$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft File: TnhsicjML72c4lQNmb4SziD2uLM.mft (raw, json) Hash identifier: UdRvsWxev0G5i3k0GEm3IcxWxnqqLeufH83LJAyyW6Y= Subject key identifier: 9F:63:9C:D9:A3:0D:BF:38:00:4F:0F:8F:1F:47:30:E9:EE:E7:DD:4D Authority key identifier: 4E:78:6C:89:C8:CC:2F:BD:9C:E2:54:0D:99:BE:12:CE:20:F6:B8:B3 Certificate issuer: /CN=4E786C89C8CC2FBD9CE2540D99BE12CE20F6B8B3 Certificate serial: 1A2F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft Manifest number: 1A2F Signing time: Wed 05 Nov 2025 12:41:13 +0000 Manifest this update: Wed 05 Nov 2025 12:41:13 +0000 Manifest next update: Wed 05 Nov 2025 18:41:13 +0000 Files and hashes: 1: TnhsicjML72c4lQNmb4SziD2uLM.crl (hash: OwdjWTppG50C8Teg8sAPpJg090nulPDPpMpbcikBfHk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:41:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6703 (0x1a2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E786C89C8CC2FBD9CE2540D99BE12CE20F6B8B3 Validity Not Before: Nov 5 12:41:13 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=9F639CD9A30DBF38004F0F8F1F4730E9EEE7DD4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0a:d5:95:90:65:ec:e1:dd:9e:9c:49:5a:57: 6d:f6:b6:6a:3d:8d:6d:25:0e:d4:5d:f2:3e:77:48: 0f:c9:7d:ab:8a:44:55:7d:ae:fa:15:13:25:0b:42: 93:3f:09:bf:20:b6:4d:5f:be:ce:df:b8:0d:ac:55: 0a:07:5f:1b:cf:05:8b:c3:06:36:47:0b:9f:42:a7: 9f:b9:93:0b:e9:47:80:e8:59:b4:bf:72:85:f8:4a: a0:d9:50:87:7b:f1:77:ee:55:05:e8:ec:c5:74:b1: 9c:17:d4:bc:b1:74:4e:b5:a3:0a:10:f5:71:11:7b: 1b:43:d5:64:02:7b:d7:4e:59:ac:53:8c:ee:9e:c6: 93:27:16:5d:53:59:2b:f7:4e:6c:79:ce:72:3e:a7: 65:61:8b:75:41:12:f1:12:ab:51:8b:d9:b6:2a:d1: a4:9d:39:d2:7b:7d:11:e4:69:1a:4e:65:ce:0c:69: 57:b5:e5:da:d9:66:04:da:a2:4b:f3:ac:7d:3d:ee: 91:08:a6:31:16:7e:f6:97:d2:4b:28:6e:60:6d:8b: ab:89:73:f7:14:f2:64:4d:e2:5c:cb:cf:b2:e7:ca: 10:7a:e1:c7:1c:9f:66:76:9b:01:63:6f:56:80:af: ec:ab:e9:73:1d:11:d4:08:00:e4:96:27:06:a3:4e: 60:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:63:9C:D9:A3:0D:BF:38:00:4F:0F:8F:1F:47:30:E9:EE:E7:DD:4D X509v3 Authority Key Identifier: keyid:4E:78:6C:89:C8:CC:2F:BD:9C:E2:54:0D:99:BE:12:CE:20:F6:B8:B3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:06:61:b3:2e:f5:69:c6:f4:eb:e5:19:56:e1:85:48:3c:87: 5f:f8:50:37:c3:ea:0e:04:5b:b5:86:da:55:aa:d0:69:18:3c: b7:30:ab:cd:fe:cf:87:d2:ed:f5:fb:2a:29:c2:4a:af:76:56: 9a:9a:5a:fc:9e:ae:17:98:4d:c2:82:d2:57:3b:3d:5b:ff:d0: cc:1b:27:1e:8c:fa:99:e9:16:4a:ba:93:26:c4:98:13:0d:be: 34:c1:f3:8e:c2:c9:e2:55:77:7b:78:6b:a9:78:14:05:45:86: ef:2c:b4:ea:4f:49:69:39:cc:99:b0:4d:3f:1c:72:e1:66:25: ba:83:2f:bc:c7:73:5b:ba:d9:d2:47:2e:d6:7f:8d:c0:1a:f2: 08:a4:13:a7:7a:b7:1f:24:ef:6a:21:c3:a3:91:85:c7:45:71: 7a:14:27:e7:ad:6d:a7:1b:1a:c1:42:8d:fa:65:3c:5e:26:49: 95:a6:3f:5d:7c:5e:28:7c:29:7c:bc:ea:8b:5b:e3:80:db:f2: db:ed:ec:d3:3a:fc:d1:f0:a6:57:7b:5f:f6:89:9a:de:94:6b: 2f:ca:03:d4:f6:26:f7:52:14:d0:22:2d:b6:07:5e:4f:e3:4d: 2e:ff:41:89:d4:8c:ad:82:43:7f:28:c7:c1:ff:3c:70:61:80: 98:84:50:2e -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGi8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEU3 ODZDODlDOENDMkZCRDlDRTI1NDBEOTlCRTEyQ0UyMEY2QjhCMzAeFw0yNTExMDUx MjQxMTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDlGNjM5Q0Q5QTMwREJG MzgwMDRGMEY4RjFGNDczMEU5RUVFN0RENEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtCtWVkGXs4d2enElaV232tmo9jW0lDtRd8j53SA/JfauKRFV9 rvoVEyULQpM/Cb8gtk1fvs7fuA2sVQoHXxvPBYvDBjZHC59Cp5+5kwvpR4DoWbS/ coX4SqDZUId78XfuVQXo7MV0sZwX1LyxdE61owoQ9XERextD1WQCe9dOWaxTjO6e xpMnFl1TWSv3Tmx5znI+p2Vhi3VBEvESq1GL2bYq0aSdOdJ7fRHkaRpOZc4MaVe1 5drZZgTaokvzrH097pEIpjEWfvaX0ksobmBti6uJc/cU8mRN4lzLz7LnyhB64ccc n2Z2mwFjb1aAr+yr6XMdEdQIAOSWJwajTmBrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUn2Oc2aMNvzgATw+PH0cw6e7n3U0wHwYDVR0jBBgwFoAUTnhsicjML72c4lQN mb4SziD2uLMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L1RuaHNpY2pNTDcyYzRsUU5tYjRTemlEMnVMTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVG5oc2ljak1MNzJjNGxRTm1iNFN6aUQydUxNLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL1RuaHNpY2pNTDcyYzRs UU5tYjRTemlEMnVMTS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBwBmGzLvVpxvTr5RlW4YVIPIdf+FA3w+oOBFu1htpVqtBpGDy3MKvN/s+H0u31 +yopwkqvdlaamlr8nq4XmE3CgtJXOz1b/9DMGycejPqZ6RZKupMmxJgTDb40wfOO wsniVXd7eGupeBQFRYbvLLTqT0lpOcyZsE0/HHLhZiW6gy+8x3NbutnSRy7Wf43A GvIIpBOnercfJO9qIcOjkYXHRXF6FCfnrW2nGxrBQo36ZTxeJkmVpj9dfF4ofCl8 vOqLW+OA2/Lb7ezTOvzR8KZXe1/2iZrelGsvygPU9ib3UhTQIi22B15P400u/0GJ 1IytgkN/KMfB/zxwYYCYhFAu -----END CERTIFICATE-----Generated at Wed Nov 5 16:28:51 2025 by rpki-client