$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096962404895424515/0/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.mft File: 40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.mft (raw, json) Hash identifier: 3WoGa5Yna3Plf1LiDr1K5WHuuuSojhkfb+8RJRI0J4M= Subject key identifier: 82:21:4A:EE:E5:6E:E0:FE:8A:04:93:E8:3E:D3:87:59:DD:2F:6B:5E Authority key identifier: 40:AB:F4:13:CD:33:0E:0A:4D:2B:AE:8F:1E:66:AF:8B:FC:B7:3D:71 Certificate issuer: /CN=40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71 Certificate serial: 02067B28605C6FB7E85D35FE626F10841F148B87 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096962404895424515/0/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.mft Manifest number: 13 Signing time: Mon 27 Apr 2026 17:13:49 +0000 Manifest this update: Mon 27 Apr 2026 17:08:49 +0000 Manifest next update: Tue 28 Apr 2026 19:44:49 +0000 Files and hashes: 1: 3130332e3232302e3234302e302f32332d3233203d3e2034383337.roa (hash: 2wZEG3CS93oCxpOvvSD/xvBdYQ4/YZbs+htsSujp09o=) 2: 34352e3235322e302e302f32322d3232203d3e203234313339.roa (hash: yZ9/bItsZVNimYfZJceoCqR8YKceJZZWWFqQf2xko2Y=) 3: 34352e3235322e302e302f32332d3233203d3e2034383337.roa (hash: Girfmzj3SgStMMY9QQQlekVZITn+b5VccIqS4mZXqQI=) 4: 40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.crl (hash: 3kqx3vJH04xQgV7RCUYbZCz2uEt9OH6gQL3VXC9qyJU=) 5: 34352e3235322e322e302f32332d3233203d3e2034383337.roa (hash: ogJ8b/pu/yvvBpwQjJD7aR2MKAiB2NVSNAKv0EvNExs=) 6: 323430353a393738303a3a2f33322d313238203d3e2030.roa (hash: wsAlE1QEtrkyozdia6LocJwjVZkBAeHQ4PonEVzYZn4=) 7: 3130332e3232302e3234302e302f32322d3232203d3e203234313339.roa (hash: gbVCFJ5R1GJxVqj6VUJKkq23UMSaPAub7AW4a1P+kwc=) 8: 3130332e3232302e3234322e302f32332d3233203d3e2034383337.roa (hash: 3TONmc+B7Q42E5fNjNdLH0s/fvuQxKfU4ddysGsNONE=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096962404895424515/0/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.crl rsync://rpki-rps.cnnic.cn/repo/A1096962404895424515/0/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 11:12:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:06:7b:28:60:5c:6f:b7:e8:5d:35:fe:62:6f:10:84:1f:14:8b:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71 Validity Not Before: Apr 27 17:08:49 2026 GMT Not After : Apr 28 19:44:49 2026 GMT Subject: CN=82214AEEE56EE0FE8A0493E83ED38759DD2F6B5E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:89:83:59:8d:03:24:1e:a0:b0:4d:79:e3:59: b8:61:ce:e9:be:71:41:c7:e8:96:a6:68:b5:aa:d4: 28:f9:e4:66:ac:d6:ec:7b:ca:93:40:2e:5a:56:bc: 02:1a:05:8d:37:fd:cc:dc:42:df:65:05:4d:2d:83: 72:7c:a8:2f:ad:89:68:3e:a6:3f:25:ed:45:2c:c2: 31:c6:eb:fe:ae:21:19:8e:04:4e:a1:c4:e0:1b:b1: d0:a8:9d:33:02:46:2f:6c:40:57:47:05:b7:43:cc: e1:06:ba:41:c9:3f:a3:72:fc:6e:fb:82:b1:13:76: d1:64:9e:5b:09:db:f8:30:c0:76:2d:82:e8:d2:e1: 9f:d3:e8:b9:30:00:ed:64:bb:e9:53:59:95:cb:59: 65:1e:03:9f:3f:64:bb:7e:8a:c0:3b:95:3b:fb:a9: ed:ad:4d:00:57:f7:7e:23:ab:72:40:ee:ec:2c:ad: 25:af:8d:23:2f:ce:b3:93:e9:5e:47:4f:fe:92:4e: 45:08:96:69:dd:d3:11:fb:e3:b4:73:1b:aa:f0:7f: d3:57:30:1a:e5:f8:0b:e1:2b:b2:87:11:79:64:17: 82:53:5f:bf:01:bd:56:e5:5b:47:ad:0e:2f:22:a0: 21:86:d0:63:c5:ee:d3:36:af:84:7a:ac:a9:fd:57: 78:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:21:4A:EE:E5:6E:E0:FE:8A:04:93:E8:3E:D3:87:59:DD:2F:6B:5E X509v3 Authority Key Identifier: keyid:40:AB:F4:13:CD:33:0E:0A:4D:2B:AE:8F:1E:66:AF:8B:FC:B7:3D:71 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096962404895424515/0/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096962404895424515/0/40ABF413CD330E0A4D2BAE8F1E66AF8BFCB73D71.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:97:b2:0f:5f:40:87:58:94:cc:91:40:f4:56:4e:46:01:ca: 6a:f4:4b:d4:0d:9c:57:bb:94:ca:b8:76:8a:9f:88:de:81:43: 3b:70:7d:18:2a:9d:da:a1:5f:17:2b:38:2e:db:08:71:2e:a4: 9e:22:a0:a3:5c:63:23:22:46:ad:41:a1:dd:cb:a1:00:84:30: b3:65:c3:31:3a:78:9c:f2:e4:f4:61:34:c7:6d:fd:2b:87:73: 83:82:7c:18:f4:80:b6:27:2a:8e:1a:d7:0a:3b:40:8d:70:9c: e9:05:d5:ad:37:bd:9f:74:d6:df:1b:78:8f:31:12:01:52:33: c0:b7:f9:a5:96:44:e7:70:26:70:8e:0d:37:a3:fd:48:6a:fc: c5:50:43:c1:9d:bd:87:88:0b:8c:46:0f:1c:cc:18:7d:6a:ed: 01:47:16:6b:bd:a7:06:51:92:e6:a0:6d:a9:da:5e:05:13:93: f8:9f:11:db:f7:c9:9c:53:c3:e3:2a:1a:04:0e:53:e3:2d:da: a4:0e:c4:37:30:eb:01:fb:67:a5:6e:26:c9:93:5e:70:43:1d: cb:7c:3f:43:5c:b4:41:2d:61:7b:6a:99:c5:c5:3d:5b:0d:6a: 7b:cd:a2:4f:e8:ae:d7:e9:b8:fa:41:0c:69:7c:8b:c5:60:ac: 2c:87:59:85 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUAgZ7KGBcb7foXTX+Ym8QhB8Ui4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBBQkY0MTNDRDMzMEUwQTREMkJBRThGMUU2NkFGOEJG Q0I3M0Q3MTAeFw0yNjA0MjcxNzA4NDlaFw0yNjA0MjgxOTQ0NDlaMDMxMTAvBgNV BAMTKDgyMjE0QUVFRTU2RUUwRkU4QTA0OTNFODNFRDM4NzU5REQyRjZCNUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7iYNZjQMkHqCwTXnjWbhhzum+ cUHH6JamaLWq1Cj55Gas1ux7ypNALlpWvAIaBY03/czcQt9lBU0tg3J8qC+tiWg+ pj8l7UUswjHG6/6uIRmOBE6hxOAbsdConTMCRi9sQFdHBbdDzOEGukHJP6Ny/G77 grETdtFknlsJ2/gwwHYtgujS4Z/T6LkwAO1ku+lTWZXLWWUeA58/ZLt+isA7lTv7 qe2tTQBX934jq3JA7uwsrSWvjSMvzrOT6V5HT/6STkUIlmnd0xH747RzG6rwf9NX MBrl+AvhK7KHEXlkF4JTX78BvVblW0etDi8ioCGG0GPF7tM2r4R6rKn9V3izAgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUgiFK7uVu4P6KBJPoPtOHWd0va14wHwYDVR0j BBgwFoAUQKv0E80zDgpNK66PHmavi/y3PXEwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 Njk2MjQwNDg5NTQyNDUxNS8wLzQwQUJGNDEzQ0QzMzBFMEE0RDJCQUU4RjFFNjZB RjhCRkNCNzNENzEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNDBBQkY0MTNDRDMzMEUwQTREMkJBRThGMUU2NkFGOEJGQ0I3M0Q3MS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY5NjI0MDQ4OTU0MjQ1MTUvMC80MEFCRjQxM0NEMzMw RTBBNEQyQkFFOEYxRTY2QUY4QkZDQjczRDcxLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZeyD19Ah1iU zJFA9FZORgHKavRL1A2cV7uUyrh2ip+I3oFDO3B9GCqd2qFfFys4LtsIcS6kniKg o1xjIyJGrUGh3cuhAIQws2XDMTp4nPLk9GE0x239K4dzg4J8GPSAticqjhrXCjtA jXCc6QXVrTe9n3TW3xt4jzESAVIzwLf5pZZE53AmcI4NN6P9SGr8xVBDwZ29h4gL jEYPHMwYfWrtAUcWa72nBlGS5qBtqdpeBROT+J8R2/fJnFPD4yoaBA5T4y3apA7E NzDrAftnpW4myZNecEMdy3w/Q1y0QS1he2qZxcU9Ww1qe82iT+iu1+m4+kEMaXyL xWCsLIdZhQ== -----END CERTIFICATE-----Generated at Mon Apr 27 21:50:19 2026 by rpki-client