$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft File: MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft (raw, json) Hash identifier: 4nOz/9kPsWnR8RDdDz4F+Dp3W/rWMWjTc/NI8ytgY/U= Subject key identifier: E5:2A:0D:13:FE:FC:2B:DD:04:16:97:AF:04:0A:22:E5:40:1F:69:44 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 03FC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft Manifest number: 03D3 Signing time: Tue 22 Jul 2025 21:40:29 +0000 Manifest this update: Tue 22 Jul 2025 21:40:29 +0000 Manifest next update: Wed 23 Jul 2025 03:40:29 +0000 Files and hashes: 1: 0dZ5I09lAVDwwdBtKw3W4Fcbgvg.roa (hash: lQOR7nSJBC3nQwtfsQk1dpFJvbVpxwW7pzrGhAUqM3s=) 2: 2GjMcAPIwQ9A3nYHTe17im5dKpk.roa (hash: 8clIZ8TDnNT+D8EcevoDYRlpTbp3pyPMOB/ztKGT3EA=) 3: 5A8OYpToLInFfJkhoIWfEiFtIPQ.roa (hash: x+60aO4gLQoDRENjkiVVPQUJwdAw7b4rkcp8n/rhQUc=) 4: 5xs6q9kYSJs7xTxojHCGDufbz_A.roa (hash: vnzGUEdBuD1T8Njqq7T/LcFQTgcgO72+hsaDv3JZDh8=) 5: 7Z7H7XDbGSChn1KThGrbYqqjJHE.roa (hash: CKgQ1EEnL7Kx3DHSKdphsYIEX6AeW/sIq4uCgtNcOUM=) 6: 9Jdk8KOSJRfL2mrB3YfKxFMxZQE.roa (hash: m5o9rgoWIViF2OCxVgXp3gjdyjYdlkUCHSrZyBPT+jQ=) 7: AuVbs0H3hpxgHVWFirWbZjktcTo.roa (hash: KOYq4xwAkyE9JCrUaY8UqsAS2Pe10hdMv1FTrXk+vX8=) 8: IcaZcYZurwbyH28jcSMzCSUwqbk.roa (hash: K9NtRk+hHHn3omEPZtgAlM4zbBGAYDaQd7r75mL1zQ0=) 9: KaWNUh_TG8Mk6sJVwRnXPmiEp0g.roa (hash: Qafk9mMby1vgCNhomBv1/D3xlTQb7JRe+cNcpklkkiU=) 10: KoPRPQqGeqnVLw-SkMST5S28RVI.roa (hash: nWch/6fvS1NxWfH5N9cTc8M/RbhIPPz4CwV2rOmsDok=) 11: MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl (hash: Mz9HMKRkCU6qLZGUYbad8ugVT6o9VT5UmEaeubRMdHU=) 12: NBU-Fjpng-fIM7FOJ-bo-ZrSyeo.roa (hash: NoAdiBRSj2MPKratBpWYTmG1nBombkXXFayuCYIwDFM=) 13: NHamWpbVYJHiRlJoyV-4gnuctc4.roa (hash: /VOb/quE81RsmVadCg2EQfEjGxNFod1cRASxSWSKcu4=) 14: QJ0xQwU7ijDp-eqfpnkAMcTc2P8.roa (hash: Sc7N7ab71h6ekql6Ip1MsG7JlEfSt7H8gJto9mf9+98=) 15: RwjlVL9wCojI3agwjtTb2oqNREk.roa (hash: gdCZCGvA6m2AKPsMu7skbNe22iB/IgH0naSBsF+QvoM=) 16: TGpPZx1ww8lW2mKRZ-93CBlUOhw.roa (hash: 4X/bwQBxm2EEo2XuX5P6q+VUpO3hZQDVpWWa27WjSWg=) 17: UyCaqegX0-eEEhnSjZvBk6mm-0E.roa (hash: wOvH8cOq6jMa075cTj4pdqejCseoQGoIaw+as+jKw6I=) 18: ZV-9aaDrSePueGbfAb5U19hIRlo.roa (hash: cColCtlqChZqwj6Bhh9HRTPN0nK6S3A1VxfEaPBxgQo=) 19: a1xzLnP9yHS4ZxTx8lT6fiJzvKQ.roa (hash: pnrh09jjMVQxgCPwAjENTCHzECt6FgHZipi1Md1meAw=) 20: bLoMS5F7WEVO1TrATAHo69-sLmU.roa (hash: jj9rU/19HityI5gOVZgVafYfRGECZo1chPDBmDx8hY0=) 21: cevxg5OQpJyy4kmIvON4zBBgiMY.roa (hash: Uj82zDRHr+jOc1jqMcw2H1r4KTcK1GvgtouvhgqaIK0=) 22: fzGGKAAfHyqtYtW64JLqUp9n_b4.roa (hash: se+OESlX8I0t+5SLDVJuEIL25hPdvScG79kkWgLg9zU=) 23: l5nUWeN92cd3JFn9Sc3V8XNoyn8.roa (hash: 5oisv+ANdee4sV0PH+IN9kvzfrdxZ5UuhIOmlifariI=) 24: oo1RAhDNLpypJ4DY-FhJaypVYdc.roa (hash: p20QDfifNmzC/E34EhawcSFaYE4WAwts4xpfIBZiMZk=) 25: plj4h6VJRl_xUalf0ulWubT4YSk.roa (hash: iWAQhoZ9eLQrp93ZcwCNmFDmjJoRhBvYr7ebppkeWl8=) 26: puk7qV1IA8WGE7-uMRA6VJBCmfo.roa (hash: rj7pjmyfQeQkOZRupb32bJgd9wIXMz6GCV+uWL5+LOc=) 27: r6yuB_mBhrxgJ9oegEz3A-ic9UE.roa (hash: wrq5iOM9j+2Qo5lK50hanoFLQKH0hesbfXGxmXDwFxQ=) 28: tVv5cMahpCShvvtQAhNlPeOQ5Q4.roa (hash: TzovdDux1HhYWV4x32czQdkPBpbIvapUkX/AYNoNp5A=) 29: tvZ4kRiGdG1UPtn_ye1HuTlyGVo.roa (hash: yWQuQGrPWn6a5LSCa+GTJsOa7VU9maS/0c3i3fALhtk=) 30: v4d1-p-3ZxksqaCK5sQnSOumPX4.roa (hash: v9JLyW4CyKz9olTqbMME5NpXQah5W39H0O1CPcZ3/Ik=) 31: wM98mz6k7POB_T0MejRXUHUVaGo.roa (hash: WNcoKWTZ1mOgrWS4oU63OxebnJDM9+7UOuhg2pg9Irc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 03:40:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1020 (0x3fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Jul 22 21:40:29 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E52A0D13FEFC2BDD041697AF040A22E5401F6944 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6a:f8:c1:c1:45:a0:13:fa:bd:c7:1f:be:be: 11:82:be:ae:65:1a:95:6a:6b:78:dc:2c:32:fe:eb: 61:76:81:cf:71:98:07:cb:05:b4:83:86:30:2e:96: e5:86:71:5e:4f:40:23:29:a0:5e:24:c5:8f:31:33: 85:7a:85:7f:55:7c:39:53:c7:a7:06:a4:fa:db:1c: 96:7b:97:fc:5c:35:17:c5:3e:56:f3:9c:76:33:cc: 93:81:ee:a7:e3:2a:86:c8:12:46:2c:0f:ac:0a:5a: e0:e1:46:83:7e:6c:3f:37:92:05:2d:80:c7:09:04: 3c:fd:87:c7:b6:65:f4:5e:48:29:22:71:d8:d7:0d: f0:68:a7:70:2c:b6:f2:f6:93:de:24:0f:9f:16:94: 7e:fb:43:db:fd:0d:07:ce:56:4c:46:cf:c2:63:52: 8a:a0:fe:c9:c0:f6:ec:cb:d6:2e:b6:4f:06:0f:a3: b0:a3:cc:0c:3f:de:17:40:39:a7:58:7e:89:dd:8d: 90:93:c8:21:4d:4d:c6:d3:12:5e:6e:12:01:15:25: d1:47:26:3e:d6:6f:c3:5a:63:08:bc:13:25:1c:f0: df:3c:ed:bf:dd:62:95:ec:31:a2:3a:fc:bf:35:1f: cc:d2:46:e5:a7:32:f1:db:c4:d3:ec:62:7e:10:a6: 47:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:2A:0D:13:FE:FC:2B:DD:04:16:97:AF:04:0A:22:E5:40:1F:69:44 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:01:29:c9:b5:f9:4a:8c:4e:67:79:d6:39:8a:c8:2f:74:8e: 1d:6e:4b:6b:d6:48:d3:1f:50:d5:42:8a:6d:74:62:96:0e:40: 3d:88:7c:1f:fa:f9:14:38:61:c9:da:ef:2d:25:b7:15:b4:6d: b6:c4:3a:f9:5b:28:7e:72:ba:1c:cf:06:d2:c0:2d:3e:92:73: 02:c0:44:c3:aa:64:6f:dd:11:62:9f:2c:2f:9f:7e:1c:85:0a: 1e:fa:d3:9b:08:cb:aa:c6:0d:3f:04:8b:44:5b:88:e3:74:15: b9:97:06:ef:ba:6c:2f:a4:02:5c:f0:08:11:11:89:d7:db:88: 90:d7:6a:ea:99:72:fa:68:65:6f:ee:a2:01:e4:db:4d:04:b3: ae:c3:65:68:5e:b4:67:c8:83:f6:ad:ea:05:c5:65:2c:6c:72: d6:47:74:be:ff:2f:c0:ee:e9:56:f8:5f:0c:fb:f8:73:f2:fe: 52:97:ca:83:e0:23:c4:9c:38:46:af:28:f0:73:ed:f5:25:91: 02:bf:ba:8a:c5:30:02:53:9b:95:4d:a6:09:f3:9f:dc:b4:d7: 94:8c:8b:62:c2:06:24:cb:78:9e:f4:bf:38:03:ef:a8:d5:82: 04:5d:4c:93:9a:63:e2:f4:a7:e5:95:fd:55:11:2d:8b:79:89: 98:b6:b1:c2 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICA/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA3MjIy MTQwMjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU1MkEwRDEzRkVGQzJC REQwNDE2OTdBRjA0MEEyMkU1NDAxRjY5NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAavjBwUWgE/q9xx++vhGCvq5lGpVqa3jcLDL+62F2gc9xmAfL BbSDhjAuluWGcV5PQCMpoF4kxY8xM4V6hX9VfDlTx6cGpPrbHJZ7l/xcNRfFPlbz nHYzzJOB7qfjKobIEkYsD6wKWuDhRoN+bD83kgUtgMcJBDz9h8e2ZfReSCkicdjX DfBop3AstvL2k94kD58WlH77Q9v9DQfOVkxGz8JjUoqg/snA9uzL1i62TwYPo7Cj zAw/3hdAOadYfondjZCTyCFNTcbTEl5uEgEVJdFHJj7Wb8NaYwi8EyUc8N887b/d YpXsMaI6/L81H8zSRuWnMvHbxNPsYn4Qpkd1AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU5SoNE/78K90EFpevBAoi5UAfaUQwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL01Kd3FsRHNvM0FoWXc1 dVNDS0ZnbkFsejVKby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCkASnJtflKjE5nedY5isgvdI4dbktr1kjTH1DVQoptdGKWDkA9iHwf+vkUOGHJ 2u8tJbcVtG22xDr5Wyh+croczwbSwC0+knMCwETDqmRv3RFinywvn34chQoe+tOb CMuqxg0/BItEW4jjdBW5lwbvumwvpAJc8AgREYnX24iQ12rqmXL6aGVv7qIB5NtN BLOuw2VoXrRnyIP2reoFxWUsbHLWR3S+/y/A7ulW+F8M+/hz8v5Sl8qD4CPEnDhG ryjwc+31JZECv7qKxTACU5uVTaYJ85/ctNeUjItiwgYky3ie9L84A++o1YIEXUyT mmPi9Kfllf1VES2LeYmYtrHC -----END CERTIFICATE-----Generated at Wed Jul 23 02:44:23 2025 by rpki-client