$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft File: Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft (raw, json) Hash identifier: Uf7NaceYwZ5KjtaZd3EKb9UUNDTrIsyTjNjhpYabL4s= Subject key identifier: 5B:62:CF:F4:F2:DA:D3:3E:A2:7E:8C:3A:5E:DC:F5:33:45:C0:5A:25 Authority key identifier: 43:E6:FD:AB:0F:15:0E:E9:C4:3C:F5:A2:BB:76:58:8A:7E:5F:85:02 Certificate issuer: /CN=43E6FDAB0F150EE9C43CF5A2BB76588A7E5F8502 Certificate serial: 0187 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft Manifest number: 0184 Signing time: Mon 02 Mar 2026 10:00:29 +0000 Manifest this update: Mon 02 Mar 2026 10:00:29 +0000 Manifest next update: Mon 02 Mar 2026 16:00:29 +0000 Files and hashes: 1: 7qqfCczVpqzPAfV0rFSiOaInTZo.roa (hash: He/3RBMb/hdGBTYVCyG/HVT/wnrhQ3TGFKE110yMwhM=) 2: Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl (hash: /jpxEXbooZBpqZkfvfTMOtCrDMP3QS943UCqiNI84sg=) 3: zyd9sNtiUGWk-rPMxkaAwd-jMjU.roa (hash: gJ4z3p20OCkd5sduSBhdXm57HvoUXImlRN+QEWanG2A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 15:59:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 391 (0x187) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43E6FDAB0F150EE9C43CF5A2BB76588A7E5F8502 Validity Not Before: Mar 2 10:00:29 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=5B62CFF4F2DAD33EA27E8C3A5EDCF53345C05A25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:d3:9d:79:41:41:05:98:86:d6:7d:6c:95:6c: 5f:44:23:23:51:d9:6e:da:c9:b3:b1:2d:fc:e9:e2: f5:e0:be:d6:b2:90:ef:27:c5:aa:29:ec:10:fb:2a: 56:d1:a8:27:d6:03:99:49:44:3c:ef:ad:8d:1f:1b: ac:6c:50:43:f4:6c:d0:dc:a7:f4:94:66:81:f7:b2: 30:8a:cb:fb:17:6f:5f:3a:44:85:d4:dc:d3:7d:6b: d2:4f:56:f5:da:df:e2:46:81:53:c4:55:1d:44:8d: 02:56:cd:3a:c5:28:bd:c2:18:93:d6:47:2d:ca:c6: 8d:06:79:05:66:e8:4d:fa:60:a6:8d:18:a4:98:37: 65:34:87:92:e9:2d:93:25:18:a7:61:91:1c:af:08: 5c:20:d7:76:f8:63:d4:36:a8:95:55:c0:dc:c4:8c: 5a:49:bf:47:d1:f5:0c:f7:fa:49:e4:d3:c4:fc:a1: a4:0c:eb:c1:29:db:e3:20:ba:8f:17:98:cd:8c:d4: 7c:a7:8d:44:dd:82:61:f4:ac:7b:61:92:66:fe:68: 83:a1:8e:0b:de:9b:cc:b4:f9:a2:2b:7e:d8:00:db: 30:56:f7:bd:e0:e4:74:4e:f6:2b:c7:cf:45:73:1c: 53:b0:fd:4f:f0:54:9a:b8:c9:dd:9d:51:5b:f1:56: 7b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:62:CF:F4:F2:DA:D3:3E:A2:7E:8C:3A:5E:DC:F5:33:45:C0:5A:25 X509v3 Authority Key Identifier: keyid:43:E6:FD:AB:0F:15:0E:E9:C4:3C:F5:A2:BB:76:58:8A:7E:5F:85:02 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3417/Q-b9qw8VDunEPPWiu3ZYin5fhQI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:a2:a3:1b:02:5a:1c:87:48:f7:93:6c:fc:86:cc:87:dc:dc: fa:b4:7a:74:5c:01:db:78:ea:3d:61:56:2e:74:c0:6e:53:a6: 71:60:fb:4a:d5:f2:56:3f:d1:3c:c8:60:bd:06:29:bf:94:4d: d7:1b:f9:8f:b9:0a:5d:a8:c9:6d:79:39:62:5f:fd:8d:ed:ae: 44:ce:01:36:92:ec:bb:2d:6e:e5:91:f5:2e:86:16:85:67:d6: 5c:35:a9:b6:e5:68:78:1c:34:00:c4:4a:c6:a8:22:6d:c0:71: 1c:96:e8:73:19:7a:c9:c8:d9:dc:ca:2d:a3:ea:93:66:4b:75: 6d:61:2f:7b:a6:fc:9d:51:95:39:35:a1:b3:45:d7:49:9c:d0: 5e:58:2c:9a:08:cc:53:a3:f5:cf:d4:f6:18:a3:8e:38:01:01: 82:f7:3e:cb:af:9e:2a:9f:c9:f2:02:d9:7a:36:71:06:5b:79: 37:a7:b6:67:2e:9c:1f:39:f2:c7:44:8a:ff:2c:14:f5:14:ac: 52:fc:f0:91:60:0e:2f:7c:59:53:a7:16:1f:04:f4:54:5c:95: 5d:65:91:6d:2e:89:7f:6a:86:de:fe:65:8c:ca:f1:e6:16:e8: a4:bc:f2:8b:08:0e:3c:96:28:0c:3c:20:ed:11:ff:6c:6c:2e: f4:99:21:0e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDNF NkZEQUIwRjE1MEVFOUM0M0NGNUEyQkI3NjU4OEE3RTVGODUwMjAeFw0yNjAzMDIx MDAwMjlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVCNjJDRkY0RjJEQUQz M0VBMjdFOEMzQTVFRENGNTMzNDVDMDVBMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDV0515QUEFmIbWfWyVbF9EIyNR2W7aybOxLfzp4vXgvtaykO8n xaop7BD7KlbRqCfWA5lJRDzvrY0fG6xsUEP0bNDcp/SUZoH3sjCKy/sXb186RIXU 3NN9a9JPVvXa3+JGgVPEVR1EjQJWzTrFKL3CGJPWRy3Kxo0GeQVm6E36YKaNGKSY N2U0h5LpLZMlGKdhkRyvCFwg13b4Y9Q2qJVVwNzEjFpJv0fR9Qz3+knk08T8oaQM 68Ep2+Mguo8XmM2M1HynjUTdgmH0rHthkmb+aIOhjgvem8y0+aIrftgA2zBW973g 5HRO9ivHz0VzHFOw/U/wVJq4yd2dUVvxVntzAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUW2LP9PLa0z6ifow6Xtz1M0XAWiUwHwYDVR0jBBgwFoAUQ+b9qw8VDunEPPWi u3ZYin5fhQIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx Ny9RLWI5cXc4VkR1bkVQUFdpdTNaWWluNWZoUUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1EtYjlxdzhWRHVuRVBQV2l1M1pZaW41ZmhRSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzM0MTcvUS1iOXF3OFZEdW5F UFBXaXUzWllpbjVmaFFJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFSioxsCWhyHSPeTbPyGzIfc3Pq0enRcAdt46j1hVi50wG5TpnFg+0rV8lY/ 0TzIYL0GKb+UTdcb+Y+5Cl2oyW15OWJf/Y3trkTOATaS7LstbuWR9S6GFoVn1lw1 qbblaHgcNADESsaoIm3AcRyW6HMZesnI2dzKLaPqk2ZLdW1hL3um/J1RlTk1obNF 10mc0F5YLJoIzFOj9c/U9hijjjgBAYL3PsuvniqfyfIC2Xo2cQZbeTentmcunB85 8sdEiv8sFPUUrFL88JFgDi98WVOnFh8E9FRclV1lkW0uiX9qht7+ZYzK8eYW6KS8 8osIDjyWKAw8IO0R/2xsLvSZIQ4= -----END CERTIFICATE-----Generated at Mon Mar 2 14:26:28 2026 by rpki-client