$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft File: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft (raw, json) Hash identifier: CJsHoAXU7POUXuqGjZnBag3OMZkWfMmmNvk8MbaMuUY= Subject key identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE Authority key identifier: 69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 Certificate issuer: /CN=697447C397D18C9E110B24E505C1146CF13EA871 Certificate serial: 8A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft Manifest number: 89 Signing time: Wed 05 Nov 2025 07:41:07 +0000 Manifest this update: Wed 05 Nov 2025 07:41:07 +0000 Manifest next update: Wed 05 Nov 2025 13:41:07 +0000 Files and hashes: 1: BZUi2Cy-x-5xY8XLQ7H-sa3JIuI.roa (hash: r4NPIAsWOPVI4/TlBnHCHN0/vB3fsl6rRgv0C6aogiE=) 2: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl (hash: D92DVHB8GeR08FlEeNeeJ8j5tq7T6hueWxU5pN9zuFo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 13:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 138 (0x8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=697447C397D18C9E110B24E505C1146CF13EA871 Validity Not Before: Nov 5 07:41:07 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=AA54C733A646C84D43400EF5B3B5FE12DF33E3CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:f4:45:c8:e1:99:dc:ac:f8:b0:ab:32:f1: ec:35:60:05:c1:82:85:2a:68:82:d4:ce:52:46:71: df:ff:e3:66:54:ed:49:c4:c0:a8:e2:b7:d5:49:a2: f6:aa:aa:ca:24:79:c9:3f:7c:88:59:e6:b3:37:b9: 95:fb:98:63:34:0b:d2:a0:8c:b0:19:73:71:3a:bf: a5:b8:31:77:d3:16:14:3c:4a:26:e2:ab:4b:00:d4: ef:ae:07:ee:49:34:7c:d3:28:4c:44:47:97:7a:24: e0:dc:e8:51:bf:1b:10:74:c1:05:45:09:11:73:9d: 40:cf:c3:82:09:97:11:12:9f:89:af:f1:9f:16:f1: 0b:6f:60:17:70:07:7f:af:9b:67:58:22:e4:13:26: 7d:42:a0:eb:48:55:9f:55:bc:0e:40:5e:aa:a0:80: 64:65:f7:c0:7e:88:55:98:8d:bd:13:90:59:54:10: 34:50:03:45:73:b3:4d:40:15:9c:28:aa:fc:88:a7: c5:e6:35:82:8f:fc:90:48:77:d7:16:14:70:16:9d: d7:38:43:89:0f:d7:4b:17:d5:25:53:9b:0a:6c:b2: bd:08:f4:49:2f:16:d4:24:63:2d:9c:db:1d:56:18: 8b:bf:92:fb:e5:da:38:c1:ac:5c:a1:67:f7:e0:2f: c8:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE X509v3 Authority Key Identifier: keyid:69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:69:3b:8f:8a:07:3c:7e:f0:82:a9:01:a3:f6:9f:29:40:cf: 8c:14:31:95:8e:41:f9:a2:ea:e9:60:41:94:69:ea:30:74:db: ff:e9:fd:c4:e2:99:07:3c:01:99:ac:3c:8e:1f:78:95:7e:24: d4:d5:54:2f:fd:05:6f:a9:d1:4d:1a:28:27:02:8b:cf:a8:2c: fe:d2:02:d7:2f:39:cc:86:d9:da:c8:dc:e2:9f:cd:90:28:4b: c5:80:51:94:79:c7:21:55:47:be:ba:2c:e5:15:5e:35:64:f3: 14:8f:df:77:26:01:80:bf:79:33:60:3b:d3:07:b5:a5:47:ae: 59:b9:b3:55:00:18:29:e1:73:7c:e3:fd:2d:9b:3b:c9:1d:ac: 14:14:04:be:6c:7c:ee:b6:b9:69:f0:e0:3c:9b:df:64:24:d6: dc:17:ce:34:f9:15:74:07:8b:47:a2:f0:a4:94:bc:b7:08:e3: 73:53:2b:35:77:5c:69:3b:cf:e4:f0:e7:2e:5d:1e:46:c7:bb: ca:bf:69:7c:7a:36:bf:a0:e1:da:ea:06:79:a8:3c:f7:1c:e2: 38:fe:08:42:f5:19:27:99:a6:4a:f8:17:de:bd:ba:a6:c0:83: 7b:a0:e9:79:e5:6a:1c:d4:28:51:11:41:93:cc:14:11:87:84: 07:0b:34:d1 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICAIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk3 NDQ3QzM5N0QxOEM5RTExMEIyNEU1MDVDMTE0NkNGMTNFQTg3MTAeFw0yNTExMDUw NzQxMDdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEFBNTRDNzMzQTY0NkM4 NEQ0MzQwMEVGNUIzQjVGRTEyREYzM0UzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIGfRFyOGZ3Kz4sKsy8ew1YAXBgoUqaILUzlJGcd//42ZU7UnE wKjit9VJovaqqsokeck/fIhZ5rM3uZX7mGM0C9KgjLAZc3E6v6W4MXfTFhQ8Sibi q0sA1O+uB+5JNHzTKExER5d6JODc6FG/GxB0wQVFCRFznUDPw4IJlxESn4mv8Z8W 8QtvYBdwB3+vm2dYIuQTJn1CoOtIVZ9VvA5AXqqggGRl98B+iFWYjb0TkFlUEDRQ A0Vzs01AFZwoqvyIp8XmNYKP/JBId9cWFHAWndc4Q4kP10sX1SVTmwpssr0I9Ekv FtQkYy2c2x1WGIu/kvvl2jjBrFyhZ/fgL8h9AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUqlTHM6ZGyE1DQA71s7X+Et8z484wHwYDVR0jBBgwFoAUaXRHw5fRjJ4RCyTl BcEUbPE+qHEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMx L2FYUkh3NWZSako0UkN5VGxCY0VVYlBFLXFIRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYVhSSHc1ZlJqSjRSQ3lUbEJjRVViUEUtcUhFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMxL2FYUkh3NWZSako0UkN5 VGxCY0VVYlBFLXFIRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAraTuPigc8fvCCqQGj9p8pQM+MFDGVjkH5ourpYEGUaeowdNv/6f3E4pkHPAGZ rDyOH3iVfiTU1VQv/QVvqdFNGignAovPqCz+0gLXLznMhtnayNzin82QKEvFgFGU ecchVUe+uizlFV41ZPMUj993JgGAv3kzYDvTB7WlR65ZubNVABgp4XN84/0tmzvJ HawUFAS+bHzutrlp8OA8m99kJNbcF840+RV0B4tHovCklLy3CONzUys1d1xpO8/k 8OcuXR5Gx7vKv2l8eja/oOHa6gZ5qDz3HOI4/ghC9RknmaZK+BfevbqmwIN7oOl5 5Woc1ChREUGTzBQRh4QHCzTR -----END CERTIFICATE-----Generated at Wed Nov 5 12:43:04 2025 by rpki-client