$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft File: zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft (raw, json) Hash identifier: WOK63h2asNPbO6D+kvOfe3Kh/43/iB5Zdg6sL/ozfxE= Subject key identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 Authority key identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 Certificate issuer: /CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Certificate serial: 183C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft Manifest number: 183C Signing time: Wed 05 Nov 2025 15:11:45 +0000 Manifest this update: Wed 05 Nov 2025 15:11:45 +0000 Manifest next update: Wed 05 Nov 2025 21:11:45 +0000 Files and hashes: 1: zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl (hash: IQrrKYuG7O6wSZA9srsvU5HVn7+pOzTMwIfuL/Fpfrs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 18:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6204 (0x183c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Validity Not Before: Nov 5 15:11:45 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2138FFFC8AF59D1AAB0DF92BBB31E23E8ACC5293 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:23:a3:31:f7:55:c2:81:3d:f1:f6:5d:15:b4: 1c:43:09:ec:a0:49:5e:74:40:a7:c8:4a:c8:bb:71: 1b:db:d5:a9:40:3b:f9:7a:60:6a:bb:84:8c:51:9c: fe:7a:94:61:a4:f6:5f:c7:c6:5e:9d:97:39:8a:71: be:e4:c6:0d:a5:d1:de:2a:1c:c3:56:fa:da:29:1a: fe:fb:49:f9:53:27:ee:40:8d:5b:50:2b:d7:af:3e: 4a:d9:36:ac:b3:f0:62:77:a9:2e:7e:07:bb:41:bd: b5:35:4a:bc:bd:78:35:13:4a:3e:15:d6:9e:13:58: bc:70:dd:fe:d2:ae:58:24:09:50:97:95:3f:53:4f: 07:dd:0e:e6:d8:14:4e:01:94:d5:4b:a4:ad:da:e6: a7:e6:9f:1c:ca:47:f9:1f:38:a2:fe:ff:a1:f0:41: 91:c9:8f:e5:07:9c:e9:49:33:3b:53:d7:d0:ef:91: 64:53:a6:d6:e4:9f:a7:52:cd:51:5a:b8:4f:eb:b6: da:9a:d3:f9:4d:de:9b:43:04:d8:ad:ed:50:c6:ff: 08:c4:a6:24:7e:4a:cb:72:5f:cf:6d:5c:8b:e4:34: 6e:1b:86:20:29:b7:e2:91:7f:ec:20:48:d0:e2:45: 4a:96:bf:b9:46:31:0f:1c:8b:b0:fe:e5:42:eb:fc: 2a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 X509v3 Authority Key Identifier: keyid:CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:fb:09:42:28:b7:2c:45:8a:06:e3:86:7b:e1:5d:6b:d3:09: 2c:9d:af:98:ab:1a:c0:ec:4c:30:d1:4f:98:8d:d1:2d:3f:3d: 61:30:5f:73:e6:13:c9:0d:e0:23:eb:27:8b:e8:c0:b3:ac:0d: e7:92:c7:5c:47:06:88:ed:f4:22:2d:85:9a:fd:47:32:84:65: f7:c7:3c:ed:9c:71:0b:06:f1:9f:36:37:c6:ae:38:0d:a4:47: b3:a7:13:3f:22:3f:ac:1c:e3:37:e8:0a:53:60:61:0c:fa:82: 09:37:f7:ef:76:4d:01:20:45:68:b5:f3:73:36:fb:5c:44:cb: 1f:4b:4e:4d:a7:16:6e:92:82:12:43:a3:40:68:e9:fc:5d:be: 55:c1:01:fb:fb:33:3e:74:86:2e:34:d7:0c:36:96:9b:a1:8b: 56:2a:dc:a1:3b:bf:77:b5:55:8d:fc:8c:66:8f:2e:95:4d:2b: d2:e7:ec:43:fc:1a:43:40:5a:17:56:89:25:1e:a4:82:b4:84: 0e:b5:05:91:fd:b5:d3:62:a7:e1:78:c0:ea:39:0f:76:82:1f: f0:21:10:69:8f:72:93:5c:59:ab:53:32:e1:48:a9:ad:da:41: 32:da:25:95:02:27:be:53:67:be:ea:d5:05:30:1a:67:2f:cf: 57:ac:a5:cb -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGDwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NB M0E3MUQzMjY2RUVCRkU2RjE4OURFRUU0MjlFQTlFMDQzQTRFNzAeFw0yNTExMDUx NTExNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDIxMzhGRkZDOEFGNTlE MUFBQjBERjkyQkJCMzFFMjNFOEFDQzUyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaI6Mx91XCgT3x9l0VtBxDCeygSV50QKfISsi7cRvb1alAO/l6 YGq7hIxRnP56lGGk9l/Hxl6dlzmKcb7kxg2l0d4qHMNW+topGv77SflTJ+5AjVtQ K9evPkrZNqyz8GJ3qS5+B7tBvbU1Sry9eDUTSj4V1p4TWLxw3f7SrlgkCVCXlT9T TwfdDubYFE4BlNVLpK3a5qfmnxzKR/kfOKL+/6HwQZHJj+UHnOlJMztT19DvkWRT ptbkn6dSzVFauE/rttqa0/lN3ptDBNit7VDG/wjEpiR+SstyX89tXIvkNG4bhiAp t+KRf+wgSNDiRUqWv7lGMQ8ci7D+5ULr/CpfAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUITj//Ir1nRqrDfkruzHiPorMUpMwHwYDVR0jBBgwFoAUzKOnHTJm7r/m8Yne 7kKeqeBDpOcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDcz L3pLT25IVEptN3JfbThZbmU3a0tlcWVCRHBPYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvektPbkhUSm03cl9tOFluZTdrS2VxZUJEcE9jLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDczL3pLT25IVEptN3JfbThZ bmU3a0tlcWVCRHBPYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAQ+wlCKLcsRYoG44Z74V1r0wksna+YqxrA7Eww0U+YjdEtPz1hMF9z5hPJDeAj 6yeL6MCzrA3nksdcRwaI7fQiLYWa/UcyhGX3xzztnHELBvGfNjfGrjgNpEezpxM/ Ij+sHOM36ApTYGEM+oIJN/fvdk0BIEVotfNzNvtcRMsfS05NpxZukoISQ6NAaOn8 Xb5VwQH7+zM+dIYuNNcMNpaboYtWKtyhO793tVWN/Ixmjy6VTSvS5+xD/BpDQFoX VoklHqSCtIQOtQWR/bXTYqfheMDqOQ92gh/wIRBpj3KTXFmrUzLhSKmt2kEy2iWV Aie+U2e+6tUFMBpnL89XrKXL -----END CERTIFICATE-----Generated at Wed Nov 5 17:15:59 2025 by rpki-client