$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft File: Ab4zXmpO-5VNuniThGkpo6X2hno.mft (raw, json) Hash identifier: McsDosdXYmPxMlcQFSocnUv2P/y9ZmzUMZ7eDoZyt7s= Subject key identifier: FA:83:3F:CB:2C:B6:E9:1B:02:46:73:91:50:C5:68:9D:89:84:67:09 Authority key identifier: 01:BE:33:5E:6A:4E:FB:95:4D:BA:78:93:84:69:29:A3:A5:F6:86:7A Certificate issuer: /CN=01BE335E6A4EFB954DBA7893846929A3A5F6867A Certificate serial: 5A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft Manifest number: 52 Signing time: Wed 05 Nov 2025 10:12:29 +0000 Manifest this update: Wed 05 Nov 2025 10:12:29 +0000 Manifest next update: Wed 05 Nov 2025 16:12:29 +0000 Files and hashes: 1: 5LOLlAIfQshnZv-A-yit2bYPTFo.roa (hash: hxfdu9xHt7cnTvpqU3L+8tXpGulefAZyhVcuuyqv+JE=) 2: AZp661QogaamAn6kJhyEDq3lnpI.roa (hash: uVgRCC3TYs9CHxk1EXfcS4ShgRRYkecdU6L+XifaETw=) 3: Ab4zXmpO-5VNuniThGkpo6X2hno.crl (hash: 2boagjy8vGWkWV/D2D8Fz6quTiuFHgiCKfxYZrhDqaw=) 4: TkMmlTcEcQLD7pSSb1TqYpSMWS0.roa (hash: EXUzTGbeJC8KE4XzujOoFpoduu3zvEsV8X0422gj9gE=) 5: sbu17e0QoVUI9W7RNg3UI95CtpM.roa (hash: s9gRekXs+s24fDqiGJ+uhEWtDdujVoxBCQiLjYe1MCQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 14:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01BE335E6A4EFB954DBA7893846929A3A5F6867A Validity Not Before: Nov 5 10:12:29 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=FA833FCB2CB6E91B0246739150C5689D89846709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a4:35:f9:4b:da:d1:4a:84:f2:7d:6d:83:80: fc:b2:9e:1a:43:bc:c5:b6:16:62:69:16:d8:f8:32: f4:fb:8a:2a:f4:f3:90:c5:2b:6e:d0:d4:52:93:2d: aa:be:11:a6:c2:a3:ef:ef:f6:e2:00:c3:89:11:50: 2e:9b:10:9b:59:45:1a:fa:cb:44:ed:7a:f5:a7:26: 46:4e:95:50:df:fb:2f:e6:a2:0b:02:d5:12:4a:aa: 16:ad:86:5f:05:1e:4d:33:a1:cf:60:ea:6c:b8:e2: c7:00:ae:12:31:09:6e:a0:4f:33:77:e6:63:1f:23: 93:46:00:db:c0:f0:ce:0b:e1:c4:16:a0:55:2b:aa: 2d:51:68:47:0b:65:27:96:45:1e:36:cd:d6:d0:1b: ca:1f:7b:b4:6f:6a:ec:aa:e3:2d:5b:b0:d5:3e:90: 56:fb:23:b4:96:ec:bb:ea:09:f1:a9:3f:da:88:02: b6:9f:d3:9b:b6:28:cc:65:54:e8:a0:52:9a:49:f8: bd:81:bb:75:35:ec:48:17:bd:95:48:65:0d:31:de: 15:1e:de:18:49:f5:95:22:01:ed:a2:92:5f:76:86: 92:64:af:36:d9:10:af:6c:2c:6d:a4:3b:96:5f:e8: 99:fb:e8:4d:6f:86:81:83:62:c5:de:d1:b9:10:73: df:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:83:3F:CB:2C:B6:E9:1B:02:46:73:91:50:C5:68:9D:89:84:67:09 X509v3 Authority Key Identifier: keyid:01:BE:33:5E:6A:4E:FB:95:4D:BA:78:93:84:69:29:A3:A5:F6:86:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Ab4zXmpO-5VNuniThGkpo6X2hno.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3194/Ab4zXmpO-5VNuniThGkpo6X2hno.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:11:56:98:4c:07:c1:ad:84:51:c6:8f:3f:12:6e:69:67:0d: 35:27:44:c2:79:14:e9:d6:7e:8a:e1:19:3a:96:d8:83:76:9d: ac:4c:0d:69:96:12:48:2f:ec:07:26:4c:ba:55:cb:77:c4:d5: 3c:9a:bb:63:3b:28:4d:e4:e6:75:65:26:71:2e:ba:4b:a7:31: 4d:a9:bb:b4:3b:da:0e:8b:f6:cb:d1:39:b0:9c:82:94:bb:89: 47:5a:69:3f:c5:2a:f6:c3:d1:43:37:f1:67:eb:aa:c6:06:12: c4:b3:c6:e6:23:bb:d6:4b:1a:da:67:7e:45:fb:a1:35:1a:67: 81:58:14:18:78:3e:c3:3e:79:9d:f8:69:1c:52:7f:e0:d9:d1: 0a:3b:cb:f8:75:7a:df:a5:16:a3:9e:f0:a5:a1:c0:df:c6:f9: d1:16:23:6b:78:02:b4:45:5e:c7:62:69:96:79:9f:8a:f2:ad: 22:7c:09:2f:a3:86:81:58:ca:84:3a:4d:a3:d4:0c:84:a8:d7: b2:7f:d2:21:54:12:cc:be:f7:f2:da:3f:6f:41:c1:d6:f3:39: 70:4f:06:e8:d3:f7:c8:f4:6a:92:65:1d:57:d3:c2:a1:c0:45: ba:e1:b5:42:1a:a0:60:6c:2a:7e:72:5c:7f:83:f5:26:3b:7d: bc:6c:ce:92 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIBWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwMUJF MzM1RTZBNEVGQjk1NERCQTc4OTM4NDY5MjlBM0E1RjY4NjdBMB4XDTI1MTEwNTEw MTIyOVoXDTI2MTAyMzAzMDEwM1owMzExMC8GA1UEAxMoRkE4MzNGQ0IyQ0I2RTkx QjAyNDY3MzkxNTBDNTY4OUQ4OTg0NjcwOTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANukNflL2tFKhPJ9bYOA/LKeGkO8xbYWYmkW2Pgy9PuKKvTzkMUr btDUUpMtqr4RpsKj7+/24gDDiRFQLpsQm1lFGvrLRO169acmRk6VUN/7L+aiCwLV EkqqFq2GXwUeTTOhz2DqbLjixwCuEjEJbqBPM3fmYx8jk0YA28DwzgvhxBagVSuq LVFoRwtlJ5ZFHjbN1tAbyh97tG9q7KrjLVuw1T6QVvsjtJbsu+oJ8ak/2ogCtp/T m7YozGVU6KBSmkn4vYG7dTXsSBe9lUhlDTHeFR7eGEn1lSIB7aKSX3aGkmSvNtkQ r2wsbaQ7ll/omfvoTW+GgYNixd7RuRBz3xUCAwEAAaOCAgwwggIIMB0GA1UdDgQW BBT6gz/LLLbpGwJGc5FQxWidiYRnCTAfBgNVHSMEGDAWgBQBvjNeak77lU26eJOE aSmjpfaGejAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTk0 L0FiNHpYbXBPLTVWTnVuaVRoR2twbzZYMmhuby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvQWI0elhtcE8tNVZOdW5pVGhHa3BvNlgyaG5vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE5NC9BYjR6WG1wTy01Vk51 bmlUaEdrcG82WDJobm8ubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAmRFWmEwHwa2EUcaPPxJuaWcNNSdEwnkU6dZ+iuEZOpbYg3adrEwNaZYSSC/s ByZMulXLd8TVPJq7YzsoTeTmdWUmcS66S6cxTam7tDvaDov2y9E5sJyClLuJR1pp P8Uq9sPRQzfxZ+uqxgYSxLPG5iO71ksa2md+RfuhNRpngVgUGHg+wz55nfhpHFJ/ 4NnRCjvL+HV636UWo57wpaHA38b50RYja3gCtEVex2JplnmfivKtInwJL6OGgVjK hDpNo9QMhKjXsn/SIVQSzL738to/b0HB1vM5cE8G6NP3yPRqkmUdV9PCocBFuuG1 QhqgYGwqfnJcf4P1Jjt9vGzOkg== -----END CERTIFICATE-----Generated at Wed Nov 5 12:54:27 2025 by rpki-client