$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft (raw, json) Hash identifier: tCy/z/v6rVl8hpGyaw6kBX6Cy0Eb+j2HCUwoBE2ZqfQ= Subject key identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50 Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Certificate serial: 0616 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft Manifest number: 0614 Signing time: Wed 05 Nov 2025 15:14:53 +0000 Manifest this update: Wed 05 Nov 2025 15:14:53 +0000 Manifest next update: Wed 05 Nov 2025 21:14:53 +0000 Files and hashes: 1: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl (hash: 5GWzxHQLGUu5TUOmaWMJdKBICJOyZcWBsokEDIAqXmQ=) 2: 4rIKi71cnPKiZ6le-I8T__5k1N4.roa (hash: tNGI77V6KgBy/gmuuKH73UZZqJT4nL9iHPvyEDnpdTU=) 3: NENwW-YjXqfqZoRO7e6IVtyfJno.roa (hash: shhp8XTqqPaxGVCmML4kyHBJcfox3b9DaUPiLypqy38=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:14:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1558 (0x616) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Validity Not Before: Nov 5 15:14:53 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=DB95FB8737A881A696B5CDC72CC288908BE41D50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e9:7d:c0:59:21:5f:82:8b:b4:e8:c7:3a:d8: ad:f4:27:ab:b2:5e:43:7d:45:18:3d:70:51:e1:fc: 6c:0e:7d:48:91:30:42:39:d5:ce:a6:ff:f9:8f:60: b1:49:8d:39:1e:f1:4e:54:f5:2c:ee:3c:bb:8d:11: 17:af:8f:ce:09:4c:47:59:d5:a6:35:73:48:c7:5e: 33:39:dc:c0:64:58:a1:eb:5f:d5:67:6a:58:9e:37: 34:57:4d:d8:ec:a3:a4:51:85:f4:ba:18:f6:0d:98: bf:0e:d3:2a:22:ed:ce:5d:ee:71:18:80:ae:9d:a2: 9c:dc:58:bc:a9:2f:83:e5:b6:b7:3e:aa:ad:db:85: 2a:c2:f6:a6:b7:98:11:91:e4:6e:9b:ea:02:52:10: e7:f8:4a:cd:91:9b:47:0f:3c:aa:88:25:be:d2:12: 90:3f:ce:f8:a1:cd:d4:0c:a0:54:0b:71:59:1b:88: b3:91:84:2c:2a:67:68:5d:7b:4f:dd:5f:05:bc:74: 42:b9:73:00:90:c5:44:0e:c9:66:4b:90:75:50:6c: d2:29:c5:48:85:ff:bf:87:81:fb:6f:ac:61:cc:e1: b4:5e:a4:1d:a4:d6:57:55:9b:68:0b:67:8a:05:e6: ac:19:ec:7d:9b:51:c9:52:1d:aa:e3:54:71:23:61: 49:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50 X509v3 Authority Key Identifier: keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:0d:b6:b7:e4:38:dd:3c:a6:a8:89:7b:2b:e2:8e:2b:6f:5e: 5c:a5:f1:58:7c:36:9a:21:7a:6e:88:52:d1:ab:f0:45:c4:09: 6b:f7:06:ef:73:5b:a3:7b:db:b9:ba:f1:c2:d6:e0:48:08:64: 21:e5:ca:9f:c0:e0:7d:8e:1b:66:72:01:1c:80:ac:59:f4:f6: 04:0d:29:07:76:4b:9c:6d:89:31:dd:69:d6:8b:24:4c:18:89: 43:eb:92:ef:f8:5e:11:09:d1:ea:b4:03:42:06:c2:dc:9d:e9: 1e:ab:e1:dd:b6:41:ae:73:d8:32:f3:3f:5d:de:23:f3:60:8c: 57:79:94:e6:6e:0d:c1:eb:09:f4:81:3c:b8:10:ae:80:de:06: 1b:8e:f8:8d:e4:11:e1:19:05:0f:b0:89:49:63:46:b9:8c:82: ed:a5:2a:35:40:74:02:50:bc:49:6d:4f:3b:52:df:d7:d3:07: 3f:e9:b9:5a:97:af:ad:38:e7:46:70:37:0c:42:13:f6:aa:b0: 1a:5e:2c:28:e6:12:dd:e4:84:bf:94:e0:00:1c:a8:0c:19:99: 16:92:fb:00:b1:89:55:39:e6:ce:9e:d5:35:b9:68:b9:bf:ac: 31:f9:01:d2:e6:05:1d:4b:40:94:45:eb:47:8d:11:f4:33:a6: 68:ae:d4:5f -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgICBhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNTExMDUx NTE0NTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERCOTVGQjg3MzdBODgx QTY5NkI1Q0RDNzJDQzI4ODkwOEJFNDFENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH6X3AWSFfgou06Mc62K30J6uyXkN9RRg9cFHh/GwOfUiRMEI5 1c6m//mPYLFJjTke8U5U9SzuPLuNERevj84JTEdZ1aY1c0jHXjM53MBkWKHrX9Vn alieNzRXTdjso6RRhfS6GPYNmL8O0yoi7c5d7nEYgK6dopzcWLypL4Pltrc+qq3b hSrC9qa3mBGR5G6b6gJSEOf4Ss2Rm0cPPKqIJb7SEpA/zvihzdQMoFQLcVkbiLOR hCwqZ2hde0/dXwW8dEK5cwCQxUQOyWZLkHVQbNIpxUiF/7+HgftvrGHM4bRepB2k 1ldVm2gLZ4oF5qwZ7H2bUclSHarjVHEjYUm7AgMBAAGjggIIMIICBDAdBgNVHQ4E FgQU25X7hzeogaaWtc3HLMKIkIvkHVAwHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8yaDJyN1BHVVhmOVR0aURn dHNRUTZSNUVjYkUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA NA22t+Q43TymqIl7K+KOK29eXKXxWHw2miF6bohS0avwRcQJa/cG73Nbo3vbubrx wtbgSAhkIeXKn8DgfY4bZnIBHICsWfT2BA0pB3ZLnG2JMd1p1oskTBiJQ+uS7/he EQnR6rQDQgbC3J3pHqvh3bZBrnPYMvM/Xd4j82CMV3mU5m4NwesJ9IE8uBCugN4G G474jeQR4RkFD7CJSWNGuYyC7aUqNUB0AlC8SW1PO1Lf19MHP+m5WpevrTjnRnA3 DEIT9qqwGl4sKOYS3eSEv5TgAByoDBmZFpL7ALGJVTnmzp7VNbloub+sMfkB0uYF HUtAlEXrR40R9DOmaK7UXw== -----END CERTIFICATE-----Generated at Wed Nov 5 19:48:22 2025 by rpki-client