$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft File: 289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft (raw, json) Hash identifier: IbCRitgxnlFRDPw/YA9j2uGtLxzcNVEFTIfqpvy1s00= Subject key identifier: 2E:D1:48:D5:2A:74:5E:4C:5A:64:9B:84:1C:63:59:FC:16:F1:A5:DF Authority key identifier: 28:92:51:F0:DC:A3:FF:6A:CE:10:1E:46:9C:CB:4C:90:6C:B6:0D:6E Certificate issuer: /CN=289251F0DCA3FF6ACE101E469CCB4C906CB60D6E Certificate serial: 4AF9E1B90EE83FC169CDF23C928C266C694217F7 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft Manifest number: 10 Signing time: Mon 27 Apr 2026 09:08:45 +0000 Manifest this update: Mon 27 Apr 2026 09:03:45 +0000 Manifest next update: Tue 28 Apr 2026 11:41:45 +0000 Files and hashes: 1: 289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.crl (hash: sNIG8/cqZPOHcVqx4fcZ0cnk55WViB4HRzkH71hn4kM=) 2: 3230322e3133362e37322e302f32332d3233203d3e2034383437.roa (hash: 0UAAnHGmhpgwD4Y3MO/hfVMnkyeKLb0Kzm5dHFM3DRY=) Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.crl rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 11:12:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:f9:e1:b9:0e:e8:3f:c1:69:cd:f2:3c:92:8c:26:6c:69:42:17:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=289251F0DCA3FF6ACE101E469CCB4C906CB60D6E Validity Not Before: Apr 27 09:03:45 2026 GMT Not After : Apr 28 11:41:45 2026 GMT Subject: CN=2ED148D52A745E4C5A649B841C6359FC16F1A5DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:7a:42:71:c1:e8:75:e5:c8:07:9c:c0:1e:f3: 79:35:27:2a:81:f1:18:d7:f2:8b:88:30:69:80:96: 03:2b:64:22:32:15:b4:11:f6:a0:76:87:82:b8:7c: 02:2e:03:bb:ea:c7:b3:7b:d5:81:95:3f:61:93:77: b9:c2:ce:02:84:8b:25:d4:dd:d7:66:d2:9a:a4:c5: eb:84:86:a9:de:c5:cd:7e:e4:8e:e9:fe:ee:68:b6: 72:a3:13:5a:de:9a:71:e5:7a:f2:21:63:90:28:2d: f7:40:e9:d3:c2:9b:bc:90:35:a5:cf:b7:bf:26:58: 11:9f:e6:68:32:37:cb:e0:ce:b3:15:f9:c3:05:38: 14:02:82:ee:b7:a1:84:5d:b7:83:aa:96:08:44:b0: 0c:84:22:ed:df:4c:f8:d0:bd:5b:39:d4:81:d1:90: 79:61:46:5d:78:11:e6:c8:fa:be:88:84:61:98:95: a2:c4:ef:c7:6c:95:a0:c9:13:c1:d7:e4:08:db:63: 90:d3:ca:02:4a:82:0f:7e:02:10:cc:f3:4c:33:33: 79:95:00:f9:92:b7:d7:e2:79:8b:c7:36:31:5d:d3: bc:ed:44:2b:4b:96:bd:ea:47:73:18:c2:51:e0:84: 3c:18:07:6a:29:85:a6:4c:30:3c:97:52:42:0e:67: 27:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D1:48:D5:2A:74:5E:4C:5A:64:9B:84:1C:63:59:FC:16:F1:A5:DF X509v3 Authority Key Identifier: keyid:28:92:51:F0:DC:A3:FF:6A:CE:10:1E:46:9C:CB:4C:90:6C:B6:0D:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097328917783511042/0/289251F0DCA3FF6ACE101E469CCB4C906CB60D6E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:63:c2:1d:95:80:1e:32:58:21:b3:f9:54:b7:9f:ec:74:23: 4e:15:00:0b:f7:4c:48:ff:cd:80:0e:16:f8:2d:d6:d0:3f:2c: e1:51:6d:3c:6d:db:2a:05:c7:fc:ce:ae:c5:67:18:8e:14:02: 54:1f:f3:c7:0b:a1:b0:3e:f1:96:0b:83:8f:63:65:a9:95:a6: ae:0e:84:05:42:07:d0:22:c5:d3:58:04:e8:cd:7a:de:d2:35: 97:f9:a5:93:7c:25:8b:a3:d8:98:8d:60:9e:27:85:85:4a:95: c5:e8:8e:c5:34:70:01:d6:f8:03:d1:87:1f:86:69:14:72:f7: 19:61:70:9e:10:59:99:85:ca:a1:ff:e7:d5:91:84:d4:4c:d3: 27:f8:5c:22:cb:b4:47:38:01:ba:75:8b:11:4d:d1:22:0a:75: ce:fb:50:09:f6:75:3c:95:bd:a8:11:bc:46:87:55:e2:f3:3e: 31:f7:42:2c:0f:ea:08:a2:eb:66:44:5a:99:83:2c:df:dd:b4: 62:b6:a1:7d:34:21:6d:42:3a:36:fe:75:b8:a2:09:6b:99:38: 45:cc:e8:b4:d2:d7:37:71:1c:20:ea:ea:c6:63:02:55:27:c9: c6:1d:74:5d:a0:ff:84:35:b2:b7:58:05:e7:44:3f:1a:6f:5b: 8c:8c:d9:e9 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUSvnhuQ7oP8FpzfI8kowmbGlCF/cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg5MjUxRjBEQ0EzRkY2QUNFMTAxRTQ2OUNDQjRDOTA2 Q0I2MEQ2RTAeFw0yNjA0MjcwOTAzNDVaFw0yNjA0MjgxMTQxNDVaMDMxMTAvBgNV BAMTKDJFRDE0OEQ1MkE3NDVFNEM1QTY0OUI4NDFDNjM1OUZDMTZGMUE1REYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBekJxweh15cgHnMAe83k1JyqB 8RjX8ouIMGmAlgMrZCIyFbQR9qB2h4K4fAIuA7vqx7N71YGVP2GTd7nCzgKEiyXU 3ddm0pqkxeuEhqnexc1+5I7p/u5otnKjE1remnHlevIhY5AoLfdA6dPCm7yQNaXP t78mWBGf5mgyN8vgzrMV+cMFOBQCgu63oYRdt4OqlghEsAyEIu3fTPjQvVs51IHR kHlhRl14EebI+r6IhGGYlaLE78dslaDJE8HX5AjbY5DTygJKgg9+AhDM80wzM3mV APmSt9fieYvHNjFd07ztRCtLlr3qR3MYwlHghDwYB2ophaZMMDyXUkIOZyf7AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQULtFI1Sp0XkxaZJuEHGNZ/Bbxpd8wHwYDVR0j BBgwFoAUKJJR8Nyj/2rOEB5GnMtMkGy2DW4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NzMyODkxNzc4MzUxMTA0Mi8wLzI4OTI1MUYwRENBM0ZGNkFDRTEwMUU0NjlDQ0I0 QzkwNkNCNjBENkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMjg5MjUxRjBEQ0EzRkY2QUNFMTAxRTQ2OUNDQjRDOTA2Q0I2MEQ2RS5jZXIw fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTczMjg5MTc3ODM1MTEwNDIvMC8yODkyNTFGMERDQTNG RjZBQ0UxMDFFNDY5Q0NCNEM5MDZDQjYwRDZFLm1mdDAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASmPCHZWAHjJY IbP5VLef7HQjThUAC/dMSP/NgA4W+C3W0D8s4VFtPG3bKgXH/M6uxWcYjhQCVB/z xwuhsD7xlguDj2NlqZWmrg6EBUIH0CLF01gE6M163tI1l/mlk3wli6PYmI1gnieF hUqVxeiOxTRwAdb4A9GHH4ZpFHL3GWFwnhBZmYXKof/n1ZGE1EzTJ/hcIsu0RzgB unWLEU3RIgp1zvtQCfZ1PJW9qBG8RodV4vM+MfdCLA/qCKLrZkRamYMs3920Yrah fTQhbUI6Nv51uKIJa5k4RczotNLXN3EcIOrqxmMCVSfJxh10XaD/hDWyt1gF50Q/ Gm9bjIzZ6Q== -----END CERTIFICATE-----Generated at Mon Apr 27 15:09:25 2026 by rpki-client