$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft File: KiJnreDthkvp9oLDpe2qFRu6hmQ.mft (raw, json) Hash identifier: +zipB+egkS3hn8a+1Ojni8BVLW5Jf7XiLSAt+76jMj8= Subject key identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 Authority key identifier: 2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 Certificate issuer: /CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Certificate serial: 0A26 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft Manifest number: 0A26 Signing time: Wed 13 Aug 2025 16:04:33 +0000 Manifest this update: Wed 13 Aug 2025 16:04:33 +0000 Manifest next update: Wed 13 Aug 2025 22:04:33 +0000 Files and hashes: 1: KiJnreDthkvp9oLDpe2qFRu6hmQ.crl (hash: TeDEu5c0gvjNc3VG09/qbsEiKA8lSpfaE8ntdp8zaj8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 22:04:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2598 (0xa26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Validity Not Before: Aug 13 16:04:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9DB8B31D70A09D50141479712B74C829C7596189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fe:f4:b4:fc:14:06:23:af:c2:7f:14:0d:38: 0c:fa:8f:a1:9f:f8:90:2d:50:98:3c:36:e2:7a:9e: 07:98:0c:ec:e3:4b:b0:7c:f6:62:11:04:69:1b:2b: 39:07:4d:56:32:8f:78:5c:53:35:eb:b1:24:d1:cd: 74:3f:1c:33:ec:0e:b5:1c:f2:ea:24:02:65:29:54: 9a:20:01:8e:25:a7:90:a0:1d:dc:6c:9c:b5:71:fd: af:cf:07:dd:0e:5d:13:d1:7b:cd:5d:f0:d5:aa:67: 82:8e:db:33:c0:b2:99:6a:93:53:e4:da:7e:2c:a5: 5b:05:94:38:51:fc:96:7c:2b:6f:c9:3a:9e:95:05: ef:90:9d:13:de:47:31:13:cf:dc:dd:bb:02:a1:f4: 6a:93:a8:67:3b:da:05:ba:6b:e5:b7:09:54:c8:10: 04:80:59:11:39:be:fb:d9:51:cf:d5:b4:bb:1e:3a: f4:8d:ba:02:7b:9d:a9:93:6e:8d:ed:a9:f3:dc:97: ef:ac:17:ad:e0:17:be:22:24:b8:0a:60:e7:8c:f9: e0:ab:58:cf:be:b3:fd:c8:b7:04:8b:df:3b:26:bf: 7e:79:78:e0:fd:f6:e0:fb:79:ee:88:52:dc:aa:23: 1c:53:f2:83:a0:a9:7b:ca:10:00:1a:5b:72:e9:09: 13:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 X509v3 Authority Key Identifier: keyid:2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:e8:ac:f6:83:ca:29:d0:99:02:7f:8d:30:bb:ff:71:5e:c6: 9e:44:83:a0:ef:5e:54:da:de:2f:cf:57:09:78:90:b3:65:c7: d9:bb:a7:d9:a3:ec:b9:33:b1:5f:a8:db:d5:50:d0:05:a3:90: 46:d3:0b:f4:7c:a6:14:c3:a8:7e:a3:b7:d8:d8:e6:1c:31:33: 3f:22:de:9a:f9:72:a5:2e:ff:f9:ad:b9:9d:12:d9:8d:20:31: 74:64:6a:b6:03:8f:11:a7:3c:64:8e:3e:80:fa:16:61:f7:6f: 1e:54:86:87:f9:fe:d4:91:6d:39:c4:82:21:2c:9c:7a:6c:1d: d5:5e:f4:5a:6f:cc:26:58:2c:a2:41:80:33:b1:ba:ad:0d:d7: 75:66:7e:75:6a:31:84:fc:fc:1d:0a:b4:d4:25:3b:ff:aa:4a: 66:91:32:2c:0e:a8:55:b1:47:de:51:eb:41:62:25:36:16:47: 70:04:18:bf:26:4e:b8:b4:fc:76:66:ce:07:1a:0a:e9:b6:11: a4:e0:31:03:47:20:71:cc:e1:7d:47:19:53:59:ba:e8:14:4e: 1a:37:a5:0b:45:e0:7d:a2:6f:d4:d1:3d:f9:48:66:bf:2f:c1: ed:60:5a:0b:65:f8:b7:96:d1:ab:d4:d7:23:00:a9:78:c3:94: 55:e1:13:ff -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCiYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkEy MjY3QURFMEVEODY0QkU5RjY4MkMzQTVFREFBMTUxQkJBODY2NDAeFw0yNTA4MTMx NjA0MzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlEQjhCMzFENzBBMDlE NTAxNDE0Nzk3MTJCNzRDODI5Qzc1OTYxODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDr/vS0/BQGI6/CfxQNOAz6j6Gf+JAtUJg8NuJ6ngeYDOzjS7B8 9mIRBGkbKzkHTVYyj3hcUzXrsSTRzXQ/HDPsDrUc8uokAmUpVJogAY4lp5CgHdxs nLVx/a/PB90OXRPRe81d8NWqZ4KO2zPAsplqk1Pk2n4spVsFlDhR/JZ8K2/JOp6V Be+QnRPeRzETz9zduwKh9GqTqGc72gW6a+W3CVTIEASAWRE5vvvZUc/VtLseOvSN ugJ7namTbo3tqfPcl++sF63gF74iJLgKYOeM+eCrWM++s/3ItwSL3zsmv355eOD9 9uD7ee6IUtyqIxxT8oOgqXvKEAAaW3LpCRMVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUnbizHXCgnVAUFHlxK3TIKcdZYYkwHwYDVR0jBBgwFoAUKiJnreDthkvp9oLD pe2qFRu6hmQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 OS9LaUpucmVEdGhrdnA5b0xEcGUycUZSdTZobVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tpSm5yZUR0aGt2cDlvTERwZTJxRlJ1NmhtUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjkvS2lKbnJlRHRoa3Zw OW9MRHBlMnFGUnU2aG1RLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAMHorPaDyinQmQJ/jTC7/3Fexp5Eg6DvXlTa3i/PVwl4kLNlx9m7p9mj7Lkz sV+o29VQ0AWjkEbTC/R8phTDqH6jt9jY5hwxMz8i3pr5cqUu//mtuZ0S2Y0gMXRk arYDjxGnPGSOPoD6FmH3bx5Uhof5/tSRbTnEgiEsnHpsHdVe9FpvzCZYLKJBgDOx uq0N13VmfnVqMYT8/B0KtNQlO/+qSmaRMiwOqFWxR95R60FiJTYWR3AEGL8mTri0 /HZmzgcaCum2EaTgMQNHIHHM4X1HGVNZuugUTho3pQtF4H2ib9TRPflIZr8vwe1g Wgtl+LeW0avU1yMAqXjDlFXhE/8= -----END CERTIFICATE-----Generated at Wed Aug 13 20:24:48 2025 by rpki-client