$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft File: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft (raw, json) Hash identifier: btsDX3amRXB0haIV7lnh5IciW9fZsVbjWWKG4Tp1VH8= Subject key identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 Authority key identifier: 0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 Certificate issuer: /CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Certificate serial: 1F62 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft Manifest number: 1F62 Signing time: Wed 05 Nov 2025 15:12:51 +0000 Manifest this update: Wed 05 Nov 2025 15:12:51 +0000 Manifest next update: Wed 05 Nov 2025 21:12:51 +0000 Files and hashes: 1: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl (hash: Aq1pMfiTon1uvwHZxTX3JFKSNkhSx1CbsPJsYNYSA2A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:12:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8034 (0x1f62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Validity Not Before: Nov 5 15:12:51 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=5C648233F6748FCBACF142D46BE96E4F03962A68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fe:be:28:bc:e8:92:51:ab:b2:1b:df:f9:86: 30:13:3c:b6:06:e1:aa:a8:65:99:2d:88:d4:d5:a3: 2c:7b:4d:1d:c6:03:6e:7b:0a:f9:be:24:d6:f4:e1: 6e:b9:73:f2:b9:37:30:dd:bc:a8:a5:ab:65:f0:72: ce:42:40:b2:e4:57:09:70:ba:f6:02:ea:c4:5b:d3: 78:b0:f9:45:c2:43:eb:e5:6f:6f:ac:b9:71:a8:5f: 86:fb:bc:5a:40:fc:e7:34:21:96:7f:e9:53:a3:49: 69:21:42:4d:0e:f2:ec:b0:48:6c:4f:93:67:97:fc: 45:86:cd:e4:3b:13:a9:a7:46:9a:32:8c:44:3f:84: 21:18:21:86:30:e6:71:31:cc:47:0d:d7:8b:7c:a8: 9e:7d:70:74:56:4b:6c:92:9d:51:24:b9:7f:61:7f: 28:b6:69:8b:fe:29:be:33:2f:2a:87:b1:e5:76:a7: 8f:a3:72:7f:6d:e1:bf:8d:71:1b:dd:91:73:92:16: 3b:17:a6:7c:eb:47:39:aa:2b:65:0f:d0:94:82:33: 90:37:f4:32:d0:8c:72:86:17:12:4b:74:82:9b:32: 07:93:12:3b:c7:c5:84:c2:2f:71:47:aa:af:cc:4d: 17:7d:17:2f:12:e8:cb:84:ed:de:fd:d4:e1:03:45: 7b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 X509v3 Authority Key Identifier: keyid:0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:8b:e3:3d:3b:19:fe:23:9a:3f:33:eb:45:67:3d:d8:59:61: 19:7b:55:44:39:15:ed:d9:7d:ff:60:87:c4:14:27:6e:0a:a0: 2b:2a:82:81:a4:f9:bd:0b:cc:55:3f:32:04:12:46:7c:1f:8d: 51:6b:1c:77:b9:8e:1f:62:1a:16:8d:85:64:63:d2:26:c8:ed: 55:ea:f0:45:a8:17:71:9f:75:08:b8:92:a2:ef:1f:76:8f:de: b7:e2:55:b5:d1:f4:b9:8c:36:3e:5a:3d:44:39:28:54:d1:47: 86:a1:77:b7:ee:34:89:65:a0:e4:e9:73:e5:a4:f9:75:60:74: 85:28:2e:8c:20:18:fd:7f:a4:da:8c:c1:77:72:54:40:e3:4c: 6f:44:2e:0f:a6:49:8b:b2:2f:f5:c1:80:03:3a:ec:ff:b2:31: 0e:79:4d:d4:a9:52:61:37:36:c3:ee:d7:2d:08:64:4e:33:a6: b4:ab:1b:4a:39:7f:07:11:46:a8:f9:a0:18:87:c8:8e:8a:ea: ed:98:2f:60:ae:4d:0d:b3:61:dd:34:53:51:5e:1a:cd:9a:7a: 6f:21:01:02:21:8f:82:c6:28:db:f1:96:3d:38:20:32:65:08: ae:4e:58:10:e0:c9:ba:0a:e8:73:33:8d:ae:37:db:46:11:4d: a7:f4:10:ea -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICH2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ0 QTNCNjIxNDA3OENBNDhFNjZGM0I4QzU0RjFDNUZEQkM5REU3NDAeFw0yNTExMDUx NTEyNTFaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDVDNjQ4MjMzRjY3NDhG Q0JBQ0YxNDJENDZCRTk2RTRGMDM5NjJBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe/r4ovOiSUauyG9/5hjATPLYG4aqoZZktiNTVoyx7TR3GA257 Cvm+JNb04W65c/K5NzDdvKilq2Xwcs5CQLLkVwlwuvYC6sRb03iw+UXCQ+vlb2+s uXGoX4b7vFpA/Oc0IZZ/6VOjSWkhQk0O8uywSGxPk2eX/EWGzeQ7E6mnRpoyjEQ/ hCEYIYYw5nExzEcN14t8qJ59cHRWS2ySnVEkuX9hfyi2aYv+Kb4zLyqHseV2p4+j cn9t4b+NcRvdkXOSFjsXpnzrRzmqK2UP0JSCM5A39DLQjHKGFxJLdIKbMgeTEjvH xYTCL3FHqq/MTRd9Fy8S6MuE7d791OEDRXvdAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUXGSCM/Z0j8us8ULUa+luTwOWKmgwHwYDVR0jBBgwFoAUDUo7YhQHjKSOZvO4 xU8cX9vJ3nQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1 L0RVbzdZaFFIaktTT1p2TzR4VThjWDl2SjNuUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRFVvN1loUUhqS1NPWnZPNHhVOGNYOXZKM25RLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0RVbzdZaFFIaktTT1p2 TzR4VThjWDl2SjNuUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCBi+M9Oxn+I5o/M+tFZz3YWWEZe1VEORXt2X3/YIfEFCduCqArKoKBpPm9C8xV PzIEEkZ8H41Raxx3uY4fYhoWjYVkY9ImyO1V6vBFqBdxn3UIuJKi7x92j9634lW1 0fS5jDY+Wj1EOShU0UeGoXe37jSJZaDk6XPlpPl1YHSFKC6MIBj9f6TajMF3clRA 40xvRC4PpkmLsi/1wYADOuz/sjEOeU3UqVJhNzbD7tctCGROM6a0qxtKOX8HEUao +aAYh8iOiurtmC9grk0Ns2HdNFNRXhrNmnpvIQECIY+Cxijb8ZY9OCAyZQiuTlgQ 4Mm6CuhzM42uN9tGEU2n9BDq -----END CERTIFICATE-----Generated at Wed Nov 5 20:09:23 2025 by rpki-client