$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft File: KiJnreDthkvp9oLDpe2qFRu6hmQ.mft (raw, json) Hash identifier: L1OajQtp58BOy/NPKPjpsGrh8kDqHeaWA8ZNoQksT8E= Subject key identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 Authority key identifier: 2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 Certificate issuer: /CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Certificate serial: 0BC0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft Manifest number: 0BC0 Signing time: Wed 05 Nov 2025 20:12:56 +0000 Manifest this update: Wed 05 Nov 2025 20:12:56 +0000 Manifest next update: Thu 06 Nov 2025 02:12:56 +0000 Files and hashes: 1: KiJnreDthkvp9oLDpe2qFRu6hmQ.crl (hash: Jdzg1ccbSO54Q/kOihJJTfSGHFw2evYKA4OwwsaetRg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3008 (0xbc0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Validity Not Before: Nov 5 20:12:56 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9DB8B31D70A09D50141479712B74C829C7596189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fe:f4:b4:fc:14:06:23:af:c2:7f:14:0d:38: 0c:fa:8f:a1:9f:f8:90:2d:50:98:3c:36:e2:7a:9e: 07:98:0c:ec:e3:4b:b0:7c:f6:62:11:04:69:1b:2b: 39:07:4d:56:32:8f:78:5c:53:35:eb:b1:24:d1:cd: 74:3f:1c:33:ec:0e:b5:1c:f2:ea:24:02:65:29:54: 9a:20:01:8e:25:a7:90:a0:1d:dc:6c:9c:b5:71:fd: af:cf:07:dd:0e:5d:13:d1:7b:cd:5d:f0:d5:aa:67: 82:8e:db:33:c0:b2:99:6a:93:53:e4:da:7e:2c:a5: 5b:05:94:38:51:fc:96:7c:2b:6f:c9:3a:9e:95:05: ef:90:9d:13:de:47:31:13:cf:dc:dd:bb:02:a1:f4: 6a:93:a8:67:3b:da:05:ba:6b:e5:b7:09:54:c8:10: 04:80:59:11:39:be:fb:d9:51:cf:d5:b4:bb:1e:3a: f4:8d:ba:02:7b:9d:a9:93:6e:8d:ed:a9:f3:dc:97: ef:ac:17:ad:e0:17:be:22:24:b8:0a:60:e7:8c:f9: e0:ab:58:cf:be:b3:fd:c8:b7:04:8b:df:3b:26:bf: 7e:79:78:e0:fd:f6:e0:fb:79:ee:88:52:dc:aa:23: 1c:53:f2:83:a0:a9:7b:ca:10:00:1a:5b:72:e9:09: 13:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 X509v3 Authority Key Identifier: keyid:2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:61:4e:89:57:c8:2e:d7:10:ef:91:de:e1:dd:41:80:63:6a: 93:74:fd:cf:fd:91:45:7e:1f:f4:15:84:20:e8:74:23:6d:4e: 48:9c:e6:d1:de:14:03:a6:2a:94:ce:3b:c7:49:6a:f3:a9:57: 0a:36:90:84:05:c3:be:13:74:0d:5e:d5:03:6f:09:1e:b5:82: b2:18:4c:05:9d:d2:38:f8:5c:fe:7c:f3:10:0c:ce:d7:f2:2b: bf:d8:92:3c:79:98:5a:04:35:7c:5b:8d:10:5a:c8:17:1e:d0: 74:81:9a:5e:d8:75:2e:ff:fc:5f:dc:fd:d3:9d:bb:b2:15:b3: 70:e2:9d:a8:23:3b:79:ce:31:f7:08:7c:8a:bf:f5:de:50:fb: 3e:76:01:b9:5c:d1:9c:60:4e:8a:2c:7c:5e:eb:cb:10:bb:ca: 44:2d:ac:6f:5e:f7:00:f3:35:6a:7d:0e:dc:a0:39:1b:b4:48: 26:7f:ed:62:fd:6a:95:77:0e:0b:ea:9f:3e:27:37:e5:8e:fa: 8b:1a:a5:bd:a5:c4:e8:7b:8e:e7:5b:49:ec:5f:46:4e:34:e4: 80:18:7c:b6:d5:bc:fb:85:ea:24:9f:02:63:cb:58:31:b9:d1: f5:c8:3e:bc:f3:3d:29:37:3f:db:4e:5d:57:67:64:8b:5a:93: 41:b6:bd:41 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICC8AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkEy MjY3QURFMEVEODY0QkU5RjY4MkMzQTVFREFBMTUxQkJBODY2NDAeFw0yNTExMDUy MDEyNTZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDlEQjhCMzFENzBBMDlE NTAxNDE0Nzk3MTJCNzRDODI5Qzc1OTYxODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDr/vS0/BQGI6/CfxQNOAz6j6Gf+JAtUJg8NuJ6ngeYDOzjS7B8 9mIRBGkbKzkHTVYyj3hcUzXrsSTRzXQ/HDPsDrUc8uokAmUpVJogAY4lp5CgHdxs nLVx/a/PB90OXRPRe81d8NWqZ4KO2zPAsplqk1Pk2n4spVsFlDhR/JZ8K2/JOp6V Be+QnRPeRzETz9zduwKh9GqTqGc72gW6a+W3CVTIEASAWRE5vvvZUc/VtLseOvSN ugJ7namTbo3tqfPcl++sF63gF74iJLgKYOeM+eCrWM++s/3ItwSL3zsmv355eOD9 9uD7ee6IUtyqIxxT8oOgqXvKEAAaW3LpCRMVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUnbizHXCgnVAUFHlxK3TIKcdZYYkwHwYDVR0jBBgwFoAUKiJnreDthkvp9oLD pe2qFRu6hmQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 OS9LaUpucmVEdGhrdnA5b0xEcGUycUZSdTZobVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tpSm5yZUR0aGt2cDlvTERwZTJxRlJ1NmhtUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjkvS2lKbnJlRHRoa3Zw OW9MRHBlMnFGUnU2aG1RLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAClhTolXyC7XEO+R3uHdQYBjapN0/c/9kUV+H/QVhCDodCNtTkic5tHeFAOm KpTOO8dJavOpVwo2kIQFw74TdA1e1QNvCR61grIYTAWd0jj4XP588xAMztfyK7/Y kjx5mFoENXxbjRBayBce0HSBml7YdS7//F/c/dOdu7IVs3DinagjO3nOMfcIfIq/ 9d5Q+z52Ablc0ZxgToosfF7ryxC7ykQtrG9e9wDzNWp9DtygORu0SCZ/7WL9apV3 Dgvqnz4nN+WO+osapb2lxOh7judbSexfRk405IAYfLbVvPuF6iSfAmPLWDG50fXI PrzzPSk3P9tOXVdnZItak0G2vUE= -----END CERTIFICATE-----Generated at Wed Nov 5 21:44:10 2025 by rpki-client