2e:cc:57:54:78:ce:10:a5:a8: 63:3a:0f:39:db:9a:c0:8a:05:a5:37:4a:0c:ee:1e:94:be:cd: 5d:90:1c:cd:6e:73:5c:43:03:b1:ce:09:f5:93:58:8a:59:bf: a4:e9:43:a1:ce:fb:51:d2:14:09:66:3d:33:20:5a:5c:e5:c3: 27:c1:6c:f6:4e:bc:3c:2c:99:f9:af:2e:e0:4d:44:33:33:51: 6c:7f:0d:b5:ac:d1:cf:83:f4:be:e5:f4:c9:e2:f6:ae:48:f2: 67:48:d1:9d:57:a4:8e:e6:f5:e4:e2:9e:97:89:ea:2a:82:ef: 24:56:8d:07:33:49:ac:d7:c6:62:11:39:c0:7d:ea:32:9d:04: 45:2c:2a:ac:1f:c9:0d:d8:db:5a:67:fd:f8:16:57:5c:ec:f0: 48:2f:18:3f:c2:66:09:12:e6:9c:19:28:f8:1b:2f:1c:06:55: 0c:fc:1f:14 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTA4MTMx NjAyMDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD 97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE 8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6 b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAMAvMy4ZNm/67Rm/zglJxrJr+sQuz69tc4SF7anJGEXKGqtwwebCeR6TgPyD faKPCshKNpFmliyAzVqfmVvaHB/Js9IbGjtlW4KBQIZxhXD5ri7MV1R4zhClqGM6 DznbmsCKBaU3SgzuHpS+zV2QHM1uc1xDA7HOCfWTWIpZv6TpQ6HO+1HSFAlmPTMg WlzlwyfBbPZOvDwsmfmvLuBNRDMzUWx/DbWs0c+D9L7l9Mni9q5I8mdI0Z1XpI7m 9eTinpeJ6iqC7yRWjQczSazXxmIROcB96jKdBEUsKqwfyQ3Y21pn/fgWV1zs8Egv GD/CZgkS5pwZKPgbLxwGVQz8HxQ= -----END CERTIFICATE-----Generated at Wed Aug 13 20:24:08 2025 by rpki-client