$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft File: qaFpos8CL7oK84PKmXtFZP7V-Js.mft (raw, json) Hash identifier: AB3Dh8OVnaoWK1nzYOeBOG6cwqVWrMENs+Fr45g/MRc= Subject key identifier: 2B:16:57:18:FF:B4:71:E6:D9:83:81:1B:34:9F:CF:8F:44:B9:98:BE Authority key identifier: A9:A1:69:A2:CF:02:2F:BA:0A:F3:83:CA:99:7B:45:64:FE:D5:F8:9B Certificate issuer: /CN=A9A169A2CF022FBA0AF383CA997B4564FED5F89B Certificate serial: 50 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft Manifest number: 50 Signing time: Wed 05 Nov 2025 19:41:55 +0000 Manifest this update: Wed 05 Nov 2025 19:41:55 +0000 Manifest next update: Thu 06 Nov 2025 01:41:55 +0000 Files and hashes: 1: qaFpos8CL7oK84PKmXtFZP7V-Js.crl (hash: kKD9AZG4+OuSFQvhmKMRW4a17M+Cnh67oVsaXHheafs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:41:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 80 (0x50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9A169A2CF022FBA0AF383CA997B4564FED5F89B Validity Not Before: Nov 5 19:41:55 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2B165718FFB471E6D983811B349FCF8F44B998BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:bf:94:ff:7b:7c:37:5a:1f:e8:b6:66:c3:6f: 66:38:b7:ae:da:2e:b1:ad:5c:ff:df:d7:a7:ad:7e: 70:4b:4f:7a:44:61:e8:b8:4d:e6:c5:b6:2f:95:6b: 48:87:0a:24:3a:f8:b7:f7:6f:36:c0:5f:ac:96:66: 8c:fb:47:ea:8a:ae:1b:f7:3f:f2:eb:4e:20:90:c7: 47:99:75:23:d0:0b:fe:4c:ba:60:7c:45:db:e8:0a: 8e:97:2a:87:33:b0:0a:be:54:cd:69:a8:71:14:25: 20:ca:dd:e8:72:a5:11:4d:9e:41:8b:97:66:1b:bc: 45:16:61:05:54:25:aa:c6:24:05:5d:b0:36:3b:da: 80:35:25:bb:ec:85:6e:30:5c:a6:91:52:70:7f:f1: 74:72:0a:27:32:4a:70:b5:dd:e3:eb:4d:d3:c2:55: 2c:ab:e3:37:59:98:9c:63:51:eb:29:63:8d:6a:1b: dd:6c:f4:44:87:eb:1e:7d:f8:60:93:05:1b:5f:58: f0:fc:5b:f1:cf:68:78:d7:46:3f:d5:b9:73:06:10: af:9c:56:1f:0a:8b:b5:0e:80:ad:c3:92:90:07:f2: ec:b8:a4:e1:7b:b9:53:f7:db:1b:8a:a5:bd:ea:c1: 65:04:13:7a:d3:d4:b6:06:d0:a7:bf:83:5a:ef:1f: c5:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:16:57:18:FF:B4:71:E6:D9:83:81:1B:34:9F:CF:8F:44:B9:98:BE X509v3 Authority Key Identifier: keyid:A9:A1:69:A2:CF:02:2F:BA:0A:F3:83:CA:99:7B:45:64:FE:D5:F8:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:05:f8:fe:24:77:96:53:e7:e7:d5:8d:f8:c9:a1:7f:6c:99: a1:89:dc:6d:30:c6:91:e9:55:8b:f5:7b:4b:fa:0a:dd:f8:58: cb:b6:85:b4:61:7c:6b:1b:c2:b6:fd:db:e1:e7:1f:ec:c6:a5: 5a:38:8e:22:0f:89:70:87:ea:df:64:e4:ef:78:80:68:3a:04: 68:b8:e3:f1:b9:59:7e:86:9e:17:94:14:72:a3:85:30:fc:86: 9e:ac:a6:06:02:00:27:76:ec:50:61:90:1c:aa:47:de:06:ef: 3e:82:5c:ac:d5:ef:e1:90:4a:76:12:b1:88:07:7d:ba:ba:c4: 61:b6:90:39:89:75:08:d5:aa:cd:ed:ea:ac:21:e8:cc:76:c2: 47:5c:b0:39:43:5a:c3:f4:06:e1:24:78:fb:03:23:35:dc:3e: 44:dc:fe:22:13:fe:7f:ec:f6:35:c3:83:e9:e7:6d:5a:aa:5f: 4d:43:52:7b:7e:ec:83:93:ae:31:f8:36:51:47:98:76:94:d3: c3:7d:00:b6:37:75:82:97:c0:2e:a9:5c:0f:9a:65:79:20:05: 95:07:db:ae:f6:5e:9c:41:c7:0a:e6:1d:96:5d:f8:52:81:0c: 9b:5f:60:9f:da:1c:70:27:d8:1f:eb:4e:03:8b:e0:23:ac:1c: a0:31:dd:ec -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIBUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBOUEx NjlBMkNGMDIyRkJBMEFGMzgzQ0E5OTdCNDU2NEZFRDVGODlCMB4XDTI1MTEwNTE5 NDE1NVoXDTI2MTAyMzAzMDEwM1owMzExMC8GA1UEAxMoMkIxNjU3MThGRkI0NzFF NkQ5ODM4MTFCMzQ5RkNGOEY0NEI5OThCRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOO/lP97fDdaH+i2ZsNvZji3rtousa1c/9/Xp61+cEtPekRh6LhN 5sW2L5VrSIcKJDr4t/dvNsBfrJZmjPtH6oquG/c/8utOIJDHR5l1I9AL/ky6YHxF 2+gKjpcqhzOwCr5UzWmocRQlIMrd6HKlEU2eQYuXZhu8RRZhBVQlqsYkBV2wNjva gDUlu+yFbjBcppFScH/xdHIKJzJKcLXd4+tN08JVLKvjN1mYnGNR6yljjWob3Wz0 RIfrHn34YJMFG19Y8Pxb8c9oeNdGP9W5cwYQr5xWHwqLtQ6ArcOSkAfy7Lik4Xu5 U/fbG4qlverBZQQTetPUtgbQp7+DWu8fxSECAwEAAaOCAgwwggIIMB0GA1UdDgQW BBQrFlcY/7Rx5tmDgRs0n8+PRLmYvjAfBgNVHSMEGDAWgBSpoWmizwIvugrzg8qZ e0Vk/tX4mzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMzk5 L3FhRnBvczhDTDdvSzg0UEttWHRGWlA3Vi1Kcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcWFGcG9zOENMN29LODRQS21YdEZaUDdWLUpzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM5OS9xYUZwb3M4Q0w3b0s4 NFBLbVh0RlpQN1YtSnMubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAlwX4/iR3llPn59WN+Mmhf2yZoYncbTDGkelVi/V7S/oK3fhYy7aFtGF8axvC tv3b4ecf7MalWjiOIg+JcIfq32Tk73iAaDoEaLjj8blZfoaeF5QUcqOFMPyGnqym BgIAJ3bsUGGQHKpH3gbvPoJcrNXv4ZBKdhKxiAd9urrEYbaQOYl1CNWqze3qrCHo zHbCR1ywOUNaw/QG4SR4+wMjNdw+RNz+IhP+f+z2NcOD6edtWqpfTUNSe37sg5Ou Mfg2UUeYdpTTw30Atjd1gpfALqlcD5pleSAFlQfbrvZenEHHCuYdll34UoEMm19g n9occCfYH+tOA4vgI6wcoDHd7A== -----END CERTIFICATE-----Generated at Thu Nov 6 00:20:49 2025 by rpki-client