$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft File: 2wnDhcqGTQSV-VGV_38HvFdh4XY.mft (raw, json) Hash identifier: E7iUxVimq7VlnZon4zz+Q48x0eNj5+TtH4CYIUXA7YM= Subject key identifier: 04:1A:A5:E8:17:43:B7:42:48:C3:C1:96:FF:3D:92:37:B7:68:7F:F7 Authority key identifier: DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 Certificate issuer: /CN=DB09C385CA864D0495F95195FF7F07BC5761E176 Certificate serial: 0677 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft Manifest number: 0677 Signing time: Wed 05 Nov 2025 15:13:47 +0000 Manifest this update: Wed 05 Nov 2025 15:13:47 +0000 Manifest next update: Wed 05 Nov 2025 21:13:47 +0000 Files and hashes: 1: 2wnDhcqGTQSV-VGV_38HvFdh4XY.crl (hash: ERU1+vCB9VAM/KN91xp+I7nh2ag6qYczT7u1+Ac9f7Q=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:13:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1655 (0x677) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DB09C385CA864D0495F95195FF7F07BC5761E176 Validity Not Before: Nov 5 15:13:47 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=041AA5E81743B74248C3C196FF3D9237B7687FF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0e:76:e4:6b:ce:10:9a:1b:62:cc:f1:71:7e: 61:36:c7:6b:20:47:da:a5:25:c4:bc:d0:40:10:60: 35:fd:34:4c:6b:c5:32:bf:8b:d8:d4:36:a3:2a:63: 51:5a:a4:3f:a8:d8:71:40:65:03:dc:8d:bc:4f:7f: 4a:aa:8c:80:55:83:73:ef:9a:4e:92:94:1d:b4:bd: eb:37:17:2c:32:a1:35:26:32:fc:aa:00:cf:9d:d3: 49:74:19:ca:0d:92:0d:29:b5:f8:ad:88:67:db:3a: 92:17:68:83:a9:dc:51:09:5f:f6:5d:7c:b1:34:37: f4:73:d9:01:14:88:09:e0:94:f4:59:f2:8a:01:98: 36:20:d7:59:9c:65:e5:4a:20:b6:e8:47:fb:ea:c6: cc:13:56:a1:a0:63:d5:d4:13:e8:6e:86:04:cb:4e: f2:0a:5d:27:82:4c:16:86:7d:b4:87:b3:aa:49:48: df:a0:d3:20:29:9f:08:fc:64:79:84:22:16:50:d0: 63:ea:89:4d:d1:08:87:13:04:7a:17:4e:97:fc:e7: 5d:14:6d:af:83:03:16:b3:7e:23:58:a9:7e:b5:12: ae:4b:b3:74:84:fd:7b:6a:c0:f4:49:7c:e3:d6:66: 54:b9:d7:dd:44:50:85:04:8e:78:5a:ed:2c:04:96: 0a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:1A:A5:E8:17:43:B7:42:48:C3:C1:96:FF:3D:92:37:B7:68:7F:F7 X509v3 Authority Key Identifier: keyid:DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:09:e2:bd:ac:34:15:58:c7:84:99:a9:05:f1:f1:66:3d:a6: 3c:4f:37:63:b2:1d:72:c7:ea:cf:4a:46:53:14:20:84:b3:2e: 45:14:8b:30:05:9f:3d:6e:5d:fe:b5:f6:b3:b6:f5:fe:a5:97: 78:5f:14:99:ff:07:44:ed:e4:37:b8:c3:35:64:d3:97:8f:e3: 5a:02:cd:2f:78:d8:ea:85:5d:88:f4:a3:8f:54:29:1a:54:56: 64:76:94:fa:86:95:64:de:32:4e:eb:50:5d:82:64:79:c7:d5: 4f:47:1b:fc:66:47:64:d1:bd:a8:5f:79:2e:6a:34:c7:61:5e: d0:ca:cc:d9:ba:54:64:85:9e:05:38:d5:38:c9:eb:64:92:f2: 99:0d:33:36:6e:21:f1:63:e6:92:75:f5:c4:f5:48:4f:38:32: 21:c2:da:aa:21:85:99:9b:5a:77:d4:1a:3d:78:0b:4f:ec:c2: 54:40:7c:8a:4e:03:df:28:5e:be:a6:84:0c:3b:e9:3d:a4:cf: 8f:78:14:f7:a3:32:d8:9e:2b:5d:0a:0a:de:d7:4c:47:21:88: 71:61:0c:11:8e:76:05:5b:32:ae:81:6e:a0:51:ff:bc:6a:20: ca:f5:92:20:40:aa:a4:8b:42:4b:c8:68:cc:21:1e:50:d7:3b: b4:69:86:b2 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBncwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREIw OUMzODVDQTg2NEQwNDk1Rjk1MTk1RkY3RjA3QkM1NzYxRTE3NjAeFw0yNTExMDUx NTEzNDdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDA0MUFBNUU4MTc0M0I3 NDI0OEMzQzE5NkZGM0Q5MjM3Qjc2ODdGRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqDnbka84QmhtizPFxfmE2x2sgR9qlJcS80EAQYDX9NExrxTK/ i9jUNqMqY1FapD+o2HFAZQPcjbxPf0qqjIBVg3Pvmk6SlB20ves3FywyoTUmMvyq AM+d00l0GcoNkg0ptfitiGfbOpIXaIOp3FEJX/ZdfLE0N/Rz2QEUiAnglPRZ8ooB mDYg11mcZeVKILboR/vqxswTVqGgY9XUE+huhgTLTvIKXSeCTBaGfbSHs6pJSN+g 0yApnwj8ZHmEIhZQ0GPqiU3RCIcTBHoXTpf8510Uba+DAxazfiNYqX61Eq5Ls3SE /XtqwPRJfOPWZlS5191EUIUEjnha7SwElgotAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUBBql6BdDt0JIw8GW/z2SN7dof/cwHwYDVR0jBBgwFoAU2wnDhcqGTQSV+VGV /38HvFdh4XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz Ny8yd25EaGNxR1RRU1YtVkdWXzM4SHZGZGg0WFkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzJ3bkRoY3FHVFFTVi1WR1ZfMzhIdkZkaDRYWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMzcvMnduRGhjcUdUUVNW LVZHVl8zOEh2RmRoNFhZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAA0J4r2sNBVYx4SZqQXx8WY9pjxPN2OyHXLH6s9KRlMUIISzLkUUizAFnz1u Xf619rO29f6ll3hfFJn/B0Tt5De4wzVk05eP41oCzS942OqFXYj0o49UKRpUVmR2 lPqGlWTeMk7rUF2CZHnH1U9HG/xmR2TRvahfeS5qNMdhXtDKzNm6VGSFngU41TjJ 62SS8pkNMzZuIfFj5pJ19cT1SE84MiHC2qohhZmbWnfUGj14C0/swlRAfIpOA98o Xr6mhAw76T2kz494FPejMtieK10KCt7XTEchiHFhDBGOdgVbMq6BbqBR/7xqIMr1 kiBAqqSLQkvIaMwhHlDXO7RphrI= -----END CERTIFICATE-----Generated at Wed Nov 5 19:34:54 2025 by rpki-client