$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft File: iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft (raw, json) Hash identifier: I4E5IKCMl0Nq+Sm4dBKV5d1KvlSCnsf+GE2Fj8SbZJs= Subject key identifier: 0C:CE:83:A6:2E:1F:1D:A8:1C:E2:49:FC:3F:C4:BF:44:37:2A:FF:AC Authority key identifier: 88:A4:08:EE:B5:D3:A6:FE:2C:B9:28:C5:0C:9F:B6:80:2F:90:26:7F Certificate issuer: /CN=88A408EEB5D3A6FE2CB928C50C9FB6802F90267F Certificate serial: 56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iKQI7rXTpv4suSjFDJ-2gC-QJn8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft Manifest number: 52 Signing time: Wed 05 Nov 2025 19:42:00 +0000 Manifest this update: Wed 05 Nov 2025 19:42:00 +0000 Manifest next update: Thu 06 Nov 2025 01:42:00 +0000 Files and hashes: 1: 0tXJhjrShCOZ_hSYp5KXxrxILYg.roa (hash: P4zzpwHv35P8/ZqKhNk96zu1Bs0VO0U5hO26cVsDcxA=) 2: 99HRwhw6tal7rDmw-PFDo59JioM.roa (hash: T7qj9RdduCmFelHSSIKeK8dbeOUk57gZ9sZGu20s13s=) 3: SZVv0d8wmaj2M9td0BSd4841GMs.roa (hash: WIihbieqLoWkrNlubEmmUEkPBvTK3qRwJxS+f+cCACY=) 4: UXY-RYaZHgTYhXJhGXXf96toWwE.roa (hash: m8GqULFjpNYHqvAai/zNQGo0eznqvOaJ5lpdYuPHNIE=) 5: iKQI7rXTpv4suSjFDJ-2gC-QJn8.crl (hash: IvjGzsF1XurPJO2NrbT+wrY0s7fzZelet88lmqCaBRo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iKQI7rXTpv4suSjFDJ-2gC-QJn8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:42:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 86 (0x56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88A408EEB5D3A6FE2CB928C50C9FB6802F90267F Validity Not Before: Nov 5 19:42:00 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=0CCE83A62E1F1DA81CE249FC3FC4BF44372AFFAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c6:c5:ba:fd:1a:8b:17:a4:7c:81:9d:e5:b8: ab:85:f0:6e:ee:31:c7:86:ee:67:17:09:de:b7:93: 58:90:43:ce:02:73:6b:99:05:ea:0a:69:10:50:8d: 9f:ae:6e:2d:7c:ab:a4:84:7c:e3:0b:59:99:61:e0: 63:6f:fc:54:5d:04:e8:b2:cc:9e:03:05:1c:8a:e2: 70:da:13:33:da:9d:f9:e3:0d:52:3d:75:76:6c:8a: 50:eb:2c:ca:c9:e2:31:18:eb:ab:40:9f:60:32:02: 84:31:a2:e0:62:c0:79:ba:a6:77:7a:de:9d:b1:0d: a8:8b:3a:36:78:32:51:6b:c0:3e:1d:4d:3a:61:2c: 9b:ed:3a:49:ed:06:99:5c:4a:5b:63:01:a3:ad:1f: 1e:56:21:8c:b2:4f:d3:86:6e:b2:1c:42:31:51:42: 56:15:b8:be:2b:db:e1:16:f0:89:f5:0a:37:14:08: 20:09:d6:17:79:6e:3b:78:bc:ab:e1:ba:5a:af:71: 59:f4:d4:39:6c:e1:8c:34:1d:fa:b3:00:cf:c0:71: d0:71:10:b2:fc:47:20:46:70:c3:d8:3b:a3:4a:fe: f1:cf:6a:6a:75:3d:96:d9:03:b0:e0:ee:6c:be:62: 54:b7:81:9a:82:f5:f5:b2:a4:d6:0d:a8:20:14:a6: 19:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CE:83:A6:2E:1F:1D:A8:1C:E2:49:FC:3F:C4:BF:44:37:2A:FF:AC X509v3 Authority Key Identifier: keyid:88:A4:08:EE:B5:D3:A6:FE:2C:B9:28:C5:0C:9F:B6:80:2F:90:26:7F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iKQI7rXTpv4suSjFDJ-2gC-QJn8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/846/iKQI7rXTpv4suSjFDJ-2gC-QJn8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:7c:ca:a2:1f:ec:85:12:9c:c6:9a:ac:45:1f:9c:80:5e:77: d8:b0:40:50:26:e7:6d:7a:31:e5:bd:67:8d:b5:33:ab:23:59: 2b:5b:f5:96:aa:12:74:31:3a:03:69:4a:25:86:4c:5d:dd:7d: 7e:bf:2f:5f:56:cc:12:57:fc:18:db:4c:ad:3a:d7:72:ef:da: c7:12:d5:77:43:1e:9c:2b:09:80:81:91:e1:9b:2a:dd:cc:96: 04:e5:b3:79:54:b4:8d:44:d0:82:79:1e:bb:26:51:4f:1a:b1: 38:62:72:ae:53:dd:01:34:c6:be:b4:ed:5a:c5:fc:12:5b:95: ab:ba:58:5f:cc:16:3e:f0:9d:68:ab:b0:32:04:fe:71:a0:c7: 23:21:c8:1a:bf:7b:0e:1d:c9:95:bb:62:ab:49:9e:95:41:b5: 4c:1d:13:50:60:2c:01:0d:bb:4d:34:53:fb:84:db:88:fc:1b: 74:02:47:50:87:bc:4f:4b:f3:41:29:ea:ae:a1:ed:d0:35:6c: 1d:68:9a:80:c4:6f:ff:60:7b:e7:cb:06:de:55:3c:0c:5b:ad: 5a:1a:b0:30:67:dd:86:36:2b:78:d0:63:17:ac:42:75:61:95: a2:81:70:b2:30:7d:7a:f4:b5:5a:c3:50:33:4f:28:16:b6:fc: b6:ce:2d:13 -----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgIBVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4OEE0 MDhFRUI1RDNBNkZFMkNCOTI4QzUwQzlGQjY4MDJGOTAyNjdGMB4XDTI1MTEwNTE5 NDIwMFoXDTI2MTAyMzAzMDEwM1owMzExMC8GA1UEAxMoMENDRTgzQTYyRTFGMURB ODFDRTI0OUZDM0ZDNEJGNDQzNzJBRkZBQzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAM/Gxbr9GosXpHyBneW4q4Xwbu4xx4buZxcJ3reTWJBDzgJza5kF 6gppEFCNn65uLXyrpIR84wtZmWHgY2/8VF0E6LLMngMFHIricNoTM9qd+eMNUj11 dmyKUOssysniMRjrq0CfYDIChDGi4GLAebqmd3renbENqIs6NngyUWvAPh1NOmEs m+06Se0GmVxKW2MBo60fHlYhjLJP04ZushxCMVFCVhW4vivb4RbwifUKNxQIIAnW F3luO3i8q+G6Wq9xWfTUOWzhjDQd+rMAz8Bx0HEQsvxHIEZww9g7o0r+8c9qanU9 ltkDsODubL5iVLeBmoL19bKk1g2oIBSmGU8CAwEAAaOCAgowggIGMB0GA1UdDgQW BBQMzoOmLh8dqBziSfw/xL9ENyr/rDAfBgNVHSMEGDAWgBSIpAjutdOm/iy5KMUM n7aAL5AmfzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC84NDYv aUtRSTdyWFRwdjRzdVNqRkRKLTJnQy1RSm44LmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9pS1FJN3JYVHB2NHN1U2pGREotMmdDLVFKbjguY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC84NDYvaUtRSTdyWFRwdjRzdVNq RkRKLTJnQy1RSm44Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsG AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEB ALR8yqIf7IUSnMaarEUfnIBed9iwQFAm5216MeW9Z421M6sjWStb9ZaqEnQxOgNp SiWGTF3dfX6/L19WzBJX/BjbTK0613Lv2scS1XdDHpwrCYCBkeGbKt3MlgTls3lU tI1E0IJ5HrsmUU8asThicq5T3QE0xr607VrF/BJblau6WF/MFj7wnWirsDIE/nGg xyMhyBq/ew4dyZW7YqtJnpVBtUwdE1BgLAENu000U/uE24j8G3QCR1CHvE9L80Ep 6q6h7dA1bB1omoDEb/9ge+fLBt5VPAxbrVoasDBn3YY2K3jQYxesQnVhlaKBcLIw fXr0tVrDUDNPKBa2/LbOLRM= -----END CERTIFICATE-----Generated at Thu Nov 6 01:18:20 2025 by rpki-client