$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft File: TKnrtNTELADG1a1ccPtrRXZYMXc.mft (raw, json) Hash identifier: u0pI6kwyVRXnqNcpBO8K5CuOwrjJ8upC0V4UBy3mpWE= Subject key identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 Authority key identifier: 4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 Certificate issuer: /CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Certificate serial: 0346 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft Manifest number: 0342 Signing time: Wed 05 Nov 2025 10:12:56 +0000 Manifest this update: Wed 05 Nov 2025 10:12:56 +0000 Manifest next update: Wed 05 Nov 2025 16:12:56 +0000 Files and hashes: 1: TKnrtNTELADG1a1ccPtrRXZYMXc.crl (hash: 3oCINLuoHxaQSqOrc3W3qU7JW0ApfLZSwmaIXDDOEXw=) 2: g_rwJqn620T5ukN94yTzIjH-qVo.roa (hash: 96Avw8eFjSbQ575II11/refxqKik+Cak4C6VORPkNEs=) 3: vRMEkXhgMgYExHesqADIPCrhlMY.roa (hash: Qi9qPsWUwvCaipSHqdP/turP9n7D7ImvplBkZhPm8Ms=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 14:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 838 (0x346) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Validity Not Before: Nov 5 10:12:56 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=ADD23BB7E03D1C252CA7A0EDD28753CBC17D8662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3c:7c:2a:59:0b:f4:f7:2c:ae:6f:07:1c:0a: ec:1a:4f:06:d5:0b:eb:2f:f0:a3:4d:9c:9e:a9:d4: ba:04:ba:01:35:0d:73:ff:81:12:ad:6d:0e:a8:0e: 73:2e:15:25:a1:54:eb:18:25:de:b1:25:6c:de:be: b0:b3:7c:7d:b4:46:d3:04:f9:6a:b0:6e:b7:3d:87: a6:6c:e7:49:d4:59:5a:77:f5:4b:96:8a:3e:31:da: 1a:15:dc:be:14:a6:74:74:a6:a0:83:0d:f4:a3:1b: db:2f:eb:55:c5:0f:84:b6:bf:de:96:a8:4d:c4:46: ca:35:3b:18:89:b4:9f:74:3b:23:20:fa:9c:61:0f: a4:58:5b:61:57:4d:88:ba:59:5e:b2:18:ad:96:eb: 10:15:b7:2b:a5:6a:3d:21:e2:70:19:ea:58:29:db: 00:fd:a1:4e:cc:27:5a:05:a9:91:38:ec:d7:f7:41: a2:f9:df:c0:d7:b4:dc:50:1a:b5:fb:cd:9c:a3:e9: c0:a3:89:17:dc:ff:1e:cd:f3:c6:a7:9d:0f:f5:c9: 66:fc:a9:99:b5:5a:88:26:7f:2e:b0:43:a1:0e:84: 80:a4:68:c2:b5:42:07:ca:14:b8:ee:49:b3:48:22: 36:59:b9:ae:40:25:6a:1f:44:34:91:af:30:68:64: ae:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 X509v3 Authority Key Identifier: keyid:4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d1:6c:98:e4:ad:99:bb:01:fc:80:67:0c:9d:2b:11:ca:ce:a8: 95:f1:96:f5:49:34:1f:c4:26:2c:f7:63:ab:90:50:49:3a:1d: 5a:59:5b:d1:03:0e:7e:d4:68:5e:53:b0:c9:3f:dd:b1:47:10: 3b:f4:18:4a:be:99:24:db:3a:6f:05:17:ae:36:b4:cf:29:c9: 7b:a2:d2:7c:3b:31:c7:aa:a5:8e:4e:d5:a9:90:cc:9c:e9:51: 5f:e4:01:81:a2:ed:a0:c8:4e:da:b0:c7:53:87:9c:d4:1c:d0: 33:96:03:41:1e:95:c7:ef:1c:45:c9:36:11:4f:29:a4:6b:0d: 96:0c:7f:59:9c:15:b3:c5:b9:6f:54:68:44:9d:ed:e2:d5:51: da:83:44:b6:7a:05:88:d9:87:cc:28:18:44:6d:73:a1:ef:91: ff:11:78:1f:bd:59:3f:2b:88:4c:56:3d:2d:16:14:f8:28:42: 39:2d:7b:29:a0:a3:71:f1:c5:a5:d6:a7:a0:86:65:1e:fa:99: ef:65:23:8d:4a:a3:7e:98:5c:c1:2f:69:51:0d:90:44:b8:fa: 4c:4c:f0:10:d8:e5:c7:82:e6:2c:8c:96:72:21:9c:06:b8:37: 5a:69:68:0f:2f:33:14:d0:67:0c:03:ee:6e:2f:5f:4e:e5:a8: 29:1f:36:2e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICA0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENB OUVCQjRENEM0MkMwMEM2RDVBRDVDNzBGQjZCNDU3NjU4MzE3NzAeFw0yNTExMDUx MDEyNTZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFERDIzQkI3RTAzRDFD MjUyQ0E3QTBFREQyODc1M0NCQzE3RDg2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJPHwqWQv09yyubwccCuwaTwbVC+sv8KNNnJ6p1LoEugE1DXP/ gRKtbQ6oDnMuFSWhVOsYJd6xJWzevrCzfH20RtME+Wqwbrc9h6Zs50nUWVp39UuW ij4x2hoV3L4UpnR0pqCDDfSjG9sv61XFD4S2v96WqE3ERso1OxiJtJ90OyMg+pxh D6RYW2FXTYi6WV6yGK2W6xAVtyulaj0h4nAZ6lgp2wD9oU7MJ1oFqZE47Nf3QaL5 38DXtNxQGrX7zZyj6cCjiRfc/x7N88annQ/1yWb8qZm1Wogmfy6wQ6EOhICkaMK1 QgfKFLjuSbNIIjZZua5AJWofRDSRrzBoZK7TAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUrdI7t+A9HCUsp6Dt0odTy8F9hmIwHwYDVR0jBBgwFoAUTKnrtNTELADG1a1c cPtrRXZYMXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9US25ydE5URUxBREcxYTFjY1B0clJYWllNWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RLbnJ0TlRFTEFERzFhMWNjUHRyUlhaWU1YYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvVEtucnROVEVMQURH MWExY2NQdHJSWFpZTVhjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBANFsmOStmbsB/IBnDJ0rEcrOqJXxlvVJNB/EJiz3Y6uQUEk6HVpZW9EDDn7U aF5TsMk/3bFHEDv0GEq+mSTbOm8FF642tM8pyXui0nw7MceqpY5O1amQzJzpUV/k AYGi7aDITtqwx1OHnNQc0DOWA0EelcfvHEXJNhFPKaRrDZYMf1mcFbPFuW9UaESd 7eLVUdqDRLZ6BYjZh8woGERtc6Hvkf8ReB+9WT8riExWPS0WFPgoQjkteymgo3Hx xaXWp6CGZR76me9lI41Ko36YXMEvaVENkES4+kxM8BDY5ceC5iyMlnIhnAa4N1pp aA8vMxTQZwwD7m4vX07lqCkfNi4= -----END CERTIFICATE-----Generated at Wed Nov 5 13:03:25 2025 by rpki-client