$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft File: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft (raw, json) Hash identifier: Z5vEvO2fUzcpsDYnlHFo2SsLPmmx1ZSS3sSMSFz8x0g= Subject key identifier: D9:6B:74:D2:F5:C0:67:6A:64:0E:23:68:BF:B7:7F:3F:36:CD:B5:C5 Authority key identifier: 67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 Certificate issuer: /CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Certificate serial: 64180A39C9D9342C3DCC438812F54CCBB0A63C5B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft Manifest number: 48 Signing time: Thu 12 Mar 2026 15:58:39 +0000 Manifest this update: Thu 12 Mar 2026 15:53:39 +0000 Manifest next update: Fri 13 Mar 2026 17:23:39 +0000 Files and hashes: 1: 3130332e3134302e31342e302f32332d3332203d3e20313339303931.roa (hash: Dm1g3UjQyhGbjlFkBoWW9J4T2d5S6s8go1jP82Lkdfk=) 2: 3130332e3134302e31342e302f32332d3332203d3e203137363231.roa (hash: 2cWU5UH8whnz87agI1VludkKe4lf2cSxtmFnl04vmyI=) 3: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl (hash: fY7HgfHXiteCEP+uTeWk9NuyFbbHHMyXm3+fJwpR5eI=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 17:23:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:18:0a:39:c9:d9:34:2c:3d:cc:43:88:12:f5:4c:cb:b0:a6:3c:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Validity Not Before: Mar 12 15:53:39 2026 GMT Not After : Mar 13 17:23:39 2026 GMT Subject: CN=D96B74D2F5C0676A640E2368BFB77F3F36CDB5C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:64:07:63:27:90:16:da:58:9e:9f:9d:36:e2: 02:e9:66:1a:51:4c:51:72:2f:c6:f3:88:e6:f4:54: ec:e5:49:37:da:98:5b:90:85:5f:2c:1f:c4:d3:11: 38:12:ff:cc:91:78:20:f1:9d:63:51:bf:14:8d:22: 4f:ef:6a:bd:70:ee:b6:fd:80:35:44:16:77:19:47: ac:0e:6a:b4:18:2d:3a:e0:8d:cd:22:b7:62:4a:21: 39:e4:92:a8:43:12:31:e2:c2:f3:5a:a9:1c:b8:4f: 2d:25:1f:57:40:8e:77:2e:14:ba:03:02:c3:28:5a: 8b:82:c3:78:c5:ea:fb:04:f6:f3:67:4b:33:2c:3d: 22:0d:50:36:68:76:95:d3:a4:5f:c3:7e:d8:17:fd: 74:17:01:26:e1:89:82:ac:8b:5e:42:f4:d1:94:16: ed:0f:ee:c2:ad:75:ae:6b:10:f3:b1:b1:1a:50:96: f6:03:09:cf:12:d0:36:b1:80:83:3a:4f:cb:eb:07: 35:7a:b0:da:3d:da:66:34:16:24:7e:4b:54:25:c7: ed:b6:d9:61:2e:79:bd:c7:bb:b8:1f:be:2c:01:ff: 08:22:fb:5f:87:aa:17:4d:eb:dd:49:b3:8c:1e:31: fd:1e:9a:9b:79:9e:9e:c3:e1:24:7b:68:b2:f1:5a: bc:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:6B:74:D2:F5:C0:67:6A:64:0E:23:68:BF:B7:7F:3F:36:CD:B5:C5 X509v3 Authority Key Identifier: keyid:67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:eb:ce:32:21:11:ed:1e:bf:fa:a6:04:1f:66:29:02:7b:4b: a6:e2:2d:cf:fb:f2:b5:4b:78:3d:e4:7f:21:7a:03:99:f9:74: 19:7d:a1:60:97:75:3f:bb:4c:e1:ec:37:8c:16:52:aa:20:73: e8:b4:ef:5d:50:57:5e:5e:d7:15:fd:1f:4c:1b:f3:dd:ec:b4: 26:45:42:1b:6a:65:50:3e:e0:16:b9:64:30:2f:ef:7e:4e:c2: a8:68:b4:1f:bb:4d:7a:8c:b3:b9:f0:a8:5e:b2:80:2d:dd:53: 76:8c:c0:ec:c7:9d:c3:cc:09:10:cd:64:1b:86:5f:fd:fc:5e: 7d:02:ab:36:47:51:83:3d:a8:48:c0:00:5a:82:3e:b8:44:56: 48:c4:b0:6e:b7:f7:b9:35:5d:c1:27:a1:bd:af:5c:50:1a:23: 5f:85:e5:34:47:6d:20:7b:00:f2:21:07:97:10:6b:90:35:82: 1d:a9:08:ab:f9:ed:80:f6:44:24:f3:9e:4c:78:78:68:e1:32: a7:00:fb:e7:89:58:5e:4d:22:48:6d:39:0c:c5:59:84:4b:d3: 1c:ce:d7:a1:8a:19:93:45:1b:6d:7d:bb:76:9c:f4:65:65:b4: 07:e1:57:48:6b:16:9b:ed:7c:09:c0:f0:c2:93:2e:d5:55:36: 9c:52:5b:88 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUZBgKOcnZNCw9zEOIEvVMy7CmPFswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZF MEEyNTMxNjAeFw0yNjAzMTIxNTUzMzlaFw0yNjAzMTMxNzIzMzlaMDMxMTAvBgNV BAMTKEQ5NkI3NEQyRjVDMDY3NkE2NDBFMjM2OEJGQjc3RjNGMzZDREI1QzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIZAdjJ5AW2lien5024gLpZhpR TFFyL8bziOb0VOzlSTfamFuQhV8sH8TTETgS/8yReCDxnWNRvxSNIk/var1w7rb9 gDVEFncZR6wOarQYLTrgjc0it2JKITnkkqhDEjHiwvNaqRy4Ty0lH1dAjncuFLoD AsMoWouCw3jF6vsE9vNnSzMsPSINUDZodpXTpF/DftgX/XQXASbhiYKsi15C9NGU Fu0P7sKtda5rEPOxsRpQlvYDCc8S0DaxgIM6T8vrBzV6sNo92mY0FiR+S1Qlx+22 2WEueb3Hu7gfviwB/wgi+1+HqhdN691Js4weMf0empt5np7D4SR7aLLxWrz3AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQU2Wt00vXAZ2pkDiNov7d/PzbNtcUwHwYDVR0j BBgwFoAUZ5ZtNO+/TLz7AM+cIEU5v+CiUxYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4Mjc0MTU3Nzg1OTA3NC8wLzY3OTY2RDM0RUZCRjRDQkNGQjAwQ0Y5QzIwNDUz OUJGRTBBMjUzMTYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZFMEEyNTMxNi5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODI3NDE1Nzc4NTkwNzQvMC82Nzk2NkQzNEVGQkY0 Q0JDRkIwMENGOUMyMDQ1MzlCRkUwQTI1MzE2Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnOvOMiER7R6/ +qYEH2YpAntLpuItz/vytUt4PeR/IXoDmfl0GX2hYJd1P7tM4ew3jBZSqiBz6LTv XVBXXl7XFf0fTBvz3ey0JkVCG2plUD7gFrlkMC/vfk7CqGi0H7tNeoyzufCoXrKA Ld1TdozA7Medw8wJEM1kG4Zf/fxefQKrNkdRgz2oSMAAWoI+uERWSMSwbrf3uTVd wSehva9cUBojX4XlNEdtIHsA8iEHlxBrkDWCHakIq/ntgPZEJPOeTHh4aOEypwD7 54lYXk0iSG05DMVZhEvTHM7XoYoZk0UbbX27dpz0ZWW0B+FXSGsWm+18CcDwwpMu 1VU2nFJbiA== -----END CERTIFICATE-----Generated at Fri Mar 13 03:49:11 2026 by rpki-client