$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft File: iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft (raw, json) Hash identifier: O0lc1zp8Q0+o6JPFCC5k9twchuqDfDd2JtVp2ZptGWU= Subject key identifier: 0C:CE:83:A6:2E:1F:1D:A8:1C:E2:49:FC:3F:C4:BF:44:37:2A:FF:AC Authority key identifier: 88:A4:08:EE:B5:D3:A6:FE:2C:B9:28:C5:0C:9F:B6:80:2F:90:26:7F Certificate issuer: /CN=88A408EEB5D3A6FE2CB928C50C9FB6802F90267F Certificate serial: 0295 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iKQI7rXTpv4suSjFDJ-2gC-QJn8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft Manifest number: 0291 Signing time: Sun 01 Mar 2026 23:58:18 +0000 Manifest this update: Sun 01 Mar 2026 23:58:18 +0000 Manifest next update: Mon 02 Mar 2026 05:58:18 +0000 Files and hashes: 1: 0tXJhjrShCOZ_hSYp5KXxrxILYg.roa (hash: P4zzpwHv35P8/ZqKhNk96zu1Bs0VO0U5hO26cVsDcxA=) 2: 99HRwhw6tal7rDmw-PFDo59JioM.roa (hash: T7qj9RdduCmFelHSSIKeK8dbeOUk57gZ9sZGu20s13s=) 3: SZVv0d8wmaj2M9td0BSd4841GMs.roa (hash: WIihbieqLoWkrNlubEmmUEkPBvTK3qRwJxS+f+cCACY=) 4: UXY-RYaZHgTYhXJhGXXf96toWwE.roa (hash: m8GqULFjpNYHqvAai/zNQGo0eznqvOaJ5lpdYuPHNIE=) 5: iKQI7rXTpv4suSjFDJ-2gC-QJn8.crl (hash: gBaaWZtxVd8DotQXsLyss9AGI/KLzd5tn0ezkjdEQRM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iKQI7rXTpv4suSjFDJ-2gC-QJn8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 05:58:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 661 (0x295) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88A408EEB5D3A6FE2CB928C50C9FB6802F90267F Validity Not Before: Mar 1 23:58:18 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=0CCE83A62E1F1DA81CE249FC3FC4BF44372AFFAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c6:c5:ba:fd:1a:8b:17:a4:7c:81:9d:e5:b8: ab:85:f0:6e:ee:31:c7:86:ee:67:17:09:de:b7:93: 58:90:43:ce:02:73:6b:99:05:ea:0a:69:10:50:8d: 9f:ae:6e:2d:7c:ab:a4:84:7c:e3:0b:59:99:61:e0: 63:6f:fc:54:5d:04:e8:b2:cc:9e:03:05:1c:8a:e2: 70:da:13:33:da:9d:f9:e3:0d:52:3d:75:76:6c:8a: 50:eb:2c:ca:c9:e2:31:18:eb:ab:40:9f:60:32:02: 84:31:a2:e0:62:c0:79:ba:a6:77:7a:de:9d:b1:0d: a8:8b:3a:36:78:32:51:6b:c0:3e:1d:4d:3a:61:2c: 9b:ed:3a:49:ed:06:99:5c:4a:5b:63:01:a3:ad:1f: 1e:56:21:8c:b2:4f:d3:86:6e:b2:1c:42:31:51:42: 56:15:b8:be:2b:db:e1:16:f0:89:f5:0a:37:14:08: 20:09:d6:17:79:6e:3b:78:bc:ab:e1:ba:5a:af:71: 59:f4:d4:39:6c:e1:8c:34:1d:fa:b3:00:cf:c0:71: d0:71:10:b2:fc:47:20:46:70:c3:d8:3b:a3:4a:fe: f1:cf:6a:6a:75:3d:96:d9:03:b0:e0:ee:6c:be:62: 54:b7:81:9a:82:f5:f5:b2:a4:d6:0d:a8:20:14:a6: 19:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CE:83:A6:2E:1F:1D:A8:1C:E2:49:FC:3F:C4:BF:44:37:2A:FF:AC X509v3 Authority Key Identifier: keyid:88:A4:08:EE:B5:D3:A6:FE:2C:B9:28:C5:0C:9F:B6:80:2F:90:26:7F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iKQI7rXTpv4suSjFDJ-2gC-QJn8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:68:2b:25:0e:a2:db:db:14:91:2d:1a:61:47:28:22:2c:21: ac:49:80:68:49:13:a6:7b:14:0d:08:92:5b:ee:3f:50:17:65: 8e:1d:e9:4a:39:04:a5:43:2b:a2:c2:9d:17:37:1f:0a:a9:20: 1f:b6:0a:1c:8f:49:71:c6:1f:1f:10:bf:3a:64:1f:7d:73:b6: c7:a6:08:82:5d:f3:a9:80:29:16:63:18:3a:9c:4a:93:26:dd: 21:da:1b:81:ac:aa:5a:d6:67:51:df:49:5d:e8:fa:db:33:24: 2c:f4:c2:20:b6:e2:03:8a:fa:ab:9c:92:c5:d5:56:8c:a1:72: f4:7d:f9:90:3d:49:67:13:c0:46:eb:dd:b3:6f:a0:ac:0d:a0: 76:c6:1b:b1:9d:04:19:0b:11:b4:1c:04:82:fa:de:2a:77:28: 62:51:29:d2:ae:2f:1f:08:2c:63:17:28:f2:7c:5a:4e:bb:d4: 96:1e:97:ae:4a:2e:ad:7b:59:15:30:fd:0b:44:9e:19:d3:28: b1:11:9e:07:54:90:b1:ae:c7:81:18:4e:b3:83:76:e0:ea:e5: 4b:d6:42:af:61:86:95:b5:2e:0a:9e:31:6f:51:a8:8f:14:41: 63:c7:a2:26:a4:da:15:7f:01:11:60:36:52:9b:14:71:d1:88: fd:72:b8:f2 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICApUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODhB NDA4RUVCNUQzQTZGRTJDQjkyOEM1MEM5RkI2ODAyRjkwMjY3RjAeFw0yNjAzMDEy MzU4MThaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBDQ0U4M0E2MkUxRjFE QTgxQ0UyNDlGQzNGQzRCRjQ0MzcyQUZGQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPxsW6/RqLF6R8gZ3luKuF8G7uMceG7mcXCd63k1iQQ84Cc2uZ BeoKaRBQjZ+ubi18q6SEfOMLWZlh4GNv/FRdBOiyzJ4DBRyK4nDaEzPanfnjDVI9 dXZsilDrLMrJ4jEY66tAn2AyAoQxouBiwHm6pnd63p2xDaiLOjZ4MlFrwD4dTTph LJvtOkntBplcSltjAaOtHx5WIYyyT9OGbrIcQjFRQlYVuL4r2+EW8In1CjcUCCAJ 1hd5bjt4vKvhulqvcVn01Dls4Yw0HfqzAM/AcdBxELL8RyBGcMPYO6NK/vHPamp1 PZbZA7Dg7my+YlS3gZqC9fWypNYNqCAUphlPAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDM6Dpi4fHagc4kn8P8S/RDcq/6wwHwYDVR0jBBgwFoAUiKQI7rXTpv4suSjF DJ+2gC+QJn8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ2 L2lLUUk3clhUcHY0c3VTakZESi0yZ0MtUUpuOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaUtRSTdyWFRwdjRzdVNqRkRKLTJnQy1RSm44LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ2L2lLUUk3clhUcHY0c3VT akZESi0yZ0MtUUpuOC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBlaCslDqLb2xSRLRphRygiLCGsSYBoSROmexQNCJJb7j9QF2WOHelKOQSlQyui wp0XNx8KqSAftgocj0lxxh8fEL86ZB99c7bHpgiCXfOpgCkWYxg6nEqTJt0h2huB rKpa1mdR30ld6PrbMyQs9MIgtuIDivqrnJLF1VaMoXL0ffmQPUlnE8BG692zb6Cs DaB2xhuxnQQZCxG0HASC+t4qdyhiUSnSri8fCCxjFyjyfFpOu9SWHpeuSi6te1kV MP0LRJ4Z0yixEZ4HVJCxrseBGE6zg3bg6uVL1kKvYYaVtS4KnjFvUaiPFEFjx6Im pNoVfwERYDZSmxRx0Yj9crjy -----END CERTIFICATE-----Generated at Mon Mar 2 05:38:15 2026 by rpki-client