$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft File: 3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft (raw, json) Hash identifier: PTnN6k406I8sbaAIcEIlFDXQf82D33NFcf65me8v9HI= Subject key identifier: BB:1A:36:D6:03:19:F3:12:37:B0:83:59:99:D7:86:42:45:6E:A1:59 Authority key identifier: 3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A Certificate issuer: /CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A Certificate serial: 4351AD1CE2333242CBBB6CCE10C2657DD5BC9BD2 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft Manifest number: 67 Signing time: Mon 06 Apr 2026 10:28:56 +0000 Manifest this update: Mon 06 Apr 2026 10:23:56 +0000 Manifest next update: Tue 07 Apr 2026 11:09:56 +0000 Files and hashes: 1: 3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl (hash: r/V8jYzH6eb3gV6A/NMPBG3hhjodFmGBmZtQ4HDe1mE=) 2: 3130332e3232332e3132302e302f32322d3234203d3e20313532333230.roa (hash: QDhDhO+o5EAhmJMJ47IlDxl87DbWK8fpZhIHG6UPABU=) 3: 34352e3235342e32372e302f32342d3234203d3e20313532333230.roa (hash: 8ey7xc7GrXn7mmv3ISFSPmAtts9JOcGCGnrt0IYw5NA=) 4: 34352e3235342e32362e302f32342d3234203d3e20313532333230.roa (hash: zQnT6ObBiJ3XRQBU4LCMwXOfUmhlF2FqQYNCv6Fc46M=) 5: 34352e3235342e32342e302f32342d3234203d3e20313532333230.roa (hash: HRYgKbtmr+OMYx/1qW6f1p5CaBZOf7Km54MLi7qIJYQ=) 6: 34352e3235342e32352e302f32342d3234203d3e20313532333230.roa (hash: qjKwVJnGzyI/LX79Tj4cDa3KV/Elv2yjd5+GDsO75bY=) 7: 3130332e3232332e3132312e302f32342d3234203d3e20313532333230.roa (hash: wzRfwIBhTwNZEHuoPqB4pgLkBoUBXIsG3gE0j7DP/GE=) 8: 3130332e3232332e3132332e302f32342d3234203d3e20313532333230.roa (hash: BpauxASw+QwtCt0D3PSjlF+wZywrzS5unEAJDnk9hrM=) 9: 34352e3235342e32342e302f32322d3234203d3e20313532333230.roa (hash: /jlOtfFFIhy/vioYOPrruZVnaBj+JGwUse/ni91LtIM=) 10: 3130332e3232332e3132322e302f32342d3234203d3e20313532333230.roa (hash: ENw2cTESVh99EP8BLMv1kqoTtl4yUiDM0XZMs1ujX6o=) 11: 3130332e3232332e3132302e302f32342d3234203d3e20313532333230.roa (hash: 5HY0Ue/vWpU1LvYH7L0XmoUxw5TaIDzLdoP5LOndIDk=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 Apr 2026 06:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:51:ad:1c:e2:33:32:42:cb:bb:6c:ce:10:c2:65:7d:d5:bc:9b:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A Validity Not Before: Apr 6 10:23:56 2026 GMT Not After : Apr 7 11:09:56 2026 GMT Subject: CN=BB1A36D60319F31237B0835999D78642456EA159 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:1a:43:ad:09:40:7c:48:99:c6:7f:fa:da:55: 85:76:e6:58:e6:1c:a6:03:f8:68:3f:6b:f2:9f:84: 28:8c:e3:3e:12:a8:95:b1:c1:fe:84:99:26:3f:ce: db:79:83:7c:78:58:c6:37:d8:e2:bc:8e:5b:5c:12: 2e:8a:b7:0a:91:64:1d:bb:73:da:6e:e0:73:f8:7f: 02:1e:90:93:86:ab:14:2a:ab:51:27:8b:e0:fb:65: d4:38:53:e2:cd:22:12:e0:0f:d6:fb:41:47:1c:30: 5d:38:33:48:db:e3:80:36:cb:75:24:71:29:a3:fb: 6b:c4:1a:25:c0:c2:b6:66:b7:26:a7:12:16:36:13: ab:b9:fe:15:4a:cc:65:88:ae:94:b1:32:10:a5:f0: 95:a6:e7:29:d1:bf:74:6c:35:2a:a2:c1:f3:e0:7b: 12:ae:f9:67:28:fd:86:29:33:c9:ce:2d:fa:2d:1a: 2b:2d:86:a5:1f:aa:ba:48:b3:1a:12:4f:94:95:e1: da:bd:3d:8b:c1:09:a1:96:6f:5c:ec:55:2f:ea:d8: d6:f0:56:60:dd:3f:d1:29:d4:82:9f:72:70:f1:2f: 9c:49:e2:14:5b:b2:cc:a7:ca:81:77:60:15:0d:9c: e4:da:6e:e3:81:bc:04:c3:71:16:c9:7b:fb:f4:78: 8f:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:1A:36:D6:03:19:F3:12:37:B0:83:59:99:D7:86:42:45:6E:A1:59 X509v3 Authority Key Identifier: keyid:3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:ab:52:97:9b:57:3e:32:5c:e5:55:07:c6:e7:a9:7b:e7:1d: 04:95:d2:39:23:80:8c:e0:46:fa:e8:9a:12:dc:37:92:1d:aa: cd:24:5d:65:f8:65:6c:0a:0f:3d:90:fc:33:4e:f1:63:0d:15: 7d:54:38:24:fc:b6:43:4d:4f:2d:89:0c:22:94:3a:ae:26:d2: 6b:27:c5:25:65:32:b0:60:22:78:f7:20:0e:34:19:cc:54:1a: 2c:d3:26:84:76:88:6f:24:e5:e6:6a:6d:79:eb:eb:88:53:e3: 29:90:03:a6:25:2d:64:d1:da:9b:b0:e2:16:2f:ae:62:d3:61: e6:d4:a2:36:63:4b:6e:1c:37:1d:1a:1b:fc:2d:dc:85:81:08: 33:3b:0a:8b:0a:10:7b:68:c4:1a:89:6f:d0:3c:6f:f8:d9:ac: b1:90:ee:18:fd:7b:00:22:7b:eb:98:43:b7:51:a9:fc:32:77: 52:23:57:63:c1:7d:e6:16:d7:ea:22:a8:f9:0b:b5:8a:8a:0e: 93:c6:45:87:94:d2:2d:c8:81:5a:5c:2d:83:14:56:60:c0:7e: 0f:e8:ab:0e:aa:be:d6:f6:b1:a4:63:22:47:f6:04:4b:ca:e7: fa:09:fe:cc:41:aa:3a:a0:06:bb:7a:ce:ba:97:91:0c:bb:c3: 4c:95:65:92 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUQ1GtHOIzMkLLu2zOEMJlfdW8m9IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2 QTgwN0EwQTAeFw0yNjA0MDYxMDIzNTZaFw0yNjA0MDcxMTA5NTZaMDMxMTAvBgNV BAMTKEJCMUEzNkQ2MDMxOUYzMTIzN0IwODM1OTk5RDc4NjQyNDU2RUExNTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKGkOtCUB8SJnGf/raVYV25ljm HKYD+Gg/a/KfhCiM4z4SqJWxwf6EmSY/ztt5g3x4WMY32OK8jltcEi6KtwqRZB27 c9pu4HP4fwIekJOGqxQqq1Eni+D7ZdQ4U+LNIhLgD9b7QUccMF04M0jb44A2y3Uk cSmj+2vEGiXAwrZmtyanEhY2E6u5/hVKzGWIrpSxMhCl8JWm5ynRv3RsNSqiwfPg exKu+Wco/YYpM8nOLfotGisthqUfqrpIsxoST5SV4dq9PYvBCaGWb1zsVS/q2Nbw VmDdP9Ep1IKfcnDxL5xJ4hRbssynyoF3YBUNnOTabuOBvATDcRbJe/v0eI8PAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUuxo21gMZ8xI3sINZmdeGQkVuoVkwHwYDVR0j BBgwFoAUPcMjidjrALsxxqlbNK/IV2qAegowDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4ODU1MzEyOTg1MjkzMS8wLzNEQzMyMzg5RDhFQjAwQkIzMUM2QTk1QjM0QUZD ODU3NkE4MDdBMEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2QTgwN0EwQS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODg1NTMxMjk4NTI5MzEvMC8zREMzMjM4OUQ4RUIw MEJCMzFDNkE5NUIzNEFGQzg1NzZBODA3QTBBLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUqtSl5tXPjJc 5VUHxuepe+cdBJXSOSOAjOBG+uiaEtw3kh2qzSRdZfhlbAoPPZD8M07xYw0VfVQ4 JPy2Q01PLYkMIpQ6ribSayfFJWUysGAiePcgDjQZzFQaLNMmhHaIbyTl5mpteevr iFPjKZADpiUtZNHam7DiFi+uYtNh5tSiNmNLbhw3HRob/C3chYEIMzsKiwoQe2jE Golv0Dxv+NmssZDuGP17ACJ765hDt1Gp/DJ3UiNXY8F95hbX6iKo+Qu1iooOk8ZF h5TSLciBWlwtgxRWYMB+D+irDqq+1vaxpGMiR/YES8rn+gn+zEGqOqAGu3rOupeR DLvDTJVlkg== -----END CERTIFICATE-----Generated at Mon Apr 6 14:02:55 2026 by rpki-client