$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096716299456741377/0/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.mft File: BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.mft (raw, json) Hash identifier: kVmV2EeYZgRV4KAdVkkvxYZFD3fRCTRHZdsVIREYPEc= Subject key identifier: 19:1E:57:54:1C:7A:EB:2D:B4:10:4A:13:24:BA:C7:78:FF:B8:B1:17 Authority key identifier: BF:2C:C5:E7:AE:10:27:E3:3C:52:47:AB:67:FB:D6:96:13:5E:32:B3 Certificate issuer: /CN=BF2CC5E7AE1027E33C5247AB67FBD696135E32B3 Certificate serial: 1990742B5EF4E80B96EF7D310ADBDA186058D22A Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096716299456741377/0/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.mft Manifest number: 12 Signing time: Mon 27 Apr 2026 03:44:05 +0000 Manifest this update: Mon 27 Apr 2026 03:39:05 +0000 Manifest next update: Tue 28 Apr 2026 07:27:05 +0000 Files and hashes: 1: 3130332e3135312e3134382e302f32332d3233203d3e2034383038.roa (hash: FlqyfG9yxugYR7L+XBIV8TN1BCjELPR+chHd21WXr9k=) 2: 3130332e3232332e36382e302f32322d3232203d3e2030.roa (hash: 4xQOioC1mdU6Yv1xuNedR2u5RvEAiHf8+gk7vks3wcs=) 3: 3130332e3232332e37322e302f32322d3232203d3e2030.roa (hash: FqYstaJDjg7tmxEGtum6iSsLgTAPX+rihadYFc4vywQ=) 4: 3130332e3232332e36342e302f32322d3232203d3e2030.roa (hash: rIF3hyIEEl6Mher4Y63kJzfGvu+uKEDr/8wbeQZhnQc=) 5: BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.crl (hash: GW9eF6NlTbGAXoFFkVZFnrd06HWoyQNWFAD4Y6CunIM=) 6: 3130332e3232332e37362e302f32322d3232203d3e2030.roa (hash: lsMCQiUAYT2yLHixyfGmRfrF8XX2XYil8P8ZKQUWZ5w=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096716299456741377/0/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.crl rsync://rpki-rps.cnnic.cn/repo/A1096716299456741377/0/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 07:27:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:90:74:2b:5e:f4:e8:0b:96:ef:7d:31:0a:db:da:18:60:58:d2:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BF2CC5E7AE1027E33C5247AB67FBD696135E32B3 Validity Not Before: Apr 27 03:39:05 2026 GMT Not After : Apr 28 07:27:05 2026 GMT Subject: CN=191E57541C7AEB2DB4104A1324BAC778FFB8B117 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2a:b5:b3:8d:c9:e8:0b:07:f5:8c:6d:fc:71: 05:3a:4b:98:e3:0a:bd:ba:90:70:8e:5d:2d:fa:87: 69:9a:3c:f9:40:2b:c2:f3:ca:27:fb:14:b2:a9:7d: e6:35:86:59:1b:47:69:4f:8f:a6:cc:2a:07:c6:0f: ec:f9:be:de:51:5b:14:ac:6e:9c:a3:88:b4:c9:4c: b9:09:8d:23:fa:bf:0a:a8:b6:8b:3c:f7:85:f7:3b: 6f:a7:75:04:f2:a5:f2:a8:d1:32:86:90:58:f7:e6: 22:a1:f3:d0:ef:ba:97:2e:b7:5c:e0:a7:7b:62:5d: 14:ed:5d:ae:2a:3b:28:c8:53:82:50:fb:c7:73:d5: 68:2d:78:4f:de:c8:e3:fa:69:c7:91:75:a7:a2:fd: 8d:21:4d:4a:26:17:82:1d:e3:c3:93:7c:1b:c5:95: 4b:5c:af:f7:b4:a2:c9:0e:c8:b6:8b:45:8e:38:7c: 5c:64:19:d6:fa:a5:9e:8c:44:ff:fc:f8:6c:2e:21: cd:9e:07:95:04:c0:56:e0:29:d0:54:46:2d:03:78: ce:ec:3a:bd:f7:82:84:23:c6:ae:cc:b8:ba:5e:d4: 31:12:b8:25:9b:b6:4e:6c:cd:9b:8a:6f:6a:25:6b: 6e:0e:b6:d1:7e:53:68:11:f5:71:37:75:0e:50:c4: 15:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:1E:57:54:1C:7A:EB:2D:B4:10:4A:13:24:BA:C7:78:FF:B8:B1:17 X509v3 Authority Key Identifier: keyid:BF:2C:C5:E7:AE:10:27:E3:3C:52:47:AB:67:FB:D6:96:13:5E:32:B3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096716299456741377/0/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096716299456741377/0/BF2CC5E7AE1027E33C5247AB67FBD696135E32B3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:91:a9:25:4c:42:66:f4:78:3a:19:41:70:b3:3f:9c:a4:88: 74:dd:28:71:6f:39:1a:2e:01:2a:87:9d:24:62:69:1a:46:b6: 56:0c:80:50:e4:bc:c0:11:7b:f4:25:a5:6f:7c:dd:2f:b6:bd: 95:7f:02:95:69:90:94:6a:4a:48:da:aa:97:e5:2c:9e:79:9b: 8a:22:29:98:bc:2b:c5:2f:c8:92:57:9a:66:58:55:04:f8:a3: a1:7b:af:58:e3:bc:fc:3c:5b:c1:90:92:6b:2e:e0:50:46:9a: 45:7b:4d:4f:34:1b:8d:00:ec:d2:84:ee:d2:74:e7:e0:d5:55: 7c:c7:15:91:7b:b5:89:3c:cb:63:6a:30:51:4b:be:5e:29:e7: 11:b9:36:42:31:ec:c5:14:a1:34:8a:62:e1:2d:9b:e7:de:c2: 3a:9b:3b:e8:73:64:93:07:20:33:09:29:5d:d3:76:a9:59:a0: eb:4e:ee:ad:b0:bc:c4:4a:eb:8a:9d:90:e1:46:17:81:c3:95: 45:2b:9e:da:23:ba:76:95:d4:77:59:35:ff:ed:80:88:73:d5: b6:d6:86:d9:1c:a0:88:21:21:9a:fa:fc:1e:ad:04:07:02:0f: 2b:92:f8:e5:4f:e2:6a:10:1f:ff:d5:ae:ee:1f:ad:ad:fe:25: 31:b2:ce:36 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUGZB0K1706AuW730xCtvaGGBY0iowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkYyQ0M1RTdBRTEwMjdFMzNDNTI0N0FCNjdGQkQ2OTYx MzVFMzJCMzAeFw0yNjA0MjcwMzM5MDVaFw0yNjA0MjgwNzI3MDVaMDMxMTAvBgNV BAMTKDE5MUU1NzU0MUM3QUVCMkRCNDEwNEExMzI0QkFDNzc4RkZCOEIxMTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpKrWzjcnoCwf1jG38cQU6S5jj Cr26kHCOXS36h2maPPlAK8Lzyif7FLKpfeY1hlkbR2lPj6bMKgfGD+z5vt5RWxSs bpyjiLTJTLkJjSP6vwqotos894X3O2+ndQTypfKo0TKGkFj35iKh89Dvupcut1zg p3tiXRTtXa4qOyjIU4JQ+8dz1WgteE/eyOP6aceRdaei/Y0hTUomF4Id48OTfBvF lUtcr/e0oskOyLaLRY44fFxkGdb6pZ6MRP/8+GwuIc2eB5UEwFbgKdBURi0DeM7s Or33goQjxq7MuLpe1DESuCWbtk5szZuKb2ola24OttF+U2gR9XE3dQ5QxBVjAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUGR5XVBx66y20EEoTJLrHeP+4sRcwHwYDVR0j BBgwFoAUvyzF564QJ+M8UkerZ/vWlhNeMrMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjcxNjI5OTQ1Njc0MTM3Ny8wL0JGMkNDNUU3QUUxMDI3RTMzQzUyNDdBQjY3RkJE Njk2MTM1RTMyQjMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQkYyQ0M1RTdBRTEwMjdFMzNDNTI0N0FCNjdGQkQ2OTYxMzVFMzJCMy5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY3MTYyOTk0NTY3NDEzNzcvMC9CRjJDQzVFN0FFMTAy N0UzM0M1MjQ3QUI2N0ZCRDY5NjEzNUUzMkIzLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp5GpJUxCZvR4 OhlBcLM/nKSIdN0ocW85Gi4BKoedJGJpGka2VgyAUOS8wBF79CWlb3zdL7a9lX8C lWmQlGpKSNqql+UsnnmbiiIpmLwrxS/IkleaZlhVBPijoXuvWOO8/DxbwZCSay7g UEaaRXtNTzQbjQDs0oTu0nTn4NVVfMcVkXu1iTzLY2owUUu+XinnEbk2QjHsxRSh NIpi4S2b597COps76HNkkwcgMwkpXdN2qVmg607urbC8xErrip2Q4UYXgcOVRSue 2iO6dpXUd1k1/+2AiHPVttaG2RygiCEhmvr8Hq0EBwIPK5L45U/iahAf/9Wu7h+t rf4lMbLONg== -----END CERTIFICATE-----Generated at Mon Apr 27 15:29:55 2026 by rpki-client