$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/510/aKDPmms080wyohTyM89mbhBEwAI.mft File: aKDPmms080wyohTyM89mbhBEwAI.mft (raw, json) Hash identifier: NDO+ncW/OBln/ndFNbOxdrzXJlaLCsvJf6sanbOFmto= Subject key identifier: 0C:14:A9:B1:57:FC:93:E5:61:6B:7E:23:3A:B1:86:F1:91:D6:6B:9C Authority key identifier: 68:A0:CF:9A:6B:34:F3:4C:32:A2:14:F2:33:CF:66:6E:10:44:C0:02 Certificate issuer: /CN=68A0CF9A6B34F34C32A214F233CF666E1044C002 Certificate serial: 1844 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aKDPmms080wyohTyM89mbhBEwAI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/aKDPmms080wyohTyM89mbhBEwAI.mft Manifest number: 1844 Signing time: Wed 05 Nov 2025 20:12:20 +0000 Manifest this update: Wed 05 Nov 2025 20:12:20 +0000 Manifest next update: Thu 06 Nov 2025 02:12:20 +0000 Files and hashes: 1: aKDPmms080wyohTyM89mbhBEwAI.crl (hash: yZYT83JjKtvs78t75aw+9xoLy0pl7i4/G4JLK3yXUew=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/aKDPmms080wyohTyM89mbhBEwAI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/aKDPmms080wyohTyM89mbhBEwAI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aKDPmms080wyohTyM89mbhBEwAI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 00:13:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6212 (0x1844) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68A0CF9A6B34F34C32A214F233CF666E1044C002 Validity Not Before: Nov 5 20:12:20 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=0C14A9B157FC93E5616B7E233AB186F191D66B9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:be:03:98:94:a5:bd:2b:9e:32:47:e9:84:41: 2d:25:14:18:42:3f:b9:3e:c8:8a:d5:03:3e:12:26: ef:78:d6:f5:dc:ee:12:42:a0:bd:3b:67:3b:ff:9c: de:9b:59:8e:dc:c8:d8:97:c5:73:93:39:3b:5b:8a: a1:fe:13:47:76:82:b8:01:d8:59:39:30:bd:a8:74: 9f:a1:08:18:1a:fc:95:2d:ce:3a:5c:b1:3f:14:34: e1:03:00:55:e1:26:a4:e3:d1:23:c9:63:21:2f:62: cf:c1:e7:51:56:18:76:a8:2a:b4:86:68:d7:0b:99: 64:71:63:3f:33:42:56:16:ad:70:4c:9a:c5:18:8c: af:9e:14:28:fb:d0:8d:5e:c9:42:30:7c:2f:d4:44: 31:b0:e8:65:2e:d0:44:ff:7c:7d:9b:16:93:16:16: 29:20:59:4b:f7:60:66:da:95:63:4b:97:1e:63:b8: 5c:3f:f2:8e:2e:26:73:6d:b1:2f:c5:12:d3:7c:c4: e4:30:0f:6c:61:dd:71:bd:9f:e1:9e:c2:d9:08:f6: d1:a2:67:dc:a7:89:b6:7b:f1:2e:45:87:d9:74:1d: 8b:96:0b:57:91:f7:46:01:e7:7a:ce:48:7a:50:5d: 2e:72:f1:7e:e3:ca:e7:ec:cb:92:6a:1d:56:0d:a3: 7b:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:14:A9:B1:57:FC:93:E5:61:6B:7E:23:3A:B1:86:F1:91:D6:6B:9C X509v3 Authority Key Identifier: keyid:68:A0:CF:9A:6B:34:F3:4C:32:A2:14:F2:33:CF:66:6E:10:44:C0:02 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/aKDPmms080wyohTyM89mbhBEwAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aKDPmms080wyohTyM89mbhBEwAI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/aKDPmms080wyohTyM89mbhBEwAI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:87:8b:94:89:d7:7b:d3:77:0f:cf:ac:8c:81:76:9e:b8:75: e8:f8:85:74:28:71:62:78:69:c1:84:fd:5e:0a:45:17:e5:64: 09:cc:15:f2:af:09:cf:5f:06:0b:7a:3d:71:18:a2:29:d7:5e: b8:26:cf:c1:51:be:58:75:7d:45:d3:93:36:ef:ec:cb:da:1f: 88:5e:42:35:1b:d6:70:03:87:d6:e6:ab:74:8d:92:ae:7e:d7: 0a:14:94:a1:79:79:47:b8:6f:26:c2:4b:56:1d:78:98:ad:0c: b7:df:9b:91:6c:3a:52:59:9e:e5:7e:5b:53:b6:01:35:00:fe: fa:6b:92:27:01:54:ec:ba:af:19:b0:25:c4:e8:db:08:1a:dd: ae:78:95:98:2f:30:ce:39:c2:d1:65:df:3d:50:13:66:69:d7: 18:d5:7a:ca:1a:41:38:dd:dd:b0:45:33:3d:d2:38:a7:63:cb: 0b:99:5c:1e:ff:32:47:55:d0:1b:a3:0d:1e:43:37:f1:34:18: 6b:04:b1:b8:d4:03:cb:26:85:11:bd:75:1f:8e:a6:a3:87:84: 85:03:a8:d0:e0:0d:00:17:c8:41:a2:37:b1:f9:01:7f:6d:df: dc:5c:01:be:1a:c4:2a:1c:fd:27:04:3a:e7:85:df:32:96:48: 30:2a:d7:28 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjhB MENGOUE2QjM0RjM0QzMyQTIxNEYyMzNDRjY2NkUxMDQ0QzAwMjAeFw0yNTExMDUy MDEyMjBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDBDMTRBOUIxNTdGQzkz RTU2MTZCN0UyMzNBQjE4NkYxOTFENjZCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDavgOYlKW9K54yR+mEQS0lFBhCP7k+yIrVAz4SJu941vXc7hJC oL07Zzv/nN6bWY7cyNiXxXOTOTtbiqH+E0d2grgB2Fk5ML2odJ+hCBga/JUtzjpc sT8UNOEDAFXhJqTj0SPJYyEvYs/B51FWGHaoKrSGaNcLmWRxYz8zQlYWrXBMmsUY jK+eFCj70I1eyUIwfC/URDGw6GUu0ET/fH2bFpMWFikgWUv3YGbalWNLlx5juFw/ 8o4uJnNtsS/FEtN8xOQwD2xh3XG9n+GewtkI9tGiZ9ynibZ78S5Fh9l0HYuWC1eR 90YB53rOSHpQXS5y8X7jyufsy5JqHVYNo3u7AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDBSpsVf8k+Vha34jOrGG8ZHWa5wwHwYDVR0jBBgwFoAUaKDPmms080wyohTy M89mbhBEwAIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEw L2FLRFBtbXMwODB3eW9oVHlNODltYmhCRXdBSS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYUtEUG1tczA4MHd5b2hUeU04OW1iaEJFd0FJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEwL2FLRFBtbXMwODB3eW9o VHlNODltYmhCRXdBSS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCPh4uUidd703cPz6yMgXaeuHXo+IV0KHFieGnBhP1eCkUX5WQJzBXyrwnPXwYL ej1xGKIp1164Js/BUb5YdX1F05M27+zL2h+IXkI1G9ZwA4fW5qt0jZKuftcKFJSh eXlHuG8mwktWHXiYrQy335uRbDpSWZ7lfltTtgE1AP76a5InAVTsuq8ZsCXE6NsI Gt2ueJWYLzDOOcLRZd89UBNmadcY1XrKGkE43d2wRTM90jinY8sLmVwe/zJHVdAb ow0eQzfxNBhrBLG41APLJoURvXUfjqajh4SFA6jQ4A0AF8hBojex+QF/bd/cXAG+ GsQqHP0nBDrnhd8ylkgwKtco -----END CERTIFICATE-----Generated at Wed Nov 5 22:34:19 2025 by rpki-client