$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft File: 8421F0680EB1B3756485D0F7681F78067E9C172E.mft (raw, json) Hash identifier: KOCs9ythezyuOEngcCEqxaq1Utc2UF3UNgICl1AhMAs= Subject key identifier: BF:EF:67:9B:B4:20:67:BA:01:99:C4:A5:34:AB:13:3C:8E:6B:2B:46 Authority key identifier: 84:21:F0:68:0E:B1:B3:75:64:85:D0:F7:68:1F:78:06:7E:9C:17:2E Certificate issuer: /CN=8421F0680EB1B3756485D0F7681F78067E9C172E Certificate serial: 27ABE11529908E20E0489D2BBF17E95239914666 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8421F0680EB1B3756485D0F7681F78067E9C172E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft Manifest number: 72 Signing time: Mon 13 Apr 2026 00:39:17 +0000 Manifest this update: Mon 13 Apr 2026 00:34:17 +0000 Manifest next update: Tue 14 Apr 2026 00:41:17 +0000 Files and hashes: 1: 3131342e32382e3134342e302f32302d3230203d3e2034383131.roa (hash: E1m38mZb/SG7oWaFlqcUfpVkwaATD41p5lliHG3KeOw=) 2: 323430303a383230313a3a2f33322d313238203d3e203435303631.roa (hash: cCjZk6/D7FQRokzzWSYRnQwLRhmgRoE9l1n51OgrOrQ=) 3: 8421F0680EB1B3756485D0F7681F78067E9C172E.crl (hash: BpxyH3tQhVAJKXbbt3SLIQMUej6J9fZY/FZIDbvXr3Q=) 4: 323430303a383230303a3a2f33322d313238203d3e203435303631.roa (hash: OJuPzB78ELG7oWhjMKLWmQEkKhS3FsL77IA5FBEyGug=) 5: 323430303a383230313a3a2f34382d313238203d3e203435303631.roa (hash: 36yhztcZ5Fu1fqVVziBV34gyTNeZzEm9a1ZFJhxb2Fs=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.crl rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8421F0680EB1B3756485D0F7681F78067E9C172E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 14 Apr 2026 00:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:ab:e1:15:29:90:8e:20:e0:48:9d:2b:bf:17:e9:52:39:91:46:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8421F0680EB1B3756485D0F7681F78067E9C172E Validity Not Before: Apr 13 00:34:17 2026 GMT Not After : Apr 14 00:41:17 2026 GMT Subject: CN=BFEF679BB42067BA0199C4A534AB133C8E6B2B46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:58:6b:83:25:c5:89:00:c4:50:56:32:2d:2f: 6f:a3:ee:0c:59:2a:bc:5f:8f:b8:3a:6c:4e:af:ba: 7b:b5:61:9a:74:4b:05:b8:fb:f3:09:50:69:69:34: fc:f9:f7:60:9c:c9:73:0b:a0:08:e5:1e:53:9d:4c: 38:7c:39:33:57:d0:50:40:26:eb:cc:7a:5c:6b:06: e7:bb:02:d7:47:64:6f:dd:7d:5f:ea:8b:6e:90:90: c2:cb:41:a4:28:17:91:b7:ed:77:7c:62:1e:f1:b4: b5:7b:e2:16:61:40:d0:26:86:67:96:3e:27:c6:07: 7a:a3:d2:d8:16:71:33:eb:da:bd:c3:c0:70:68:99: 92:4c:1a:6f:d9:bb:96:cf:0f:f0:61:1d:d4:25:2c: a4:2b:5e:25:a9:ad:5b:ea:69:ad:d0:45:74:d6:90: 8d:8c:52:fa:19:3c:97:2d:53:ef:91:44:6f:6d:42: 99:5a:3d:f0:5c:09:ed:25:b4:42:5e:42:ae:d4:81: 61:3a:2f:d4:07:2f:54:79:4b:93:f0:a9:5e:39:f5: 8b:3a:51:d1:2d:d7:8a:5e:37:23:de:92:a4:e4:a8: 87:49:03:d2:6f:19:79:0c:8e:47:6c:bc:c1:4a:b8: 1c:fe:6d:62:de:e2:4e:39:0e:66:2c:db:42:c9:e8: e4:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:EF:67:9B:B4:20:67:BA:01:99:C4:A5:34:AB:13:3C:8E:6B:2B:46 X509v3 Authority Key Identifier: keyid:84:21:F0:68:0E:B1:B3:75:64:85:D0:F7:68:1F:78:06:7E:9C:17:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8421F0680EB1B3756485D0F7681F78067E9C172E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065577241947471873/0/8421F0680EB1B3756485D0F7681F78067E9C172E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:3e:dc:7d:41:02:79:c7:f4:d2:8c:c9:7d:ee:f0:1d:ca:ef: ab:07:dc:bd:87:18:51:25:39:60:59:ab:ff:7d:4d:3d:95:8a: ba:4c:2a:37:82:6a:45:ca:df:37:21:bf:3b:c2:9d:b6:4a:d6: e7:95:ff:4b:09:83:88:9a:c3:df:47:33:11:0f:10:3b:89:8c: 7d:9c:6f:7f:69:2d:12:18:4c:ed:92:de:a1:69:fc:d3:cd:08: 75:e8:61:c9:5b:ff:cd:09:82:fa:47:36:5c:73:d3:2c:84:35: 3f:03:d9:f2:1c:ae:2b:4b:eb:c1:54:c3:36:b3:17:f0:ff:6f: 71:be:11:22:7a:69:8e:d1:61:21:7a:38:18:12:8e:7f:b7:cb: ac:28:c6:9f:9f:93:b4:90:fc:df:39:3b:9d:70:f7:31:ec:5a: ec:9d:06:3e:5c:3d:22:11:f6:99:53:1d:3d:57:8a:15:c3:8e: f4:fe:3c:e3:8b:a4:49:e2:42:51:a4:aa:e4:0b:cd:33:92:62: 23:e0:f6:3b:3b:d0:db:72:7d:87:10:cf:14:4f:90:5c:20:cf: 9d:18:48:97:f1:66:ef:c8:51:30:3f:dd:c6:6b:4b:09:ec:ef: 74:d3:02:40:1a:9c:b9:bd:11:23:7c:2d:bb:df:c0:b7:64:8e: 93:86:71:03 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUJ6vhFSmQjiDgSJ0rvxfpUjmRRmYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQyMUYwNjgwRUIxQjM3NTY0ODVEMEY3NjgxRjc4MDY3 RTlDMTcyRTAeFw0yNjA0MTMwMDM0MTdaFw0yNjA0MTQwMDQxMTdaMDMxMTAvBgNV BAMTKEJGRUY2NzlCQjQyMDY3QkEwMTk5QzRBNTM0QUIxMzNDOEU2QjJCNDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/WGuDJcWJAMRQVjItL2+j7gxZ Krxfj7g6bE6vunu1YZp0SwW4+/MJUGlpNPz592CcyXMLoAjlHlOdTDh8OTNX0FBA JuvMelxrBue7AtdHZG/dfV/qi26QkMLLQaQoF5G37Xd8Yh7xtLV74hZhQNAmhmeW PifGB3qj0tgWcTPr2r3DwHBomZJMGm/Zu5bPD/BhHdQlLKQrXiWprVvqaa3QRXTW kI2MUvoZPJctU++RRG9tQplaPfBcCe0ltEJeQq7UgWE6L9QHL1R5S5PwqV459Ys6 UdEt14peNyPekqTkqIdJA9JvGXkMjkdsvMFKuBz+bWLe4k45DmYs20LJ6ORRAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUv+9nm7QgZ7oBmcSlNKsTPI5rK0YwHwYDVR0j BBgwFoAUhCHwaA6xs3VkhdD3aB94Bn6cFy4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NzI0MTk0NzQ3MTg3My8wLzg0MjFGMDY4MEVCMUIzNzU2NDg1RDBGNzY4MUY3 ODA2N0U5QzE3MkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvODQyMUYwNjgwRUIxQjM3NTY0ODVEMEY3NjgxRjc4MDY3RTlDMTcyRS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1NzcyNDE5NDc0NzE4NzMvMC84NDIxRjA2ODBFQjFC Mzc1NjQ4NUQwRjc2ODFGNzgwNjdFOUMxNzJFLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAID7cfUECecf0 0ozJfe7wHcrvqwfcvYcYUSU5YFmr/31NPZWKukwqN4JqRcrfNyG/O8KdtkrW55X/ SwmDiJrD30czEQ8QO4mMfZxvf2ktEhhM7ZLeoWn8080IdehhyVv/zQmC+kc2XHPT LIQ1PwPZ8hyuK0vrwVTDNrMX8P9vcb4RInppjtFhIXo4GBKOf7fLrCjGn5+TtJD8 3zk7nXD3Mexa7J0GPlw9IhH2mVMdPVeKFcOO9P4844ukSeJCUaSq5AvNM5JiI+D2 OzvQ23J9hxDPFE+QXCDPnRhIl/Fm78hRMD/dxmtLCezvdNMCQBqcub0RI3wtu9/A t2SOk4ZxAw== -----END CERTIFICATE-----Generated at Mon Apr 13 11:04:51 2026 by rpki-client