
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft
File: 8421F0680EB1B3756485D0F7681F78067E9C172E.mft (raw, json)
Hash identifier: IVLTAYo6uVpY9mkSNeedAolUtjLQKOfnrRptHbfxrWU=
Subject key identifier: 74:E2:98:94:D9:21:7C:AB:52:18:C2:5F:6E:8D:A8:82:01:36:7D:8A
Authority key identifier: 84:21:F0:68:0E:B1:B3:75:64:85:D0:F7:68:1F:78:06:7E:9C:17:2E
Certificate issuer: /CN=8421F0680EB1B3756485D0F7681F78067E9C172E
Certificate serial: 79F3E0FD11DF1D3E705E6869611AE0A9C0DAB8B4
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8421F0680EB1B3756485D0F7681F78067E9C172E.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft
Manifest number: EE
Signing time: Tue 14 Jul 2026 09:10:56 +0000
Manifest this update: Tue 14 Jul 2026 09:05:56 +0000
Manifest next update: Wed 15 Jul 2026 10:21:56 +0000
Files and hashes: 1: 3230322e3132322e3131322e302f32312d3231203d3e203435303631.roa (hash: p64OlJWN4xzR7Eauh13Kq9y9HsakhADFQc1EpncoPyA=)
2: 323430303a383230313a3a2f33322d313238203d3e203435303631.roa (hash: cCjZk6/D7FQRokzzWSYRnQwLRhmgRoE9l1n51OgrOrQ=)
3: 3130332e31332e3234342e302f32322d3232203d3e203435303631.roa (hash: s7xNgeXINQ5XzPzluG6befi4PDsxGcgFDif9YN8Cjtc=)
4: 3131382e3132362e33322e302f31392d3139203d3e203435303631.roa (hash: oxCUlAGrmEVENEvphgoHrtULEK4PmQscKpU+wwYDSQQ=)
5: 3132312e35352e302e302f31382d3138203d3e203435303631.roa (hash: NhqqQJvDACKCKhJecfErnOqf7SHXIpNF0kxLCWZji7g=)
6: 323430303a383230303a3a2f33322d313238203d3e203435303631.roa (hash: OJuPzB78ELG7oWhjMKLWmQEkKhS3FsL77IA5FBEyGug=)
7: 3131342e32382e36382e302f32322d3232203d3e2034383131.roa (hash: k2DANdr4kGbHw5DbBF4H016ZNcLf5+VxwPnYFQBum2I=)
8: 3131342e3134312e3134382e302f32322d3232203d3e203435303631.roa (hash: GAjhPK7uIzL9Jk1ZUM2oYaioJeK2HkXJIrHGIBCS68A=)
9: 34352e3131362e35322e302f32322d3232203d3e203435303631.roa (hash: Q2GLAzJCuXolF8zvE4SK4DiSfrkjkP04MyuCM9i3+zc=)
10: 3131342e32382e37322e302f32312d3231203d3e2034383131.roa (hash: z+KkAbE1tNzpn5jtmiDv8aWslLlp03fmv+ixrqjR+0c=)
11: 3131342e32382e3132382e302f31392d3139203d3e2034383132.roa (hash: xqw7IomjKxBRLvFlgY2UqqWMCB7OIYkSZ42ZB2kiYMc=)
12: 34352e3131352e34342e302f32322d3232203d3e2034383131.roa (hash: y/MSFBJdojfDrNGDV6JXxCEFfy6JVkgRu8xQqlGA1+o=)
13: 3131342e32382e3132382e302f32302d3230203d3e2034383131.roa (hash: 7ctkGQpyisi9zH2u2VKxvHKRSH6rZz0X8ZJdtm7yPBk=)
14: 8421F0680EB1B3756485D0F7681F78067E9C172E.crl (hash: 0i2Vq1m21eWaoqXM1SqXVTYqHAeUMpz8y06k5cbWzU8=)
15: 3131342e32382e3136302e302f31392d3139203d3e203435303631.roa (hash: TjgLKPNifN+3Wr/+k2dIOHUJlqXOKSiGUcoZKgFaxSY=)
16: 3131342e3134312e3132382e302f31392d3139203d3e203435303631.roa (hash: rX71zn663mC+PXbN9bZFqHBjL7EmPtxQN3yowzWIv7k=)
17: 3131342e32382e3134342e302f32302d3230203d3e2034383131.roa (hash: E1m38mZb/SG7oWaFlqcUfpVkwaATD41p5lliHG3KeOw=)
18: 3131342e3134312e3132382e302f31382d3138203d3e203435303631.roa (hash: //+6nQlQDBn0BXAXI99nw4HMz9l6KIJ4wurfWegCjHI=)
19: 3130332e3235312e38342e302f32322d3232203d3e203435303631.roa (hash: Uqm3SQ0Upe1tVgTu+kaQINPzkGJ7F/HFSydp7geQGOU=)
20: 3131342e3134312e3136302e302f31392d3139203d3e203435303631.roa (hash: JCIREiuOF9Kv/Vlb/fhDKY/AqbnrP7VRNXpBzQfkI54=)
21: 3131342e32382e3133342e302f32342d3234203d3e2034383337.roa (hash: UYKWkrVdhnWPxrHTELoGMnyGsAs4tF9fFKf83dqOGqw=)
22: 323430303a383230313a3a2f34382d313238203d3e203435303631.roa (hash: 36yhztcZ5Fu1fqVVziBV34gyTNeZzEm9a1ZFJhxb2Fs=)
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.crl
rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8421F0680EB1B3756485D0F7681F78067E9C172E.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 Jul 2026 10:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:f3:e0:fd:11:df:1d:3e:70:5e:68:69:61:1a:e0:a9:c0:da:b8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8421F0680EB1B3756485D0F7681F78067E9C172E
Validity
Not Before: Jul 14 09:05:56 2026 GMT
Not After : Jul 15 10:21:56 2026 GMT
Subject: CN=74E29894D9217CAB5218C25F6E8DA88201367D8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9c:d9:5c:43:c9:b8:3b:52:fc:ef:6a:87:d1:
66:f7:1e:b8:5d:04:0d:d9:d2:e5:2f:7f:4c:bd:92:
eb:22:7b:d3:3c:b3:b2:a3:36:8e:4c:ea:e2:ff:4a:
5a:6e:aa:16:1c:a0:87:f0:29:c4:ea:1d:e8:32:69:
83:07:1a:5c:3e:33:b0:bc:37:f1:58:0e:8c:58:6c:
9d:2c:fb:bd:eb:4f:7f:e3:de:ea:b9:5d:1b:63:cc:
bd:b9:10:3c:fe:f8:95:b1:7f:4a:3d:5e:26:e1:15:
f7:75:75:90:50:5b:41:21:1a:25:d7:11:98:ad:49:
68:01:d6:48:ec:c5:b1:48:ce:0a:2e:62:1b:7c:ab:
6f:4c:9f:b8:f0:47:cb:8f:89:a0:08:4d:c9:5d:bf:
06:ff:cc:02:c1:23:d1:49:e7:ce:f3:80:a1:7e:bb:
41:b8:38:36:c1:ee:06:f9:a4:40:40:4a:d2:9f:eb:
a0:20:21:55:0d:38:9a:25:de:f1:0a:0a:22:aa:75:
80:b3:c7:c8:d3:35:2d:ec:7a:e6:7c:3b:1c:cd:a8:
34:bb:47:90:f8:2a:6e:8b:89:e5:f3:25:93:33:c5:
70:b4:e5:97:8d:71:b0:96:34:4c:68:98:82:2d:33:
33:d9:a4:40:ba:c5:d7:1e:4b:19:94:0d:ae:ab:67:
ac:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E2:98:94:D9:21:7C:AB:52:18:C2:5F:6E:8D:A8:82:01:36:7D:8A
X509v3 Authority Key Identifier:
keyid:84:21:F0:68:0E:B1:B3:75:64:85:D0:F7:68:1F:78:06:7E:9C:17:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8421F0680EB1B3756485D0F7681F78067E9C172E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:82:fb:cb:04:ab:fb:b1:ec:c1:c4:e7:9c:58:b3:b8:fa:ed:
6b:10:a7:08:87:96:1c:29:73:68:48:91:8d:d8:3a:7e:0e:1d:
ad:d0:90:89:9b:6e:67:ac:b6:ae:87:77:80:43:db:8b:ca:55:
14:92:f6:84:8d:95:cf:32:5e:1f:07:60:04:c0:99:ee:68:85:
b9:dc:d9:57:fc:e0:b3:06:0f:a8:93:8a:6b:6b:03:b1:3c:b3:
47:ad:f1:16:69:1a:87:d2:c4:39:f9:88:37:1b:e8:3c:ee:48:
38:80:c8:60:88:32:82:00:1f:9c:ba:16:30:65:c0:a0:bd:af:
a0:b9:c0:b1:85:84:85:3b:92:05:d1:07:4c:be:d0:81:63:6b:
ec:f2:39:36:76:05:7d:fa:6f:23:19:d3:ad:99:f6:8d:b9:14:
50:d2:17:42:54:31:89:67:1d:5b:a4:98:43:13:53:6d:6b:51:
94:14:f3:84:83:4f:70:65:cc:4e:18:ae:31:3c:65:fc:d4:09:
ec:d2:a0:e4:7b:75:34:15:c4:bf:a9:34:58:35:7c:25:6d:36:
db:66:67:6c:6d:6b:b6:e1:70:7b:33:8c:b8:55:37:2c:71:47:
50:86:8c:7b:ad:0b:33:ca:5a:f4:10:a7:14:47:84:c3:6e:5b:
82:62:05:2d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUefPg/RHfHT5wXmhpYRrgqcDauLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQyMUYwNjgwRUIxQjM3NTY0ODVEMEY3NjgxRjc4MDY3
RTlDMTcyRTAeFw0yNjA3MTQwOTA1NTZaFw0yNjA3MTUxMDIxNTZaMDMxMTAvBgNV
BAMTKDc0RTI5ODk0RDkyMTdDQUI1MjE4QzI1RjZFOERBODgyMDEzNjdEOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEnNlcQ8m4O1L872qH0Wb3Hrhd
BA3Z0uUvf0y9kusie9M8s7KjNo5M6uL/SlpuqhYcoIfwKcTqHegyaYMHGlw+M7C8
N/FYDoxYbJ0s+73rT3/j3uq5XRtjzL25EDz++JWxf0o9XibhFfd1dZBQW0EhGiXX
EZitSWgB1kjsxbFIzgouYht8q29Mn7jwR8uPiaAITcldvwb/zALBI9FJ587zgKF+
u0G4ODbB7gb5pEBAStKf66AgIVUNOJol3vEKCiKqdYCzx8jTNS3seuZ8OxzNqDS7
R5D4Km6LieXzJZMzxXC05ZeNcbCWNExomIItMzPZpEC6xdceSxmUDa6rZ6zTAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUdOKYlNkhfKtSGMJfbo2oggE2fYowHwYDVR0j
BBgwFoAUhCHwaA6xs3VkhdD3aB94Bn6cFy4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU3NzI0MTk0NzQ3MTg3My8wLzg0MjFGMDY4MEVCMUIzNzU2NDg1RDBGNzY4MUY3
ODA2N0U5QzE3MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvODQyMUYwNjgwRUIxQjM3NTY0ODVEMEY3NjgxRjc4MDY3RTlDMTcyRS5jZXIw
fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1NzcyNDE5NDc0NzE4NzMvMC84NDIxRjA2ODBFQjFC
Mzc1NjQ4NUQwRjc2ODFGNzgwNjdFOUMxNzJFLm1mdDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI
KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATYL7ywSr+7Hs
wcTnnFizuPrtaxCnCIeWHClzaEiRjdg6fg4drdCQiZtuZ6y2rod3gEPbi8pVFJL2
hI2VzzJeHwdgBMCZ7miFudzZV/zgswYPqJOKa2sDsTyzR63xFmkah9LEOfmINxvo
PO5IOIDIYIgyggAfnLoWMGXAoL2voLnAsYWEhTuSBdEHTL7QgWNr7PI5NnYFffpv
IxnTrZn2jbkUUNIXQlQxiWcdW6SYQxNTbWtRlBTzhINPcGXMThiuMTxl/NQJ7NKg
5Ht1NBXEv6k0WDV8JW0222ZnbG1rtuFwezOMuFU3LHFHUIaMe60LM8pa9BCnFEeE
w25bgmIFLQ==
-----END CERTIFICATE-----
Generated at Tue Jul 14 20:04:53 2026 by rpki-client