$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft File: zdnD6A790w6RIRaPwiqlCoVA3f8.mft (raw, json) Hash identifier: TBbV6eo0y7CRCMlbukDg7S74WyzbbkK6XP1VGYtmZO4= Subject key identifier: 18:A8:D9:43:81:90:4A:50:7E:3C:78:24:58:45:20:3A:C2:07:87:05 Authority key identifier: CD:D9:C3:E8:0E:FD:D3:0E:91:21:16:8F:C2:2A:A5:0A:85:40:DD:FF Certificate issuer: /CN=CDD9C3E80EFDD30E9121168FC22AA50A8540DDFF Certificate serial: 226E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zdnD6A790w6RIRaPwiqlCoVA3f8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft Manifest number: 226E Signing time: Wed 05 Nov 2025 15:12:24 +0000 Manifest this update: Wed 05 Nov 2025 15:12:24 +0000 Manifest next update: Wed 05 Nov 2025 21:12:24 +0000 Files and hashes: 1: zdnD6A790w6RIRaPwiqlCoVA3f8.crl (hash: GJAo93zkJDMza8LWvLXeel2/7kQZat6HRRlfMZATVpY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zdnD6A790w6RIRaPwiqlCoVA3f8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:12:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8814 (0x226e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDD9C3E80EFDD30E9121168FC22AA50A8540DDFF Validity Not Before: Nov 5 15:12:24 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=18A8D94381904A507E3C78245845203AC2078705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:3b:f5:af:e8:66:b2:be:d7:f0:c6:14:cc:d7: fd:4e:b1:f2:54:14:a0:87:1b:2c:92:4c:b9:de:93: 50:7a:a8:f7:d1:44:7a:a7:a1:bb:b7:45:7d:21:d9: 3e:fd:26:27:28:49:20:35:54:95:0f:19:7f:d3:8a: 08:d8:45:31:f7:5f:9e:37:36:84:76:6a:5a:76:0a: 0e:d2:37:d8:2d:ad:57:7c:bc:33:78:48:a8:15:c5: c7:2e:9e:d9:e0:a0:1c:fc:44:2e:02:73:94:5d:0e: 0a:ae:96:33:2c:87:2b:fb:b0:ee:f3:b6:be:6e:3d: 96:55:00:64:ef:b8:e3:40:09:da:66:7f:c9:df:de: dc:10:42:9c:5e:73:dc:d0:93:0f:3f:e2:55:63:b9: 5b:35:40:62:31:38:1c:0d:b5:9a:c6:5a:b7:fe:ec: 18:99:c6:5b:1d:34:60:a6:b5:cc:33:a3:87:dd:d5: 6b:bf:b4:80:59:fa:7d:c5:00:1a:39:5c:f8:33:d5: 20:45:d4:c1:d8:6e:75:d9:43:5b:26:80:a9:81:be: 1d:e1:97:9e:fb:0e:9c:78:f7:6d:af:02:24:9f:26: 6a:3f:26:09:2b:90:2e:56:fd:5d:8a:69:37:30:6a: 33:ab:92:ee:2f:1b:23:a8:34:e3:b8:de:ff:ae:df: 0e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:A8:D9:43:81:90:4A:50:7E:3C:78:24:58:45:20:3A:C2:07:87:05 X509v3 Authority Key Identifier: keyid:CD:D9:C3:E8:0E:FD:D3:0E:91:21:16:8F:C2:2A:A5:0A:85:40:DD:FF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zdnD6A790w6RIRaPwiqlCoVA3f8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:22:05:02:fa:7b:d2:8d:6a:97:cd:c2:65:2b:95:23:6e:9e: 73:e3:c1:95:e4:29:79:b2:31:93:1c:e2:df:82:e5:17:68:f9: df:9c:59:b2:47:14:92:ee:82:51:75:b5:73:ef:38:f5:92:be: 1a:74:60:91:94:ee:14:ba:4f:bc:5e:7b:f4:88:05:87:11:3a: b2:93:ef:63:ff:36:05:28:1d:0a:a8:78:dd:68:4f:c1:f0:93: e1:ac:2a:7d:e4:eb:86:74:d3:16:ad:1e:71:36:a4:92:c4:fd: 27:af:72:48:bb:a0:cd:4a:5f:40:77:93:ea:e5:13:2d:9a:fe: 8a:10:7e:43:cb:fd:c7:e1:2f:0f:1d:70:4a:82:51:c6:0a:6f: e1:ce:e7:86:e6:e2:4e:94:ed:8f:7e:70:05:2a:58:16:1a:14: 16:0b:5d:7a:01:dc:b1:3e:ed:50:ba:09:a0:56:99:65:3f:f8: 00:18:bd:c7:82:f5:f9:bf:28:47:a3:3d:0d:99:67:fb:1b:64: a0:04:8b:4e:94:16:80:a7:77:df:3d:17:6d:c2:5b:3e:f4:6b: ec:b0:1a:1a:c2:d7:3c:28:3c:4f:c4:13:84:1b:6c:ac:c9:eb: 9b:ec:8a:ef:b4:06:e4:83:d6:08:69:53:c9:1e:04:0e:87:ea: ce:05:f5:fa -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgICIm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RE OUMzRTgwRUZERDMwRTkxMjExNjhGQzIyQUE1MEE4NTQwRERGRjAeFw0yNTExMDUx NTEyMjRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE4QThEOTQzODE5MDRB NTA3RTNDNzgyNDU4NDUyMDNBQzIwNzg3MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmO/Wv6GayvtfwxhTM1/1OsfJUFKCHGyySTLnek1B6qPfRRHqn obu3RX0h2T79JicoSSA1VJUPGX/TigjYRTH3X543NoR2alp2Cg7SN9gtrVd8vDN4 SKgVxccuntngoBz8RC4Cc5RdDgquljMshyv7sO7ztr5uPZZVAGTvuONACdpmf8nf 3twQQpxec9zQkw8/4lVjuVs1QGIxOBwNtZrGWrf+7BiZxlsdNGCmtcwzo4fd1Wu/ tIBZ+n3FABo5XPgz1SBF1MHYbnXZQ1smgKmBvh3hl577Dpx4922vAiSfJmo/Jgkr kC5W/V2KaTcwajOrku4vGyOoNOO43v+u3w61AgMBAAGjggIGMIICAjAdBgNVHQ4E FgQUGKjZQ4GQSlB+PHgkWEUgOsIHhwUwHwYDVR0jBBgwFoAUzdnD6A790w6RIRaP wiqlCoVA3f8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvOC96 ZG5ENkE3OTB3NlJJUmFQd2lxbENvVkEzZjguY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL3pkbkQ2QTc5MHc2UklSYVB3aXFsQ29WQTNmOC5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzgvemRuRDZBNzkwdzZSSVJhUHdp cWxDb1ZBM2Y4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAKwi BQL6e9KNapfNwmUrlSNunnPjwZXkKXmyMZMc4t+C5Rdo+d+cWbJHFJLuglF1tXPv OPWSvhp0YJGU7hS6T7xee/SIBYcROrKT72P/NgUoHQqoeN1oT8Hwk+GsKn3k64Z0 0xatHnE2pJLE/Sevcki7oM1KX0B3k+rlEy2a/ooQfkPL/cfhLw8dcEqCUcYKb+HO 54bm4k6U7Y9+cAUqWBYaFBYLXXoB3LE+7VC6CaBWmWU/+AAYvceC9fm/KEejPQ2Z Z/sbZKAEi06UFoCnd989F23CWz70a+ywGhrC1zwoPE/EE4QbbKzJ65vsiu+0BuSD 1ghpU8keBA6H6s4F9fo= -----END CERTIFICATE-----Generated at Wed Nov 5 20:01:52 2025 by rpki-client