$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft File: kZiaAq0NE2kvy29vluo2LX3c-ks.mft (raw, json) Hash identifier: 5C+TpAN4W5LBHFNT5WVyKtUB3blZPfQ7Kf/k/6uUh88= Subject key identifier: 21:A1:AD:F1:7D:D3:07:4C:32:3E:47:4C:AF:59:99:72:A1:39:C0:C3 Authority key identifier: 91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B Certificate issuer: /CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B Certificate serial: 98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft Manifest number: 96 Signing time: Tue 03 Mar 2026 14:58:25 +0000 Manifest this update: Tue 03 Mar 2026 14:58:25 +0000 Manifest next update: Tue 03 Mar 2026 20:58:25 +0000 Files and hashes: 1: kZiaAq0NE2kvy29vluo2LX3c-ks.crl (hash: RR0s02qrqicmrxxF3SF2JKMI/SOHHsGUuc2KNNfAHDA=) 2: r4ApDfaFdlnKaS2-FwXztqp4xcw.roa (hash: u0nhu3X/tvvx1t+8HCJa+r5wOjhNwq5HLFn3Gp4fR0c=) 3: yby75Yhz2kAq1cMvZ1uHmR3qXZo.roa (hash: OElGPcvv7JxSRuJ4J/Exx2xKwqcIQ/jbMHPNKhzIwvs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 03 Mar 2026 20:58:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 152 (0x98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B Validity Not Before: Mar 3 14:58:25 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=21A1ADF17DD3074C323E474CAF599972A139C0C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:57:0b:e0:88:c7:51:0b:07:c3:e7:48:25:9c: a3:d6:e2:60:a4:b8:c5:46:61:30:bb:b9:55:07:39: 3a:77:86:c3:38:9f:6a:c7:2f:63:d2:c6:04:ca:d0: 62:1d:4a:40:41:f2:1a:3e:e6:a8:ce:61:07:bc:ec: 2c:c4:0d:e5:43:6d:4a:7e:62:1c:72:de:e4:96:7f: c8:e3:37:9f:39:fd:6f:cd:27:bb:46:9e:75:15:51: e6:71:66:ce:3f:38:47:be:e9:81:bf:ad:1f:6f:12: 03:90:69:28:53:12:44:38:e8:26:dc:40:fd:93:7d: 91:92:37:7c:c4:79:a1:8b:58:e7:ba:2c:4a:35:e9: 34:be:51:6c:ff:6c:30:42:f2:a8:bb:6d:c4:c8:57: 5d:b8:50:01:6a:5c:be:96:5d:a9:94:2f:14:c7:5d: 1d:aa:d0:c1:dd:98:dd:a1:6a:2c:37:3e:63:b5:be: 4a:f9:1e:77:05:8f:a0:71:5f:d3:fe:73:df:d2:84: a4:cc:e1:62:d7:45:73:f3:fc:f3:6d:08:a8:37:43: 3d:40:74:48:f7:dc:bf:06:61:56:b3:ea:e4:10:2c: 25:5e:23:34:a5:69:a3:98:9e:22:5e:be:e5:08:6b: e7:09:38:dc:bb:be:93:0e:17:e5:78:0d:4c:67:3a: 9b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A1:AD:F1:7D:D3:07:4C:32:3E:47:4C:AF:59:99:72:A1:39:C0:C3 X509v3 Authority Key Identifier: keyid:91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:60:6a:b6:f0:60:c0:e8:4e:5c:8d:76:39:19:89:d0:0d:12: f9:0a:4e:5a:cb:89:d6:44:d1:a2:eb:a0:c3:99:d5:54:37:81: 5e:1e:ad:a6:de:24:a1:09:b2:62:ed:f2:4a:04:87:7a:b2:58: 06:cb:e3:40:3f:da:d4:1a:5f:dc:52:26:3d:e4:8a:08:85:f8: 51:5d:0f:05:6a:fb:c8:0f:77:9f:86:b5:05:b2:75:59:2a:d9: a4:6a:66:c7:45:7d:90:be:b2:cb:1a:92:47:4f:79:e4:40:68: b2:de:c4:3d:48:56:0f:51:66:ca:a7:16:82:68:e2:84:f8:a4: 86:4d:99:a4:5d:d7:ef:33:e7:c1:ee:21:84:b1:51:0f:f7:65: 4d:8e:c4:b7:d3:4b:e6:c5:fc:60:a1:b2:38:44:d0:28:36:d0: 87:24:43:b3:98:44:99:70:03:01:f8:35:05:ba:8e:78:f1:42: 92:59:42:cd:c8:a2:c6:49:a8:cb:ea:49:bc:eb:5d:0c:c1:7b: ac:37:83:9a:a1:6b:ac:cd:85:8f:c6:97:60:15:b0:d1:a9:54: 49:af:f8:d8:38:bd:06:3f:36:e3:dc:94:15:fa:27:5d:00:9c: 16:d1:66:76:d3:aa:27:ca:31:36:52:95:c0:49:71:c8:67:ec: ef:49:80:54 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTE5 ODlBMDJBRDBEMTM2OTJGQ0I2RjZGOTZFQTM2MkQ3RERDRkE0QjAeFw0yNjAzMDMx NDU4MjVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDIxQTFBREYxN0REMzA3 NEMzMjNFNDc0Q0FGNTk5OTcyQTEzOUMwQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTVwvgiMdRCwfD50glnKPW4mCkuMVGYTC7uVUHOTp3hsM4n2rH L2PSxgTK0GIdSkBB8ho+5qjOYQe87CzEDeVDbUp+Yhxy3uSWf8jjN585/W/NJ7tG nnUVUeZxZs4/OEe+6YG/rR9vEgOQaShTEkQ46CbcQP2TfZGSN3zEeaGLWOe6LEo1 6TS+UWz/bDBC8qi7bcTIV124UAFqXL6WXamULxTHXR2q0MHdmN2haiw3PmO1vkr5 HncFj6BxX9P+c9/ShKTM4WLXRXPz/PNtCKg3Qz1AdEj33L8GYVaz6uQQLCVeIzSl aaOYniJevuUIa+cJONy7vpMOF+V4DUxnOpsTAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUIaGt8X3TB0wyPkdMr1mZcqE5wMMwHwYDVR0jBBgwFoAUkZiaAq0NE2kvy29v luo2LX3c+kswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz OS9rWmlhQXEwTkUya3Z5Mjl2bHVvMkxYM2Mta3MuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2taaWFBcTBORTJrdnkyOXZsdW8yTFgzYy1rcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzkva1ppYUFxME5FMmt2 eTI5dmx1bzJMWDNjLWtzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAxgarbwYMDoTlyNdjkZidANEvkKTlrLidZE0aLroMOZ1VQ3gV4erabeJKEJ smLt8koEh3qyWAbL40A/2tQaX9xSJj3kigiF+FFdDwVq+8gPd5+GtQWydVkq2aRq ZsdFfZC+sssakkdPeeRAaLLexD1IVg9RZsqnFoJo4oT4pIZNmaRd1+8z58HuIYSx UQ/3ZU2OxLfTS+bF/GChsjhE0Cg20IckQ7OYRJlwAwH4NQW6jnjxQpJZQs3IosZJ qMvqSbzrXQzBe6w3g5qha6zNhY/Gl2AVsNGpVEmv+Ng4vQY/NuPclBX6J10AnBbR ZnbTqifKMTZSlcBJcchn7O9JgFQ= -----END CERTIFICATE-----Generated at Tue Mar 3 16:52:18 2026 by rpki-client