$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft File: kXok3C9fwHVc6sn-HMXExV183fo.mft (raw, json) Hash identifier: npzVAv1JACVS7w/kxn64trZgAVjevOG2J3efMqsRE/s= Subject key identifier: 35:6B:69:02:74:63:F8:A7:68:3B:39:60:AD:61:9D:11:CA:B7:44:44 Authority key identifier: 91:7A:24:DC:2F:5F:C0:75:5C:EA:C9:FE:1C:C5:C4:C5:5D:7C:DD:FA Certificate issuer: /CN=917A24DC2F5FC0755CEAC9FE1CC5C4C55D7CDDFA Certificate serial: 0A61 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft Manifest number: 0A61 Signing time: Wed 05 Nov 2025 15:14:43 +0000 Manifest this update: Wed 05 Nov 2025 15:14:43 +0000 Manifest next update: Wed 05 Nov 2025 21:14:43 +0000 Files and hashes: 1: kXok3C9fwHVc6sn-HMXExV183fo.crl (hash: 5+f0O2Jo8nPWJXSB/XVI/vUP08khdMGo5Zi5u0xvbnY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 19:43:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2657 (0xa61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=917A24DC2F5FC0755CEAC9FE1CC5C4C55D7CDDFA Validity Not Before: Nov 5 15:14:43 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=356B69027463F8A7683B3960AD619D11CAB74444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:4e:45:4c:b3:46:df:85:b4:aa:ff:bd:44:49: ae:dc:9f:f2:13:71:46:0e:08:9b:42:64:81:38:a0: 3c:6c:13:19:02:51:5c:45:34:75:ca:8a:74:b0:f5: ec:f9:8b:a6:7f:dd:78:c5:93:3d:5b:31:2c:d1:98: 22:f0:6e:7d:e6:42:15:97:11:7e:b3:da:11:e4:20: c1:6e:64:fb:7a:05:49:2e:6a:20:56:05:a5:60:fd: bd:ab:0d:d4:e2:9b:97:e7:f9:25:ea:f0:d5:18:3c: 5e:2e:e7:ed:f3:f8:ac:f2:0d:90:40:dc:31:12:a2: e6:de:a0:e7:3b:55:1e:92:4d:17:37:df:53:18:21: 13:15:87:ab:bd:8d:c7:24:0a:f0:23:ee:c4:ea:03: 55:8a:6d:16:c3:13:86:61:e1:43:08:2f:8b:70:ff: 72:63:c7:a8:68:f4:a4:6f:09:7c:91:b6:9a:0a:b3: b7:68:29:45:96:5d:17:8f:84:9f:19:05:78:d4:76: 0a:d8:9f:50:c9:5e:88:fc:e4:89:95:c1:33:b8:ec: 41:bf:55:53:b3:93:ce:b4:7b:b1:19:af:fa:d3:e7: 91:07:67:26:35:ce:74:70:27:ff:47:59:61:79:7e: b6:8e:fb:c8:a1:9e:7d:5e:84:75:cd:cb:20:d5:98: 30:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:6B:69:02:74:63:F8:A7:68:3B:39:60:AD:61:9D:11:CA:B7:44:44 X509v3 Authority Key Identifier: keyid:91:7A:24:DC:2F:5F:C0:75:5C:EA:C9:FE:1C:C5:C4:C5:5D:7C:DD:FA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:5a:87:a2:2f:d8:b8:e0:d4:2f:49:aa:34:5a:b8:9f:8d:ed: 1f:c5:ab:f0:87:5c:d6:36:16:6f:74:c8:a2:87:89:7f:5e:dd: 60:14:f5:9f:af:fa:6d:b7:c9:35:49:81:90:3e:d8:4f:15:4b: e5:4e:38:ee:cd:f0:04:9f:97:bf:5d:87:d4:c2:b9:96:51:ab: 3d:ed:ae:cd:f9:23:fd:aa:e1:0e:0c:a4:dc:d0:dc:4a:2c:b5: 69:81:ea:9e:ed:31:ea:ec:59:43:2f:10:c8:4f:38:87:6c:32: 07:69:82:63:aa:00:b2:15:ee:58:91:a9:95:9e:e2:f7:3d:86: 07:9d:07:28:48:2a:84:a8:99:49:4a:24:ac:b7:7d:61:86:8b: 77:19:f0:cf:f4:35:e8:14:b9:4f:81:a3:0e:8e:bf:e0:cc:63: 8a:40:c9:03:ea:75:a7:8a:8e:d9:0e:d2:11:60:1a:86:08:46: ee:b1:21:78:2e:19:3d:4c:32:06:19:89:8e:0d:23:58:d8:74: d4:af:28:26:50:3d:b1:8a:d3:ae:b4:41:0c:67:83:7c:3d:5b: 19:bf:ae:98:39:3a:ad:43:63:93:2b:9c:54:8c:84:ed:19:3d: e0:bf:9a:a4:73:03:67:c7:7b:25:b5:88:e8:31:4c:db:a0:d7: 6f:04:36:e6 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTE3 QTI0REMyRjVGQzA3NTVDRUFDOUZFMUNDNUM0QzU1RDdDRERGQTAeFw0yNTExMDUx NTE0NDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM1NkI2OTAyNzQ2M0Y4 QTc2ODNCMzk2MEFENjE5RDExQ0FCNzQ0NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrTkVMs0bfhbSq/71ESa7cn/ITcUYOCJtCZIE4oDxsExkCUVxF NHXKinSw9ez5i6Z/3XjFkz1bMSzRmCLwbn3mQhWXEX6z2hHkIMFuZPt6BUkuaiBW BaVg/b2rDdTim5fn+SXq8NUYPF4u5+3z+KzyDZBA3DESoubeoOc7VR6STRc331MY IRMVh6u9jcckCvAj7sTqA1WKbRbDE4Zh4UMIL4tw/3Jjx6ho9KRvCXyRtpoKs7do KUWWXRePhJ8ZBXjUdgrYn1DJXoj85ImVwTO47EG/VVOzk860e7EZr/rT55EHZyY1 znRwJ/9HWWF5fraO+8ihnn1ehHXNyyDVmDADAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUNWtpAnRj+KdoOzlgrWGdEcq3REQwHwYDVR0jBBgwFoAUkXok3C9fwHVc6sn+ HMXExV183fowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 NC9rWG9rM0M5ZndIVmM2c24tSE1YRXhWMTgzZm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tYb2szQzlmd0hWYzZzbi1ITVhFeFYxODNmby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODQva1hvazNDOWZ3SFZj NnNuLUhNWEV4VjE4M2ZvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFdah6Iv2Ljg1C9JqjRauJ+N7R/Fq/CHXNY2Fm90yKKHiX9e3WAU9Z+v+m23 yTVJgZA+2E8VS+VOOO7N8ASfl79dh9TCuZZRqz3trs35I/2q4Q4MpNzQ3EostWmB 6p7tMersWUMvEMhPOIdsMgdpgmOqALIV7liRqZWe4vc9hgedByhIKoSomUlKJKy3 fWGGi3cZ8M/0NegUuU+Bow6Ov+DMY4pAyQPqdaeKjtkO0hFgGoYIRu6xIXguGT1M MgYZiY4NI1jYdNSvKCZQPbGK0660QQxng3w9Wxm/rpg5Oq1DY5MrnFSMhO0ZPeC/ mqRzA2fHeyW1iOgxTNug128ENuY= -----END CERTIFICATE-----Generated at Wed Nov 5 18:00:10 2025 by rpki-client