$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.mft File: TPCRRt5gTA5ELVbGj8hsxQQArSE.mft (raw, json) Hash identifier: 2XDa5bTzAd3EVD/iql78jzokQNSYybGWzQ02hnZ+hRw= Subject key identifier: 3D:E4:46:07:C7:25:81:96:BF:B2:E4:51:4E:F5:22:AC:03:3E:12:0A Authority key identifier: 4C:F0:91:46:DE:60:4C:0E:44:2D:56:C6:8F:C8:6C:C5:04:00:AD:21 Certificate issuer: /CN=4CF09146DE604C0E442D56C68FC86CC50400AD21 Certificate serial: 0A87 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TPCRRt5gTA5ELVbGj8hsxQQArSE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.mft Manifest number: 0A7D Signing time: Wed 05 Nov 2025 15:12:32 +0000 Manifest this update: Wed 05 Nov 2025 15:12:32 +0000 Manifest next update: Wed 05 Nov 2025 21:12:32 +0000 Files and hashes: 1: TPCRRt5gTA5ELVbGj8hsxQQArSE.crl (hash: Yb94Q7IXNF8isDlmiNuHH86jEJrSBol4FLe31UuikVU=) 2: bGeGgRXJn_fKcQJGoNpT45uuMbM.roa (hash: 4rs03AqtGSIGgkcXeqLIzwXtuAsdWOh+07JYHmmqQtk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TPCRRt5gTA5ELVbGj8hsxQQArSE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 19:43:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2695 (0xa87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CF09146DE604C0E442D56C68FC86CC50400AD21 Validity Not Before: Nov 5 15:12:32 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=3DE44607C7258196BFB2E4514EF522AC033E120A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ad:57:8b:9f:48:fe:72:52:d5:33:80:7f:8a: c7:e8:8e:f7:d8:2a:b2:4f:bd:6d:ca:0f:94:85:2d: 55:99:15:1d:fc:b6:eb:26:3c:1c:fa:15:e5:3c:d2: c9:bf:b1:b2:dc:61:69:84:79:cc:d0:8b:43:f7:23: 20:f7:b8:92:c2:dc:a6:24:c4:70:f6:64:4d:a0:05: ef:64:1c:04:e5:60:85:72:53:ed:11:83:30:7b:c7: db:b9:83:a9:17:42:7a:c0:3b:5d:89:30:1c:1f:3d: 9a:c5:42:5c:8f:ec:1a:32:ca:a5:25:db:7d:43:8e: d3:6c:4e:66:4b:55:ac:c5:a9:09:bd:d9:0e:2a:1c: 9f:44:80:a8:b1:3c:30:48:46:da:79:b8:bb:12:c2: f4:b3:ff:5e:86:a7:32:db:11:b3:cc:d4:36:86:81: 85:73:50:fb:d2:4d:c8:f6:7f:08:52:89:3b:cb:87: 47:ab:f3:ac:7c:4d:73:bb:e0:16:b5:ae:92:36:5a: d6:8d:7e:7b:1c:b9:16:22:b9:50:89:c9:de:9d:bf: 37:0a:05:2b:2f:60:ec:fc:bc:d0:56:5d:7f:d5:d7: 84:60:66:31:df:0c:7c:41:05:b4:f3:9d:42:26:7d: e6:20:17:d2:d9:ac:43:6c:95:9c:a5:df:c4:5c:92: 86:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:E4:46:07:C7:25:81:96:BF:B2:E4:51:4E:F5:22:AC:03:3E:12:0A X509v3 Authority Key Identifier: keyid:4C:F0:91:46:DE:60:4C:0E:44:2D:56:C6:8F:C8:6C:C5:04:00:AD:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TPCRRt5gTA5ELVbGj8hsxQQArSE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:c2:c2:17:52:0d:19:83:38:5d:ba:40:0a:74:75:0f:e5:0e: 5f:6d:2d:4c:f5:8e:10:1f:2f:c5:28:e1:12:a8:d5:a2:1a:1d: ac:d1:48:ed:bb:93:53:f8:13:9d:16:ac:3c:0b:7d:3a:4c:31: 18:43:46:b9:9e:51:bb:97:25:2c:70:67:f6:c2:47:2c:08:11: 99:11:53:10:e2:6b:dc:4c:5d:93:fb:df:63:21:c0:54:b8:59: f2:2d:ae:3e:27:43:7e:28:8f:dd:be:2f:a9:83:3c:91:45:4f: c9:57:40:40:e0:06:3a:d8:a7:67:4b:82:dd:f7:ed:ef:34:cf: 32:0a:bd:22:69:b7:ba:b0:2b:c7:e8:b0:3e:23:ce:89:7a:c1: 39:4b:58:a9:0e:29:e8:d6:a4:ad:cd:1c:8a:1c:39:7e:81:31: ce:ab:dd:44:eb:75:6d:ed:7e:17:91:98:72:f7:9d:bd:f4:31: 87:f6:8b:3f:21:22:30:fd:5a:23:be:85:bc:59:1f:d2:b3:2e: 69:ff:b3:4e:80:9f:db:0b:1d:56:9f:8e:48:af:bd:53:44:8e: a3:bd:bb:fd:01:b3:18:f8:e3:b9:a4:b8:c0:f0:11:e7:29:cf: 21:5a:c4:e3:74:39:99:76:59:b9:78:14:e4:1d:bb:70:5d:a2: 70:8a:2e:b7 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENG MDkxNDZERTYwNEMwRTQ0MkQ1NkM2OEZDODZDQzUwNDAwQUQyMTAeFw0yNTExMDUx NTEyMzJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDNERTQ0NjA3QzcyNTgx OTZCRkIyRTQ1MTRFRjUyMkFDMDMzRTEyMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKrVeLn0j+clLVM4B/isfojvfYKrJPvW3KD5SFLVWZFR38tusm PBz6FeU80sm/sbLcYWmEeczQi0P3IyD3uJLC3KYkxHD2ZE2gBe9kHATlYIVyU+0R gzB7x9u5g6kXQnrAO12JMBwfPZrFQlyP7BoyyqUl231DjtNsTmZLVazFqQm92Q4q HJ9EgKixPDBIRtp5uLsSwvSz/16GpzLbEbPM1DaGgYVzUPvSTcj2fwhSiTvLh0er 86x8TXO74Ba1rpI2WtaNfnscuRYiuVCJyd6dvzcKBSsvYOz8vNBWXX/V14RgZjHf DHxBBbTznUImfeYgF9LZrENslZyl38RckoZFAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUPeRGB8clgZa/suRRTvUirAM+EgowHwYDVR0jBBgwFoAUTPCRRt5gTA5ELVbG j8hsxQQArSEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9UUENSUnQ1Z1RBNUVMVmJHajhoc3hRUUFyU0UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RQQ1JSdDVnVEE1RUxWYkdqOGhzeFFRQXJTRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvVFBDUlJ0NWdUQTVF TFZiR2o4aHN4UVFBclNFLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAIPCwhdSDRmDOF26QAp0dQ/lDl9tLUz1jhAfL8Uo4RKo1aIaHazRSO27k1P4 E50WrDwLfTpMMRhDRrmeUbuXJSxwZ/bCRywIEZkRUxDia9xMXZP732MhwFS4WfIt rj4nQ34oj92+L6mDPJFFT8lXQEDgBjrYp2dLgt337e80zzIKvSJpt7qwK8fosD4j zol6wTlLWKkOKejWpK3NHIocOX6BMc6r3UTrdW3tfheRmHL3nb30MYf2iz8hIjD9 WiO+hbxZH9KzLmn/s06An9sLHVafjkivvVNEjqO9u/0Bsxj447mkuMDwEecpzyFa xON0OZl2Wbl4FOQdu3BdonCKLrc= -----END CERTIFICATE-----Generated at Wed Nov 5 19:26:25 2025 by rpki-client