$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft File: OCdChXYoqbKyIFmuiEdvIwYL6tA.mft (raw, json) Hash identifier: zTWNqG7rHXtZgiRnGzKK6CCi9irJ/4AHc9ejppeznnQ= Subject key identifier: 28:21:5B:26:84:B2:51:CB:C1:6E:81:F4:5A:46:65:8D:87:98:73:05 Authority key identifier: 38:27:42:85:76:28:A9:B2:B2:20:59:AE:88:47:6F:23:06:0B:EA:D0 Certificate issuer: /CN=382742857628A9B2B22059AE88476F23060BEAD0 Certificate serial: 06E0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft Manifest number: 06E0 Signing time: Fri 07 Nov 2025 07:12:38 +0000 Manifest this update: Fri 07 Nov 2025 07:12:38 +0000 Manifest next update: Fri 07 Nov 2025 13:12:38 +0000 Files and hashes: 1: OCdChXYoqbKyIFmuiEdvIwYL6tA.crl (hash: CREzlQJRbrKPmTX7+l0YFEKfQR9QASOhm9k1rlhoV54=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1760 (0x6e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382742857628A9B2B22059AE88476F23060BEAD0 Validity Not Before: Nov 7 07:12:38 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=28215B2684B251CBC16E81F45A46658D87987305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:26:72:d5:94:16:40:a9:56:11:27:83:ad:c9: ac:73:2e:26:c8:68:e4:37:1c:e2:b9:5d:8a:dc:5d: 52:91:42:3b:2e:de:b3:6e:fb:38:6c:62:43:f2:65: fe:2d:44:45:7d:02:5c:fb:a1:47:11:13:de:41:4b: e9:61:23:81:c1:3c:01:8c:a8:0c:1b:2b:47:6e:19: 76:95:78:de:65:db:39:ce:e0:22:0e:f5:e1:af:50: 40:ed:f6:61:24:bf:62:9f:a0:eb:d9:b4:02:f1:ea: 85:d3:3d:5e:85:3b:d0:19:a7:a5:e5:cc:a8:12:69: a0:7b:a1:8b:61:e3:bc:89:4a:5e:8a:2b:eb:9c:90: c5:6c:a9:6b:a7:08:2b:86:ba:2e:62:d7:77:ef:ab: 37:a1:fa:a1:c6:27:4e:8f:b0:83:bb:7a:98:51:bd: d9:c4:aa:06:f2:99:ec:0a:ac:d2:44:d7:21:1d:80: f3:d8:6a:3f:70:e1:2f:01:12:2e:8c:85:b2:f7:0e: f7:d9:ae:c6:09:03:cd:cd:05:0b:24:bb:11:96:78: 38:bb:bd:68:67:78:5d:33:a8:1e:f6:97:cc:61:ec: a5:11:dc:9e:e2:70:3c:31:72:f5:59:be:13:fe:f5: 5c:38:80:94:e7:6d:06:32:ca:d6:37:3a:eb:b5:19: b9:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:21:5B:26:84:B2:51:CB:C1:6E:81:F4:5A:46:65:8D:87:98:73:05 X509v3 Authority Key Identifier: keyid:38:27:42:85:76:28:A9:B2:B2:20:59:AE:88:47:6F:23:06:0B:EA:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:2f:84:80:15:c1:68:57:3b:e6:12:cd:db:bb:b9:3d:b9:de: b0:1a:5e:4e:ff:b6:c2:d3:1b:ba:c7:c3:ad:e9:1b:41:c4:f8: 42:e3:1c:bf:ce:02:78:56:dc:86:97:27:37:c7:08:4a:d2:3a: f7:a1:32:ca:74:8b:ed:28:60:4c:13:93:c6:19:19:d3:00:f0: 0f:ef:b1:8f:ae:34:a3:eb:a1:bd:2a:ce:da:97:bb:0f:45:6c: a8:e6:79:35:33:df:9a:e4:0b:56:b1:c3:9f:c9:4e:5e:76:55: 54:0a:3d:48:9f:b6:94:32:a5:5c:66:fb:90:c2:06:8a:60:e3: 29:42:e8:16:16:be:b7:84:85:62:0f:63:ce:fc:74:9e:95:7e: d1:c2:2c:27:42:67:89:19:a8:63:51:80:8f:78:b8:b6:a2:52: 30:f6:fb:99:53:ef:c8:72:bf:38:7b:35:0e:28:76:4b:b5:09: 2e:bc:da:40:7d:ed:cb:7d:ff:22:af:af:15:ff:72:f8:77:6b: 0d:b7:fc:97:8f:e9:b7:8b:23:f4:92:ee:37:1c:d0:42:b8:ce: dc:3f:a3:44:ee:04:7a:c7:29:d3:8a:9f:49:8c:43:14:46:aa: b6:08:56:80:94:0e:19:63:1b:e1:42:c4:83:af:d9:c7:04:4b: e4:57:41:51 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBuAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzgy NzQyODU3NjI4QTlCMkIyMjA1OUFFODg0NzZGMjMwNjBCRUFEMDAeFw0yNTExMDcw NzEyMzhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDI4MjE1QjI2ODRCMjUx Q0JDMTZFODFGNDVBNDY2NThEODc5ODczMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdJnLVlBZAqVYRJ4OtyaxzLibIaOQ3HOK5XYrcXVKRQjsu3rNu +zhsYkPyZf4tREV9Alz7oUcRE95BS+lhI4HBPAGMqAwbK0duGXaVeN5l2znO4CIO 9eGvUEDt9mEkv2KfoOvZtALx6oXTPV6FO9AZp6XlzKgSaaB7oYth47yJSl6KK+uc kMVsqWunCCuGui5i13fvqzeh+qHGJ06PsIO7ephRvdnEqgbymewKrNJE1yEdgPPY aj9w4S8BEi6MhbL3DvfZrsYJA83NBQskuxGWeDi7vWhneF0zqB72l8xh7KUR3J7i cDwxcvVZvhP+9Vw4gJTnbQYyytY3Ouu1Gbn9AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKCFbJoSyUcvBboH0WkZljYeYcwUwHwYDVR0jBBgwFoAUOCdChXYoqbKyIFmu iEdvIwYL6tAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy OC9PQ2RDaFhZb3FiS3lJRm11aUVkdkl3WUw2dEEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09DZENoWFlvcWJLeUlGbXVpRWR2SXdZTDZ0QS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjgvT0NkQ2hYWW9xYkt5 SUZtdWlFZHZJd1lMNnRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAG4vhIAVwWhXO+YSzdu7uT253rAaXk7/tsLTG7rHw63pG0HE+ELjHL/OAnhW 3IaXJzfHCErSOvehMsp0i+0oYEwTk8YZGdMA8A/vsY+uNKProb0qztqXuw9FbKjm eTUz35rkC1axw5/JTl52VVQKPUiftpQypVxm+5DCBopg4ylC6BYWvreEhWIPY878 dJ6VftHCLCdCZ4kZqGNRgI94uLaiUjD2+5lT78hyvzh7NQ4odku1CS682kB97ct9 /yKvrxX/cvh3aw23/JeP6beLI/SS7jcc0EK4ztw/o0TuBHrHKdOKn0mMQxRGqrYI VoCUDhljG+FCxIOv2ccES+RXQVE= -----END CERTIFICATE-----Generated at Fri Nov 7 12:43:31 2025 by rpki-client