$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft File: 17ShZ52D0ID8_qOSpk1CSkdVt4A.mft (raw, json) Hash identifier: qmDguFKhCZE3VPwfAv2Cvxj+psY1cLP2XCRZADiDMuQ= Subject key identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC Authority key identifier: D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 Certificate issuer: /CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Certificate serial: 0509 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft Manifest number: 0509 Signing time: Wed 05 Nov 2025 11:41:07 +0000 Manifest this update: Wed 05 Nov 2025 11:41:07 +0000 Manifest next update: Wed 05 Nov 2025 17:41:07 +0000 Files and hashes: 1: 17ShZ52D0ID8_qOSpk1CSkdVt4A.crl (hash: fGXmnf2c5mtgJAeVkQdTl8a0zOdeM4I66ZeUNQ/5tWQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 17:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1289 (0x509) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Validity Not Before: Nov 5 11:41:07 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=784771EF7C83CCDF499C7D42EA01D3B75ECF4CDC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0b:88:43:47:11:66:8a:5c:73:9b:37:4f:cb: a5:99:bd:12:6e:cd:51:bd:7e:6f:16:fd:6b:0f:0e: 19:cf:a2:f5:f0:3f:54:d4:4d:e8:9b:1f:74:f9:19: f6:02:9d:39:d8:20:d0:58:dd:2e:e5:23:63:4c:d2: 25:b5:d4:3b:9f:f7:ff:bf:08:2e:3b:5f:1c:e8:08: b6:70:35:5a:25:8b:76:be:20:be:a0:c1:1e:7c:7a: 26:9c:bf:9f:5c:25:3e:03:18:c0:fb:ae:1b:34:c1: 0c:ff:80:24:ca:d4:2f:96:a7:47:7d:c2:26:68:b8: e3:c7:0a:2b:6c:91:52:36:26:a9:e8:c7:af:ec:4a: a1:26:c3:28:ea:b1:26:17:8d:02:62:ae:7f:88:6e: d3:d8:ee:77:52:27:72:c3:64:05:b2:fa:5e:ce:20: aa:c4:9b:e8:79:c2:a3:28:1e:c5:54:09:ce:fa:bf: 67:5b:86:b5:eb:51:34:86:54:8d:12:db:0c:81:ec: 4c:68:43:b6:a4:c7:02:a6:10:a9:0b:b8:8c:72:db: f7:b6:e5:98:45:27:31:23:22:ef:53:d0:12:15:26: 9d:00:a6:19:03:fe:c0:a4:dd:51:66:b7:99:93:96: 3a:df:bd:8c:06:61:ae:b8:cd:b6:a9:26:8e:9c:c1: 06:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC X509v3 Authority Key Identifier: keyid:D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:cc:8f:23:c1:53:e1:f7:7e:11:c7:48:83:b0:8b:8a:ad:53: 63:65:39:63:17:12:12:6f:aa:01:28:1a:04:25:c8:57:e1:d5: 94:6f:4b:e7:ec:74:81:a3:5a:56:ff:e9:f9:23:26:71:b9:4d: 7a:2a:e7:0d:d8:46:2e:f8:9a:ce:42:a4:f2:df:7c:dc:71:57: da:22:ac:27:3b:a8:14:a8:db:af:50:ee:3a:c0:93:3d:d1:04: cc:a0:52:ae:29:91:ec:c6:8b:91:01:d9:c4:75:a6:3e:20:a3: b3:42:7a:cc:15:37:d4:29:6b:4e:98:6d:ce:f3:67:7a:29:1d: e3:64:5c:21:5f:92:88:b2:ec:42:7b:16:5e:c8:87:e0:b1:b5: 50:8b:2f:cc:d0:70:d9:1f:45:f3:66:65:4a:d5:99:ca:3d:c3: e1:75:21:80:aa:53:4d:b2:f2:02:59:fd:d6:8b:0a:e4:c0:05: 98:4e:45:6d:57:92:0d:f3:1c:42:2f:9a:d6:29:9c:c4:d6:d5: c0:bd:36:8e:a4:14:c2:c3:19:cf:05:b5:d4:ef:5b:e0:8a:4b: 5a:61:93:4b:1a:ee:ba:8e:57:9a:c8:c7:1b:d8:76:84:2c:4d: e4:8c:4d:3c:76:e3:4c:00:a7:7e:fa:39:07:17:10:96:0c:a5: 27:88:ac:87 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDdC NEExNjc5RDgzRDA4MEZDRkVBMzkyQTY0RDQyNEE0NzU1Qjc4MDAeFw0yNTExMDUx MTQxMDdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDc4NDc3MUVGN0M4M0ND REY0OTlDN0Q0MkVBMDFEM0I3NUVDRjRDREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTC4hDRxFmilxzmzdPy6WZvRJuzVG9fm8W/WsPDhnPovXwP1TU TeibH3T5GfYCnTnYINBY3S7lI2NM0iW11Duf9/+/CC47XxzoCLZwNVoli3a+IL6g wR58eiacv59cJT4DGMD7rhs0wQz/gCTK1C+Wp0d9wiZouOPHCitskVI2Jqnox6/s SqEmwyjqsSYXjQJirn+IbtPY7ndSJ3LDZAWy+l7OIKrEm+h5wqMoHsVUCc76v2db hrXrUTSGVI0S2wyB7ExoQ7akxwKmEKkLuIxy2/e25ZhFJzEjIu9T0BIVJp0AphkD /sCk3VFmt5mTljrfvYwGYa64zbapJo6cwQavAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUeEdx73yDzN9JnH1C6gHTt17PTNwwHwYDVR0jBBgwFoAU17ShZ52D0ID8/qOS pk1CSkdVt4AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1 MS8xN1NoWjUyRDBJRDhfcU9TcGsxQ1NrZFZ0NEEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzE3U2haNTJEMElEOF9xT1NwazFDU2tkVnQ0QS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTEvMTdTaFo1MkQwSUQ4 X3FPU3BrMUNTa2RWdDRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAL3MjyPBU+H3fhHHSIOwi4qtU2NlOWMXEhJvqgEoGgQlyFfh1ZRvS+fsdIGj Wlb/6fkjJnG5TXoq5w3YRi74ms5CpPLffNxxV9oirCc7qBSo269Q7jrAkz3RBMyg Uq4pkezGi5EB2cR1pj4go7NCeswVN9Qpa06Ybc7zZ3opHeNkXCFfkoiy7EJ7Fl7I h+CxtVCLL8zQcNkfRfNmZUrVmco9w+F1IYCqU02y8gJZ/daLCuTABZhORW1Xkg3z HEIvmtYpnMTW1cC9No6kFMLDGc8FtdTvW+CKS1phk0sa7rqOV5rIxxvYdoQsTeSM TTx240wAp376OQcXEJYMpSeIrIc= -----END CERTIFICATE-----Generated at Wed Nov 5 16:27:18 2025 by rpki-client