$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft File: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft (raw, json) Hash identifier: MjagbIBFI5COQfp2CAo/AfudkVw1OzzNVCWPMWiEdFs= Subject key identifier: C7:48:B9:56:E8:A1:7E:BB:01:28:CE:02:0D:29:E5:2B:63:BE:0D:09 Authority key identifier: D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 Certificate issuer: /CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Certificate serial: 3F7DF49F1CFA8D4ECB84FC7651590C89E4362726 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft Manifest number: 71 Signing time: Mon 13 Apr 2026 09:24:17 +0000 Manifest this update: Mon 13 Apr 2026 09:19:17 +0000 Manifest next update: Tue 14 Apr 2026 12:41:17 +0000 Files and hashes: 1: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl (hash: 0lqQ8xHzJ54EB2xqeQQ+wUV0vyepYwdD1ZSiy96MpNw=) 2: 323430623a613030303a6663333a3a2f34382d3438203d3e20313531333033.roa (hash: TiSdjmUDUZ7Io/2Ke/Pu2qkV+pzBX0aVcs8lYCtTick=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 14 Apr 2026 11:36:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:7d:f4:9f:1c:fa:8d:4e:cb:84:fc:76:51:59:0c:89:e4:36:27:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943 Validity Not Before: Apr 13 09:19:17 2026 GMT Not After : Apr 14 12:41:17 2026 GMT Subject: CN=C748B956E8A17EBB0128CE020D29E52B63BE0D09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ca:74:8e:a4:1d:10:d0:4f:18:11:4a:51:16: 71:8c:7c:16:3c:29:0a:33:1a:ea:22:14:6d:f2:f8: 19:a0:df:93:bb:00:f9:f2:5c:cd:91:a8:e4:80:b4: 0f:84:6a:83:93:24:a9:f1:79:77:f2:3e:1e:f3:dc: d8:68:49:57:ea:4f:2c:87:b5:78:c1:c7:3d:78:bd: 7b:e5:44:45:ea:65:7e:40:76:89:91:12:e1:50:b3: 33:01:f4:83:a9:12:17:c8:ac:0d:2f:dd:4f:d3:8d: 04:ef:58:8a:c9:e0:1b:e7:a0:58:9d:51:63:eb:67: 67:fa:db:68:c5:f8:4e:00:29:8e:69:c3:7c:0a:8f: 6e:30:0b:50:a8:fa:9e:98:98:db:1f:a3:96:69:5e: 2d:4b:0d:ce:bb:fe:03:76:ff:21:49:e6:f9:32:ba: 46:79:4e:6d:0c:7b:2b:57:a6:4f:61:6e:c4:c7:a4: 45:04:3a:70:2c:f7:47:ce:c2:7e:a7:b8:18:13:79: 66:82:22:32:81:7f:cc:29:6f:fd:cf:92:4c:7c:f1: 7a:6e:ab:cb:44:0a:06:c1:c2:69:64:b3:76:ee:19: a4:aa:ff:68:75:9e:da:6d:72:6b:7e:61:4c:a0:dd: c1:7d:1b:02:f6:ec:43:bc:22:38:52:d2:83:69:d6: e1:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:48:B9:56:E8:A1:7E:BB:01:28:CE:02:0D:29:E5:2B:63:BE:0D:09 X509v3 Authority Key Identifier: keyid:D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:48:64:0a:61:da:f1:16:bd:64:0d:2b:d1:96:24:05:76:17: 8d:96:87:17:be:3c:45:96:47:4e:b0:53:0b:d7:99:ba:26:f9: b1:58:8f:f0:0e:84:87:c6:c5:e7:e2:95:aa:7f:9b:45:7b:36: cc:d0:55:56:67:58:51:d2:9f:10:55:1e:38:6d:d0:7a:64:c1: e2:4f:fe:f4:67:5b:c9:67:81:6d:1a:19:bc:ec:a7:df:24:76: 59:2e:07:70:ae:7a:4b:5a:00:87:e3:dd:82:e2:cc:b8:07:cc: 13:db:e8:78:9c:18:54:a0:b5:f0:5b:15:30:ec:c8:84:e6:21: ae:d6:d1:1f:0f:20:fb:41:b8:2f:25:cc:6a:ce:b0:b6:ca:32: 18:66:6f:b9:64:78:46:c8:dc:10:e2:af:7a:38:7c:bc:ee:70: 69:40:d3:a2:0f:8c:ca:55:88:89:03:4d:5f:fd:7b:96:9c:e3: b7:ac:98:17:e5:bc:d0:9c:f3:01:0c:1c:12:89:b9:68:1a:9b: 74:d1:0d:47:a4:85:8f:83:89:6c:cf:b6:80:2d:c1:68:4c:50: 57:47:36:95:7d:85:ad:e1:45:ef:11:28:a9:86:cf:05:3d:61: 36:62:f0:f2:8e:c2:f8:e4:b0:3f:99:df:1d:ad:0c:51:7b:5d: 7c:c3:bb:95 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUP330nxz6jU7LhPx2UVkMieQ2JyYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRC Q0FEMTk0MzAeFw0yNjA0MTMwOTE5MTdaFw0yNjA0MTQxMjQxMTdaMDMxMTAvBgNV BAMTKEM3NDhCOTU2RThBMTdFQkIwMTI4Q0UwMjBEMjlFNTJCNjNCRTBEMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMynSOpB0Q0E8YEUpRFnGMfBY8 KQozGuoiFG3y+Bmg35O7APnyXM2RqOSAtA+EaoOTJKnxeXfyPh7z3NhoSVfqTyyH tXjBxz14vXvlREXqZX5AdomREuFQszMB9IOpEhfIrA0v3U/TjQTvWIrJ4BvnoFid UWPrZ2f622jF+E4AKY5pw3wKj24wC1Co+p6YmNsfo5ZpXi1LDc67/gN2/yFJ5vky ukZ5Tm0MeytXpk9hbsTHpEUEOnAs90fOwn6nuBgTeWaCIjKBf8wpb/3Pkkx88Xpu q8tECgbBwmlks3buGaSq/2h1ntptcmt+YUyg3cF9GwL27EO8IjhS0oNp1uH7AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUx0i5VuihfrsBKM4CDSnlK2O+DQkwHwYDVR0j BBgwFoAU0v8dfG3x3XdaYQaXDQX/RLytGUMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTM4OTI2NTU1MTM2MS8wL0QyRkYxRDdDNkRGMURENzc1QTYxMDY5NzBEMDVG RjQ0QkNBRDE5NDMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRCQ0FEMTk0My5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU1NTEzNjEvMC9EMkZGMUQ3QzZERjFE RDc3NUE2MTA2OTcwRDA1RkY0NEJDQUQxOTQzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0hkCmHa8Ra9 ZA0r0ZYkBXYXjZaHF748RZZHTrBTC9eZuib5sViP8A6Eh8bF5+KVqn+bRXs2zNBV VmdYUdKfEFUeOG3QemTB4k/+9GdbyWeBbRoZvOyn3yR2WS4HcK56S1oAh+PdguLM uAfME9voeJwYVKC18FsVMOzIhOYhrtbRHw8g+0G4LyXMas6wtsoyGGZvuWR4Rsjc EOKvejh8vO5waUDTog+MylWIiQNNX/17lpzjt6yYF+W80JzzAQwcEom5aBqbdNEN R6SFj4OJbM+2gC3BaExQV0c2lX2FreFF7xEoqYbPBT1hNmLw8o7C+OSwP5nfHa0M UXtdfMO7lQ== -----END CERTIFICATE-----Generated at Mon Apr 13 11:04:50 2026 by rpki-client