$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft File: hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft (raw, json) Hash identifier: fTcwuf4S13/todAZ4clwCAM3P7Mo2WkI3DE3G/izTko= Subject key identifier: 4D:28:36:42:2D:A4:F1:4F:8E:8A:7E:1D:DA:A1:7B:D2:F2:CF:62:79 Authority key identifier: 85:7F:20:86:98:A2:49:A0:59:60:79:DE:4F:3D:AE:5F:A7:B9:67:54 Certificate issuer: /CN=857F208698A249A0596079DE4F3DAE5FA7B96754 Certificate serial: 0B09 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft Manifest number: 0B09 Signing time: Wed 13 Aug 2025 16:03:30 +0000 Manifest this update: Wed 13 Aug 2025 16:03:30 +0000 Manifest next update: Wed 13 Aug 2025 22:03:30 +0000 Files and hashes: 1: hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl (hash: BR/7zMCcb9qujzO98D9ini6hhFHwSlCtpHsbcUD7dhw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 22:03:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2825 (0xb09) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=857F208698A249A0596079DE4F3DAE5FA7B96754 Validity Not Before: Aug 13 16:03:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4D2836422DA4F14F8E8A7E1DDAA17BD2F2CF6279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c1:61:84:f2:15:6d:fb:f5:6d:1c:83:13:14: 46:d6:5f:2d:2e:43:72:41:d8:d1:e4:3a:ce:59:76: 0a:bb:77:95:38:9e:b5:ec:4f:d6:b2:17:78:c6:29: 03:5e:6c:85:17:f3:8b:5f:28:e8:8e:51:c4:f0:24: 56:16:e3:f0:03:d2:e8:f5:da:aa:0e:a7:c6:fa:6c: 1f:66:60:7e:72:9c:6e:44:95:00:10:e6:e0:38:90: c1:f1:47:a3:33:63:bc:d6:85:92:5f:02:7c:e6:8c: 1e:4c:20:54:a3:77:ed:ca:8e:31:e3:8f:1d:62:14: 12:91:24:f2:28:30:a2:e1:70:54:ca:81:f1:3f:07: 4c:1f:e6:18:c0:df:9b:04:d7:61:63:f6:4a:b7:9a: 41:ea:38:f4:4f:65:75:92:26:97:0a:9f:39:4b:b1: 95:98:ce:a0:0a:48:2b:4c:52:26:91:22:1a:45:58: 5e:40:5e:ba:b9:52:80:58:9e:4a:7c:db:1a:dc:85: d0:1e:e9:9a:08:d5:9d:47:48:46:ed:dc:e3:80:d8: 49:67:c5:9f:10:1b:db:6e:18:69:4b:72:06:ee:f1: 1f:8b:1e:2a:c7:60:e5:2b:90:f3:49:eb:f7:43:1e: d3:c1:59:81:1a:51:f6:a6:24:17:3f:1f:33:94:28: 12:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:28:36:42:2D:A4:F1:4F:8E:8A:7E:1D:DA:A1:7B:D2:F2:CF:62:79 X509v3 Authority Key Identifier: keyid:85:7F:20:86:98:A2:49:A0:59:60:79:DE:4F:3D:AE:5F:A7:B9:67:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:7a:15:16:42:80:3d:ad:1d:23:b7:71:42:9e:fd:8f:27:04: 43:9f:32:35:ee:0b:e6:b9:40:61:64:20:07:10:9d:f9:a3:e1: 37:3b:a9:d9:87:f8:fe:8b:c4:c3:0b:5f:c1:62:5c:29:60:db: 12:0c:01:61:77:1a:78:4d:de:a6:34:4c:68:88:7c:16:51:7e: 59:4e:de:42:64:f8:c6:69:d0:a4:a0:ab:78:c3:e9:dc:b7:45: bf:5b:f8:26:04:18:4f:72:ca:73:9c:8f:e4:87:3d:27:9b:ef: ec:91:d2:8f:06:96:36:58:5e:dc:a1:c4:fb:46:cd:17:b2:62: b3:ee:fe:26:73:df:b9:4d:ac:b1:00:b1:88:84:18:ec:53:8f: 87:1c:1b:03:3d:8f:d1:28:39:cf:94:f9:3d:05:6d:0a:65:73: f7:37:b9:8b:a8:99:1a:da:4a:7c:32:32:7a:f9:07:ce:fa:a7: ab:b0:44:05:b1:64:74:c2:69:b9:27:27:99:0c:2e:fb:89:ec: 3f:f1:f8:a3:95:2f:0a:c2:be:ac:2b:ae:61:6f:4a:45:af:66: 8a:5a:f1:8c:42:ee:31:28:f2:99:80:11:ab:1b:84:92:de:78: 6d:bf:98:25:fd:e1:f5:a9:f2:af:4a:95:ce:0a:d8:cd:27:c9: b2:c1:c8:f6 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCwkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU3 RjIwODY5OEEyNDlBMDU5NjA3OURFNEYzREFFNUZBN0I5Njc1NDAeFw0yNTA4MTMx NjAzMzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDREMjgzNjQyMkRBNEYx NEY4RThBN0UxRERBQTE3QkQyRjJDRjYyNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6wWGE8hVt+/VtHIMTFEbWXy0uQ3JB2NHkOs5Zdgq7d5U4nrXs T9ayF3jGKQNebIUX84tfKOiOUcTwJFYW4/AD0uj12qoOp8b6bB9mYH5ynG5ElQAQ 5uA4kMHxR6MzY7zWhZJfAnzmjB5MIFSjd+3KjjHjjx1iFBKRJPIoMKLhcFTKgfE/ B0wf5hjA35sE12Fj9kq3mkHqOPRPZXWSJpcKnzlLsZWYzqAKSCtMUiaRIhpFWF5A Xrq5UoBYnkp82xrchdAe6ZoI1Z1HSEbt3OOA2ElnxZ8QG9tuGGlLcgbu8R+LHirH YOUrkPNJ6/dDHtPBWYEaUfamJBc/HzOUKBJ1AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUTSg2Qi2k8U+Oin4d2qF70vLPYnkwHwYDVR0jBBgwFoAUhX8ghpiiSaBZYHne Tz2uX6e5Z1QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OS9oWDhnaHBpaVNhQlpZSG5lVHoydVg2ZTVaMVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2hYOGdocGlpU2FCWllIbmVUejJ1WDZlNVoxUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTkvaFg4Z2hwaWlTYUJa WUhuZVR6MnVYNmU1WjFRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAh6FRZCgD2tHSO3cUKe/Y8nBEOfMjXuC+a5QGFkIAcQnfmj4Tc7qdmH+P6L xMMLX8FiXClg2xIMAWF3GnhN3qY0TGiIfBZRfllO3kJk+MZp0KSgq3jD6dy3Rb9b +CYEGE9yynOcj+SHPSeb7+yR0o8GljZYXtyhxPtGzReyYrPu/iZz37lNrLEAsYiE GOxTj4ccGwM9j9EoOc+U+T0FbQplc/c3uYuomRraSnwyMnr5B876p6uwRAWxZHTC abknJ5kMLvuJ7D/x+KOVLwrCvqwrrmFvSkWvZopa8YxC7jEo8pmAEasbhJLeeG2/ mCX94fWp8q9Klc4K2M0nybLByPY= -----END CERTIFICATE-----Generated at Wed Aug 13 20:24:05 2025 by rpki-client