$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft File: NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft (raw, json) Hash identifier: acYc0Q7Zd0KJFlcaG9af9GfvXnmvvElmnJ9WBhj+S0o= Subject key identifier: 12:4A:96:CE:A4:13:E3:58:2C:11:61:76:A9:8A:B4:05:9F:BA:56:1E Authority key identifier: 35:D8:CC:5E:1D:2F:35:FF:BA:A7:A9:09:F5:52:0B:3D:C4:C1:58:8C Certificate issuer: /CN=35D8CC5E1D2F35FFBAA7A909F5520B3DC4C1588C Certificate serial: 0540 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft Manifest number: 053E Signing time: Wed 05 Nov 2025 10:15:26 +0000 Manifest this update: Wed 05 Nov 2025 10:15:26 +0000 Manifest next update: Wed 05 Nov 2025 16:15:26 +0000 Files and hashes: 1: NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl (hash: 2VUGJU9CXVnA/C3NoUg/2HUgLvkzd+Shl7BOBGecLG4=) 2: V1y3g7_UwsryAJsJ4xMbSLRjKmo.roa (hash: 5vapIZiEtMa1uqodBseSnY65f8UTyP+AL9UFNhelV3c=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 14:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1344 (0x540) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35D8CC5E1D2F35FFBAA7A909F5520B3DC4C1588C Validity Not Before: Nov 5 10:15:26 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=124A96CEA413E3582C116176A98AB4059FBA561E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:47:22:e6:1f:14:34:f6:5a:46:de:93:2d:3c: 69:e1:d6:4e:a7:5c:98:de:e1:78:32:9b:21:ce:10: ce:22:bc:79:86:0a:19:64:f8:77:6c:c0:30:c9:43: b5:3d:5c:49:be:26:f4:af:43:4a:10:7f:84:1f:67: a5:c0:1e:0b:4a:e7:2a:a8:a1:0d:42:9b:98:85:bc: 18:45:ab:94:01:be:50:9a:9a:e2:47:8d:dd:6f:60: 8e:00:9f:00:9c:00:8b:d0:6e:81:34:70:90:60:c1: a5:e9:ee:85:86:02:9e:e6:4c:dc:d4:bd:3f:2a:ba: 61:f1:88:35:75:44:04:5c:37:c1:37:dc:58:3b:ce: 8f:5c:7d:95:3f:81:93:e9:0c:03:42:1e:4b:96:42: 58:ba:c4:dd:af:43:d9:f1:e1:52:00:e9:6e:bc:24: 2f:8c:e3:d6:91:03:99:2c:2d:80:15:af:5f:32:50: 68:1a:62:8e:59:b1:f9:c8:a4:de:67:77:23:a5:da: 90:85:61:8a:68:75:3f:05:4f:7d:2c:6c:96:45:07: 2c:b7:fd:23:b1:7b:99:f4:09:dd:01:dd:c1:4a:f2: 2a:cd:47:b5:ed:8f:46:40:4a:e2:54:bb:d4:70:e9: eb:68:8d:b9:8d:8a:4e:5c:ac:0e:3b:6f:40:c1:da: 81:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:4A:96:CE:A4:13:E3:58:2C:11:61:76:A9:8A:B4:05:9F:BA:56:1E X509v3 Authority Key Identifier: keyid:35:D8:CC:5E:1D:2F:35:FF:BA:A7:A9:09:F5:52:0B:3D:C4:C1:58:8C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:40:5f:83:3a:8c:9c:51:8d:41:60:c7:5a:9b:83:67:6f:ee: 35:c5:81:6f:30:4b:13:61:b3:68:c9:cf:97:57:8d:b5:77:82: 0a:ea:c7:cd:1e:bc:54:21:e2:bf:76:74:23:ae:53:45:c7:50: b3:46:ad:97:f0:e4:4f:33:4f:75:12:fa:a1:38:1f:68:65:0c: 32:e0:66:50:1c:65:6a:a8:fb:de:fa:14:af:3c:e6:29:ae:89: 8d:d6:c4:f3:57:f9:6b:16:e5:a5:34:6a:12:34:2c:ea:a5:65: 9a:81:bb:be:9f:74:41:ed:6f:c8:85:57:36:72:f4:d6:38:f6: 60:77:4a:14:02:d5:67:56:98:40:06:e9:38:f1:62:70:fc:c3: bd:3b:c1:65:d2:af:2b:c8:53:6e:39:fc:9d:f0:a9:a5:6d:5e: 48:bb:6d:47:00:d6:fa:90:f4:36:03:54:13:c8:1d:4b:2f:37: 62:20:f3:92:c9:dd:e0:dd:fb:9d:0b:c3:8b:40:06:ad:e1:7d: 6c:d3:de:6f:ea:c0:be:17:f7:88:92:55:0e:0d:55:f1:98:6b: a6:74:13:a6:47:aa:48:35:17:72:14:02:56:31:36:00:a6:6f: 68:7a:4c:71:d6:7e:9e:c7:1f:8d:cd:71:bb:06:ca:8d:d0:37: 22:da:9f:a9 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE OENDNUUxRDJGMzVGRkJBQTdBOTA5RjU1MjBCM0RDNEMxNTg4QzAeFw0yNTExMDUx MDE1MjZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDEyNEE5NkNFQTQxM0Uz NTgyQzExNjE3NkE5OEFCNDA1OUZCQTU2MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlRyLmHxQ09lpG3pMtPGnh1k6nXJje4XgymyHOEM4ivHmGChlk +HdswDDJQ7U9XEm+JvSvQ0oQf4QfZ6XAHgtK5yqooQ1Cm5iFvBhFq5QBvlCamuJH jd1vYI4AnwCcAIvQboE0cJBgwaXp7oWGAp7mTNzUvT8qumHxiDV1RARcN8E33Fg7 zo9cfZU/gZPpDANCHkuWQli6xN2vQ9nx4VIA6W68JC+M49aRA5ksLYAVr18yUGga Yo5ZsfnIpN5ndyOl2pCFYYpodT8FT30sbJZFByy3/SOxe5n0Cd0B3cFK8irNR7Xt j0ZASuJUu9Rw6etojbmNik5crA47b0DB2oHHAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUEkqWzqQT41gsEWF2qYq0BZ+6Vh4wHwYDVR0jBBgwFoAUNdjMXh0vNf+6p6kJ 9VILPcTBWIwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1 MC9OZGpNWGgwdk5mLTZwNmtKOVZJTFBjVEJXSXcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL05kak1YaDB2TmYtNnA2a0o5VklMUGNUQldJdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTAvTmRqTVhoMHZOZi02 cDZrSjlWSUxQY1RCV0l3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAC5AX4M6jJxRjUFgx1qbg2dv7jXFgW8wSxNhs2jJz5dXjbV3ggrqx80evFQh 4r92dCOuU0XHULNGrZfw5E8zT3US+qE4H2hlDDLgZlAcZWqo+976FK885imuiY3W xPNX+WsW5aU0ahI0LOqlZZqBu76fdEHtb8iFVzZy9NY49mB3ShQC1WdWmEAG6Tjx YnD8w707wWXSryvIU245/J3wqaVtXki7bUcA1vqQ9DYDVBPIHUsvN2Ig85LJ3eDd +50Lw4tABq3hfWzT3m/qwL4X94iSVQ4NVfGYa6Z0E6ZHqkg1F3IUAlYxNgCmb2h6 THHWfp7HH43NcbsGyo3QNyLan6k= -----END CERTIFICATE-----Generated at Wed Nov 5 12:08:05 2025 by rpki-client