$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft File: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft (raw, json) Hash identifier: vgGU0hnAEOMXV7ZEZ5RcvT0mw55Y6xJoW+rA11qddhk= Subject key identifier: 95:07:8F:96:75:E9:E4:DF:8D:7A:65:57:D4:07:69:1D:F8:E1:DB:6F Authority key identifier: 67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 Certificate issuer: /CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Certificate serial: 319761DBA2B4076A5E8A650BC03E5E755264B125 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft Manifest number: 85 Signing time: Mon 27 Apr 2026 07:23:43 +0000 Manifest this update: Mon 27 Apr 2026 07:18:43 +0000 Manifest next update: Tue 28 Apr 2026 10:05:43 +0000 Files and hashes: 1: 3130332e3134302e31342e302f32332d3332203d3e20313339303931.roa (hash: Dm1g3UjQyhGbjlFkBoWW9J4T2d5S6s8go1jP82Lkdfk=) 2: 67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl (hash: cxz7f/xcLG1lo+6muPt11bP1y/D+afwnf9s7F8TnUoY=) 3: 3130332e3134302e31342e302f32332d3332203d3e203137363231.roa (hash: 2cWU5UH8whnz87agI1VludkKe4lf2cSxtmFnl04vmyI=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 10:05:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:97:61:db:a2:b4:07:6a:5e:8a:65:0b:c0:3e:5e:75:52:64:b1:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67966D34EFBF4CBCFB00CF9C204539BFE0A25316 Validity Not Before: Apr 27 07:18:43 2026 GMT Not After : Apr 28 10:05:43 2026 GMT Subject: CN=95078F9675E9E4DF8D7A6557D407691DF8E1DB6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ea:1a:13:8b:95:95:8b:ff:98:90:64:21:15: ef:5c:6d:fe:39:fe:05:02:cc:95:f2:dd:46:c1:d9: 78:29:26:4f:50:9e:e3:d4:00:54:01:93:ce:34:95: 5d:6d:43:7f:46:a6:56:c4:65:a5:50:83:91:15:c3: 73:77:1b:16:21:17:53:4c:da:2b:c8:09:4d:97:1c: 4c:34:52:f5:a7:49:a1:ad:c2:f3:6f:27:4e:2b:ba: a7:c2:f8:6f:37:49:39:3b:54:8d:f3:23:7d:bc:0b: 45:32:f5:e5:02:23:86:5a:8e:52:9f:5e:65:7a:bd: be:ca:6e:5e:16:18:8e:4f:3a:82:1e:ea:db:61:0b: 91:1c:fe:0a:43:c9:c9:cc:f3:65:ef:6e:b8:c6:66: ec:0e:9b:22:d1:cd:16:c2:e0:1f:af:9f:c8:84:f4: 66:0e:1d:fb:96:96:29:37:29:ce:57:d0:61:b5:ae: 45:9e:36:1f:f3:cc:7b:6a:17:ee:c1:5a:f3:f5:ee: 74:8d:3b:fb:e3:76:a5:15:2a:cd:2b:2d:5f:f0:75: 89:03:7f:d3:8b:64:fc:e6:c7:17:f7:cb:9a:ad:73: 57:6f:69:db:66:32:9d:37:df:80:a0:eb:13:23:e8: e8:3a:55:80:19:c4:59:1e:6a:e9:6c:d5:59:0d:b2: df:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:07:8F:96:75:E9:E4:DF:8D:7A:65:57:D4:07:69:1D:F8:E1:DB:6F X509v3 Authority Key Identifier: keyid:67:96:6D:34:EF:BF:4C:BC:FB:00:CF:9C:20:45:39:BF:E0:A2:53:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065582741577859074/0/67966D34EFBF4CBCFB00CF9C204539BFE0A25316.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:26:48:74:96:69:1a:30:bf:69:3a:08:77:20:e4:63:59:8d: 0d:87:5e:f2:6f:a9:f2:90:39:04:9e:a9:43:1a:f4:48:d3:be: 10:32:37:0d:bf:d2:f3:62:a4:0a:63:c0:86:fd:c3:6e:1b:df: 2d:65:e0:0c:c8:3c:de:0b:78:3c:25:bb:b9:a1:6c:62:9d:07: 4c:c2:b8:80:d4:7d:6b:6d:59:48:a1:d4:6e:6b:93:25:36:6a: 52:ee:18:79:5b:bb:a9:7f:61:fd:00:4a:e5:cd:5f:c0:57:db: 69:3a:0e:f7:be:1d:14:fc:8e:d7:68:2a:52:b9:f7:f2:0f:32: cd:86:fa:92:76:f5:7c:93:bb:c4:d7:dc:79:a8:d3:23:6a:e8: b1:e4:1f:6f:f8:89:90:52:d5:57:f5:60:c9:be:2d:51:cb:6f: c3:15:d3:0a:d5:8f:87:77:85:c7:17:7c:c0:a1:fb:7c:73:ec: 97:ea:7d:c1:be:42:b5:4a:8e:a4:35:74:8d:7e:ba:ad:e2:80: 91:56:2e:80:d4:f3:76:00:11:0a:01:72:82:97:e2:e5:d6:fb: fb:a3:15:48:d9:5d:62:7f:1c:ca:c6:e9:d5:03:ee:05:cd:db: 1d:ea:14:66:29:a2:53:89:11:02:e1:6a:ee:32:eb:5a:e2:84: a2:93:7a:3e -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUMZdh26K0B2peimULwD5edVJksSUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZF MEEyNTMxNjAeFw0yNjA0MjcwNzE4NDNaFw0yNjA0MjgxMDA1NDNaMDMxMTAvBgNV BAMTKDk1MDc4Rjk2NzVFOUU0REY4RDdBNjU1N0Q0MDc2OTFERjhFMURCNkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe6hoTi5WVi/+YkGQhFe9cbf45 /gUCzJXy3UbB2XgpJk9QnuPUAFQBk840lV1tQ39GplbEZaVQg5EVw3N3GxYhF1NM 2ivICU2XHEw0UvWnSaGtwvNvJ04ruqfC+G83STk7VI3zI328C0Uy9eUCI4ZajlKf XmV6vb7Kbl4WGI5POoIe6tthC5Ec/gpDycnM82XvbrjGZuwOmyLRzRbC4B+vn8iE 9GYOHfuWlik3Kc5X0GG1rkWeNh/zzHtqF+7BWvP17nSNO/vjdqUVKs0rLV/wdYkD f9OLZPzmxxf3y5qtc1dvadtmMp0334Cg6xMj6Og6VYAZxFkeauls1VkNst+pAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUlQePlnXp5N+NemVX1AdpHfjh228wHwYDVR0j BBgwFoAUZ5ZtNO+/TLz7AM+cIEU5v+CiUxYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4Mjc0MTU3Nzg1OTA3NC8wLzY3OTY2RDM0RUZCRjRDQkNGQjAwQ0Y5QzIwNDUz OUJGRTBBMjUzMTYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNjc5NjZEMzRFRkJGNENCQ0ZCMDBDRjlDMjA0NTM5QkZFMEEyNTMxNi5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODI3NDE1Nzc4NTkwNzQvMC82Nzk2NkQzNEVGQkY0 Q0JDRkIwMENGOUMyMDQ1MzlCRkUwQTI1MzE2Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmiZIdJZpGjC/ aToIdyDkY1mNDYde8m+p8pA5BJ6pQxr0SNO+EDI3Db/S82KkCmPAhv3DbhvfLWXg DMg83gt4PCW7uaFsYp0HTMK4gNR9a21ZSKHUbmuTJTZqUu4YeVu7qX9h/QBK5c1f wFfbaToO974dFPyO12gqUrn38g8yzYb6knb1fJO7xNfceajTI2roseQfb/iJkFLV V/Vgyb4tUctvwxXTCtWPh3eFxxd8wKH7fHPsl+p9wb5CtUqOpDV0jX66reKAkVYu gNTzdgARCgFygpfi5db7+6MVSNldYn8cysbp1QPuBc3bHeoUZimiU4kRAuFq7jLr WuKEopN6Pg== -----END CERTIFICATE-----Generated at Mon Apr 27 16:14:51 2026 by rpki-client