$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft File: 8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft (raw, json) Hash identifier: r9+KLE47UKyR4k481Ug+4pZZeWVObshkaLuPz6bdl48= Subject key identifier: 25:C6:40:B1:E5:82:3C:56:ED:25:EE:57:56:8C:A0:C0:AB:F1:E5:57 Authority key identifier: 8B:D8:35:B2:E2:15:D6:86:F2:4F:B3:1A:8A:EC:EE:E4:4F:BD:BD:C8 Certificate issuer: /CN=8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8 Certificate serial: 02157D32BFB986931147F0C87DF3A002E4433EBA Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft Manifest number: 45 Signing time: Wed 11 Mar 2026 13:58:38 +0000 Manifest this update: Wed 11 Mar 2026 13:53:38 +0000 Manifest next update: Thu 12 Mar 2026 16:22:38 +0000 Files and hashes: 1: 3136312e3234382e38342e302f32332d3234203d3e20323134343332.roa (hash: mlTgfa8G8bpPl2rXhrQPOT+Ph5gV0rocuvelVPbWKdk=) 2: 8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.crl (hash: Lz7dcz4F+ovy32d1mWkWIFneIOXKseHwvI0R2iYzl5M=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.crl rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/CB0214A5C404D6F840433B120CACBB5B8C59E613.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ywIUpcQE1vhAQzsSDKy7W4xZ5hM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Mar 2026 16:22:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:15:7d:32:bf:b9:86:93:11:47:f0:c8:7d:f3:a0:02:e4:43:3e:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8 Validity Not Before: Mar 11 13:53:38 2026 GMT Not After : Mar 12 16:22:38 2026 GMT Subject: CN=25C640B1E5823C56ED25EE57568CA0C0ABF1E557 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d1:9f:a0:6b:ba:cc:6f:cd:b2:19:10:64:a1: 64:26:ce:c4:f6:fa:48:86:19:28:d0:46:77:27:37: b5:80:ae:1a:4f:51:e8:e8:ea:54:f4:6a:42:d2:27: 92:48:57:5c:40:67:ea:b6:46:61:7b:2e:d5:1d:b1: 1e:ce:d7:55:e4:1e:59:55:54:5a:cc:dd:7a:d3:04: 24:d1:f5:c7:04:3b:73:1b:ff:94:7e:3a:8d:bb:ad: af:8d:7f:d6:6b:88:3d:7b:6d:68:f3:a1:ce:da:e5: de:5e:fa:da:5a:80:d5:82:cb:2c:fe:5e:fa:fd:d3: 31:33:f9:9a:99:0e:46:2d:88:62:58:cd:b4:ea:5f: 87:05:3f:50:15:3a:ff:7b:58:de:fe:ce:cb:ed:c2: 85:ad:5a:f4:ca:bd:6d:46:a6:d0:a7:ee:7e:78:0e: 27:bb:30:37:f5:1b:98:1c:13:3e:75:f8:73:ea:19: 40:5e:a3:be:85:aa:a3:6d:a4:c0:81:74:76:bc:5c: 88:05:9e:90:b1:c2:b5:59:53:24:30:a2:64:25:2e: 48:cd:50:3f:be:10:eb:28:08:0e:93:10:69:13:2f: 0b:e8:0a:19:98:13:bd:19:f5:57:3d:e1:2f:8c:12: 4e:46:dc:44:71:be:e7:0d:82:c7:de:23:e9:e1:f6: 0a:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:C6:40:B1:E5:82:3C:56:ED:25:EE:57:56:8C:A0:C0:AB:F1:E5:57 X509v3 Authority Key Identifier: keyid:8B:D8:35:B2:E2:15:D6:86:F2:4F:B3:1A:8A:EC:EE:E4:4F:BD:BD:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/0/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585911217586179/1/8BD835B2E215D686F24FB31A8AECEEE44FBDBDC8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:d8:49:c9:3e:7d:d4:ba:00:bd:c8:f1:a8:04:01:27:24:da: a8:38:ba:91:60:21:07:92:a8:5c:66:fe:e3:57:13:6a:51:dc: 85:72:08:73:af:95:e5:09:05:60:9f:25:a0:5b:80:f1:d6:c1: 0b:e3:be:c4:9e:24:41:73:01:87:99:e1:70:05:ab:70:fe:7d: 20:29:89:14:d1:96:a4:fb:76:2c:45:c5:47:0b:35:73:69:54: e3:da:c3:7c:26:61:c0:c7:9b:d2:aa:cd:b3:cb:cc:f8:96:93: 40:a1:f0:dc:d7:0a:47:f3:6b:a1:e5:f1:f8:b9:4c:92:12:7f: 61:07:2a:48:ed:12:8c:58:0a:0b:de:6a:cf:2d:04:37:a4:3c: 19:30:99:68:de:84:f7:58:18:41:1a:1d:52:40:bb:2d:27:1f: df:a6:9e:3c:01:97:7a:98:0b:fd:7c:b7:ec:0f:9a:da:76:31: c6:f9:bd:a8:c3:d5:6c:72:6a:58:1e:8d:5b:c4:c8:d5:0a:f9: 5b:d7:f9:47:2d:7e:5e:b1:d4:2b:b8:a4:de:4a:2c:d4:76:a8: 5e:07:7b:c4:f8:86:73:a4:b8:53:d0:63:84:ac:cf:da:01:e8: 70:37:02:19:f6:d8:9d:73:39:ea:1e:71:e6:5e:e0:ef:b0:d4: ef:19:18:d2 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUAhV9Mr+5hpMRR/DIffOgAuRDProwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJEODM1QjJFMjE1RDY4NkYyNEZCMzFBOEFFQ0VFRTQ0 RkJEQkRDODAeFw0yNjAzMTExMzUzMzhaFw0yNjAzMTIxNjIyMzhaMDMxMTAvBgNV BAMTKDI1QzY0MEIxRTU4MjNDNTZFRDI1RUU1NzU2OENBMEMwQUJGMUU1NTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL0Z+ga7rMb82yGRBkoWQmzsT2 +kiGGSjQRncnN7WArhpPUejo6lT0akLSJ5JIV1xAZ+q2RmF7LtUdsR7O11XkHllV VFrM3XrTBCTR9ccEO3Mb/5R+Oo27ra+Nf9ZriD17bWjzoc7a5d5e+tpagNWCyyz+ Xvr90zEz+ZqZDkYtiGJYzbTqX4cFP1AVOv97WN7+zsvtwoWtWvTKvW1GptCn7n54 Die7MDf1G5gcEz51+HPqGUBeo76FqqNtpMCBdHa8XIgFnpCxwrVZUyQwomQlLkjN UD++EOsoCA6TEGkTLwvoChmYE70Z9Vc94S+MEk5G3ERxvucNgsfeI+nh9gqTAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUJcZAseWCPFbtJe5XVoygwKvx5VcwHwYDVR0j BBgwFoAUi9g1suIV1obyT7Maiuzu5E+9vcgwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4NTkxMTIxNzU4NjE3OS8xLzhCRDgzNUIyRTIxNUQ2ODZGMjRGQjMxQThBRUNF RUU0NEZCREJEQzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzAvOEJEODM1QjJFMjE1RDY4NkYyNEZCMzFBOEFFQ0VFRTQ0RkJEQkRDOC5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODU5MTEyMTc1ODYxNzkvMS84QkQ4MzVCMkUyMTVE Njg2RjI0RkIzMUE4QUVDRUVFNDRGQkRCREM4Lm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjNhJyT591LoA vcjxqAQBJyTaqDi6kWAhB5KoXGb+41cTalHchXIIc6+V5QkFYJ8loFuA8dbBC+O+ xJ4kQXMBh5nhcAWrcP59ICmJFNGWpPt2LEXFRws1c2lU49rDfCZhwMeb0qrNs8vM +JaTQKHw3NcKR/NroeXx+LlMkhJ/YQcqSO0SjFgKC95qzy0EN6Q8GTCZaN6E91gY QRodUkC7LScf36aePAGXepgL/Xy37A+a2nYxxvm9qMPVbHJqWB6NW8TI1Qr5W9f5 Ry1+XrHUK7ik3kos1HaoXgd7xPiGc6S4U9BjhKzP2gHocDcCGfbYnXM56h5x5l7g 77DU7xkY0g== -----END CERTIFICATE-----Generated at Thu Mar 12 09:33:28 2026 by rpki-client