
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
File: NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft (raw, json)
Hash identifier: fcD9+QJWXL7vGaQ/myB1ov9Tw5V60vSWCnM8I21+roQ=
Subject key identifier: 12:4A:96:CE:A4:13:E3:58:2C:11:61:76:A9:8A:B4:05:9F:BA:56:1E
Authority key identifier: 35:D8:CC:5E:1D:2F:35:FF:BA:A7:A9:09:F5:52:0B:3D:C4:C1:58:8C
Certificate issuer: /CN=35D8CC5E1D2F35FFBAA7A909F5520B3DC4C1588C
Certificate serial: 0784
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
Manifest number: 0781
Signing time: Mon 02 Mar 2026 10:00:13 +0000
Manifest this update: Mon 02 Mar 2026 10:00:13 +0000
Manifest next update: Mon 02 Mar 2026 16:00:13 +0000
Files and hashes: 1: 9a0INOwkczfY4HrZo0npiz6wge4.roa (hash: mdc2x6YC0BwO3VfbxMQgCLhbnrU0iA7dp7DPNMxDBuw=)
2: NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl (hash: PtinmlHmWEsyIrwRMpOxvg0evhqePJaFntIzPhXlyqI=)
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Mar 2026 15:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1924 (0x784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35D8CC5E1D2F35FFBAA7A909F5520B3DC4C1588C
Validity
Not Before: Mar 2 10:00:13 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=124A96CEA413E3582C116176A98AB4059FBA561E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:47:22:e6:1f:14:34:f6:5a:46:de:93:2d:3c:
69:e1:d6:4e:a7:5c:98:de:e1:78:32:9b:21:ce:10:
ce:22:bc:79:86:0a:19:64:f8:77:6c:c0:30:c9:43:
b5:3d:5c:49:be:26:f4:af:43:4a:10:7f:84:1f:67:
a5:c0:1e:0b:4a:e7:2a:a8:a1:0d:42:9b:98:85:bc:
18:45:ab:94:01:be:50:9a:9a:e2:47:8d:dd:6f:60:
8e:00:9f:00:9c:00:8b:d0:6e:81:34:70:90:60:c1:
a5:e9:ee:85:86:02:9e:e6:4c:dc:d4:bd:3f:2a:ba:
61:f1:88:35:75:44:04:5c:37:c1:37:dc:58:3b:ce:
8f:5c:7d:95:3f:81:93:e9:0c:03:42:1e:4b:96:42:
58:ba:c4:dd:af:43:d9:f1:e1:52:00:e9:6e:bc:24:
2f:8c:e3:d6:91:03:99:2c:2d:80:15:af:5f:32:50:
68:1a:62:8e:59:b1:f9:c8:a4:de:67:77:23:a5:da:
90:85:61:8a:68:75:3f:05:4f:7d:2c:6c:96:45:07:
2c:b7:fd:23:b1:7b:99:f4:09:dd:01:dd:c1:4a:f2:
2a:cd:47:b5:ed:8f:46:40:4a:e2:54:bb:d4:70:e9:
eb:68:8d:b9:8d:8a:4e:5c:ac:0e:3b:6f:40:c1:da:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4A:96:CE:A4:13:E3:58:2C:11:61:76:A9:8A:B4:05:9F:BA:56:1E
X509v3 Authority Key Identifier:
keyid:35:D8:CC:5E:1D:2F:35:FF:BA:A7:A9:09:F5:52:0B:3D:C4:C1:58:8C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
77:f7:6a:e4:e3:07:4b:c8:f9:54:42:e2:fa:5c:46:ec:de:c8:
89:f2:5b:eb:92:3f:95:ab:c6:e6:64:10:e7:5c:d1:e8:b5:bb:
92:a9:ab:eb:54:09:52:55:a6:6d:24:ae:09:aa:c5:b5:3c:0d:
24:af:85:8c:8b:04:52:37:70:06:e8:1a:03:17:61:f1:ff:d7:
3c:e6:91:3d:0f:44:5b:35:36:7a:c4:09:14:ae:4e:d1:47:9e:
b5:be:bb:b3:42:a0:ea:27:f2:c4:1c:64:d5:be:47:ac:c3:6c:
03:3d:7b:04:e0:a1:5a:59:89:e9:0c:bd:50:30:4b:e0:09:ae:
18:75:97:2f:74:26:61:78:1a:2a:61:7a:80:57:52:76:b0:e5:
f4:15:61:5c:3a:35:1a:27:48:bf:16:f4:77:e1:32:f8:08:8f:
06:b5:aa:e5:2e:69:de:2e:2c:68:63:d3:b0:55:6f:6f:14:ea:
fe:ef:e4:64:bf:0b:70:36:c5:17:5f:52:f7:5f:f4:4b:fc:23:
28:1b:63:c0:67:5e:b9:7b:a8:b3:5b:e5:8e:1e:ec:17:73:c5:
36:38:6a:82:96:1d:80:f7:69:9d:14:d5:34:af:55:89:5e:4f:
69:da:7e:15:51:89:5a:dc:8c:2f:8a:ae:c5:3f:5b:54:54:c4:
62:34:81:50
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICB4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE
OENDNUUxRDJGMzVGRkJBQTdBOTA5RjU1MjBCM0RDNEMxNTg4QzAeFw0yNjAzMDIx
MDAwMTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDEyNEE5NkNFQTQxM0Uz
NTgyQzExNjE3NkE5OEFCNDA1OUZCQTU2MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlRyLmHxQ09lpG3pMtPGnh1k6nXJje4XgymyHOEM4ivHmGChlk
+HdswDDJQ7U9XEm+JvSvQ0oQf4QfZ6XAHgtK5yqooQ1Cm5iFvBhFq5QBvlCamuJH
jd1vYI4AnwCcAIvQboE0cJBgwaXp7oWGAp7mTNzUvT8qumHxiDV1RARcN8E33Fg7
zo9cfZU/gZPpDANCHkuWQli6xN2vQ9nx4VIA6W68JC+M49aRA5ksLYAVr18yUGga
Yo5ZsfnIpN5ndyOl2pCFYYpodT8FT30sbJZFByy3/SOxe5n0Cd0B3cFK8irNR7Xt
j0ZASuJUu9Rw6etojbmNik5crA47b0DB2oHHAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUEkqWzqQT41gsEWF2qYq0BZ+6Vh4wHwYDVR0jBBgwFoAUNdjMXh0vNf+6p6kJ
9VILPcTBWIwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1
MC9OZGpNWGgwdk5mLTZwNmtKOVZJTFBjVEJXSXcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL05kak1YaDB2TmYtNnA2a0o5VklMUGNUQldJdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTAvTmRqTVhoMHZOZi02
cDZrSjlWSUxQY1RCV0l3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAHf3auTjB0vI+VRC4vpcRuzeyInyW+uSP5WrxuZkEOdc0ei1u5Kpq+tUCVJV
pm0krgmqxbU8DSSvhYyLBFI3cAboGgMXYfH/1zzmkT0PRFs1NnrECRSuTtFHnrW+
u7NCoOon8sQcZNW+R6zDbAM9ewTgoVpZiekMvVAwS+AJrhh1ly90JmF4GipheoBX
Unaw5fQVYVw6NRonSL8W9HfhMvgIjwa1quUuad4uLGhj07BVb28U6v7v5GS/C3A2
xRdfUvdf9Ev8IygbY8BnXrl7qLNb5Y4e7BdzxTY4aoKWHYD3aZ0U1TSvVYleT2na
fhVRiVrcjC+KrsU/W1RUxGI0gVA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:01:09 2026 by rpki-client