$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json) Hash identifier: DNjA6hArCkVrbc/kHxqJp0+ODXcQgMdBWliX0R3JZZc= Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 09BB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft Manifest number: 09A5 Signing time: Wed 05 Nov 2025 17:41:10 +0000 Manifest this update: Wed 05 Nov 2025 17:41:10 +0000 Manifest next update: Wed 05 Nov 2025 23:41:10 +0000 Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=) 2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: wRuCFy1qNNbSEJAQwn5KGM7ccJVHp8Dffw9RrFwzdpI=) 3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=) 4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=) 5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=) 6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=) 7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:41:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2491 (0x9bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Nov 5 17:41:10 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8: 6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61: 71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be: 1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9: 3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76: a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd: fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0: d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b: 2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7: b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15: f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b: 67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52: b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68: 1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f: 92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea: d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59: f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4: 16:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:4e:9c:35:fe:da:e6:81:e2:2d:de:fc:2c:bd:dd:b9:9d:0d: 9c:5c:33:c3:d5:72:7b:50:1f:7e:ab:70:41:95:0b:9b:6f:81: 52:ff:cf:c0:c5:b2:12:89:26:a4:db:72:fe:a3:2e:e6:a2:73: 7f:b0:f9:b0:e5:e4:94:eb:ab:2f:d7:6d:c5:22:a2:53:46:f6: 93:a0:e5:49:10:23:e9:75:33:01:81:a4:ca:26:a1:10:3c:c3: 18:98:ff:8b:93:9a:56:32:0a:b3:3e:f0:0a:80:a7:0f:05:6d: 6d:ed:d3:c6:ac:6d:f1:41:2b:9e:6e:ed:11:cf:52:09:36:24: 08:f3:48:58:96:bc:a9:85:43:27:c8:bf:0b:b7:56:ad:35:2d: 85:23:89:07:81:20:d9:3e:20:f8:af:45:f4:eb:b7:3d:4c:f3: 42:b2:ba:92:8c:f7:07:73:4d:1e:5c:c2:5f:2a:16:01:d6:4f: 93:95:15:2d:92:bf:d8:31:7d:cd:b0:de:7d:39:9e:67:91:5e: ef:0a:d3:72:7c:7c:da:d6:15:0b:6d:37:55:39:55:23:ba:b4: 4d:6e:0f:67:8e:ae:1f:d7:c3:3b:f0:9b:24:ad:35:94:c1:41: ef:36:bb:87:e2:fe:49:17:dd:cc:a8:d4:a4:bf:69:22:15:8b: 7b:a1:12:96 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTExMDUx NzQxMTBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD 97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE 8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6 b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGVOnDX+2uaB4i3e/Cy93bmdDZxcM8PVcntQH36rcEGVC5tvgVL/z8DFshKJ JqTbcv6jLuaic3+w+bDl5JTrqy/XbcUiolNG9pOg5UkQI+l1MwGBpMomoRA8wxiY /4uTmlYyCrM+8AqApw8FbW3t08asbfFBK55u7RHPUgk2JAjzSFiWvKmFQyfIvwu3 Vq01LYUjiQeBINk+IPivRfTrtz1M80KyupKM9wdzTR5cwl8qFgHWT5OVFS2Sv9gx fc2w3n05nmeRXu8K03J8fNrWFQttN1U5VSO6tE1uD2eOrh/XwzvwmyStNZTBQe82 u4fi/kkX3cyo1KS/aSIVi3uhEpY= -----END CERTIFICATE-----Generated at Wed Nov 5 22:17:21 2025 by rpki-client