$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft File: 1xHsDTeBWKRHb-bqfXClSpUZWhE.mft (raw, json) Hash identifier: ZxP1IyFpnWlwn8Oa1+42G0rGFiFEpy9bxsG2fQ7jru4= Subject key identifier: DE:FE:8D:12:0E:20:39:ED:ED:40:36:20:CD:C7:B9:A6:CB:AC:2E:D1 Authority key identifier: D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 Certificate issuer: /CN=A9162E3D0000/serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Certificate serial: 4646 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft Manifest number: 42D9 Signing time: Thu 12 Mar 2026 05:29:56 +0000 Manifest this update: Thu 12 Mar 2026 05:29:56 +0000 Manifest next update: Thu 12 Mar 2026 11:29:56 +0000 Files and hashes: 1: -b4zQsn-jbYuLzt5mzMMzeP-DAQ.cer (hash: qqJN6EstBrqERAplom66mUE9DGbAuTclkJ87ybC6mC8=) 2: 1xHsDTeBWKRHb-bqfXClSpUZWhE.crl (hash: 2YS+yfyNn9Bh9Syf63lrY328SCu72CP2GU7eSJEWzXI=) 3: 3MTV8l8-ospnw9i-tmvzCTPlkWo.cer (hash: VCGfPoguABHFiqPVRp0pf1opkoPcXBjuK1WM5IwMeWA=) 4: 5rGE-nKUtniPAEZzeWmhCOpgUCA.cer (hash: tkLfrKuH6zQFBr9x2vPW7ifqd7n0IpjC/e6wAJcLNr4=) 5: DaRKsNbqVGCDBJv5aVWb57PGQuo.cer (hash: lKZ3wHIhCZTpluZrz8ZfEouAwN7wbKy16p3eCdGjsu8=) 6: FhnJhngKE_OA_kXtwo70yEKISEM.cer (hash: a2VwiLKFZzzkbaIMthHedvKtUla8QTcMsHtsZ/1rgTA=) 7: Fwt8oG9XNbekD5f_H1O64TNIqT4.cer (hash: gF+YwrYPYXJhj7RMGgMaQ82sXNvBiG1FxU9UmuNSOW4=) 8: IdyHWWXCumHR2su0je4UBVSqWu8.cer (hash: oLq0T6MF7f+caBZdw2oxBBJ9D2sZiEEEtz7Uvams3cQ=) 9: Iq75clj2o_y0l84acaepGCjcIzk.cer (hash: RvhJKwGVsOX7bfae8EtOJ1lVS4xjFCJEh5CuQhCndSU=) 10: LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer (hash: NkY3wYHlV+8KEaroBvUpQkWhRHnn333apa6A0QoRbrQ=) 11: LLI3q-GmanVdqVRXlfHdIp8OAxE.cer (hash: Mdcx9QOkD0s5RBqLSgrzs3he4zCblt5vd03eymSy5es=) 12: PCDtT5rXgpNWMjM6hYTw4iScTPk.cer (hash: yEMn3i6Io0zNT7gaUvJcacwU88zCdY6Bdk6iBQpj/rs=) 13: Q-b9qw8VDunEPPWiu3ZYin5fhQI.cer (hash: xhHDI/kqL+gTPkJZbn6O7MjsUVbj0ti3j60/cV8UoKg=) 14: Q6p_IBMx1xCj8Ggivk1HKlIH6wk.cer (hash: zNrAQi4VX4uuBJC5GfYUXJHW4I8fKXaYZUX3Pa8s23w=) 15: SDpcowAnNHpa4z2hON29f-JOR5s.cer (hash: fOxLR27ZWQ4WVvlkeaoZDYGJmoHPoo/D0jLFWN3tpxY=) 16: TPCRRt5gTA5ELVbGj8hsxQQArSE.cer (hash: 9JPPFLhSs33Bd9lq443GaMTFlgY91wPcIU4Geo5bnlI=) 17: TnhsicjML72c4lQNmb4SziD2uLM.cer (hash: fJjxnHCpx2nf02kYzDvto1U1oMwrhKj/DI7awyXi1IE=) 18: U4_HWfrs-Y7XUQyPLm3ppxj43M4.cer (hash: y9KzXBM3zx4a4eoD8X3crGlkKtoaQuly6UFX0QGvwpA=) 19: YSzbncPTddppVnrclwg281suC-I.cer (hash: ctkiW5I1pJgCZU/dQ+5PUCKI/rPgNZqRD53xMKJN9Vo=) 20: Ysy6AvE2hIoXK-fle_1ZizFDbUw.cer (hash: E/cE4Na6cI1RCrX2J8gwW5tELvWvVuWtYFHe0FLueGY=) 21: Z5s7AaSAYgILoKDBi8fdDt4cu9I.cer (hash: +rmCRivmMn3aLJqOyE9Qv+tNQsS3HxCMMCdE1fa/FV0=) 22: Z7bHlviRA1kP8cyQcd_kwN84_U0.cer (hash: p7/N69cNiGeLuiQXB8crCHSGoriobv+r8P/lD4Np01o=) 23: ZnamZCpPYBa8Bx32JrK-vLQ7Xs8.cer (hash: vJQxVbx4nXAEs6g2x9ooyQ2m8oGnoHCS3+VXHeg7hGk=) 24: _63I3WE2bNhNmVIbY4OA6LUC5uQ.cer (hash: z+GVqfYy7I3R7h4De5MmDsfzqk5ILF/gqVAyBmqsBEE=) 25: _TQehBwYN3f4-R30_NoLue-gYb8.cer (hash: IkV5aGX10BRG1GQcEp+hEDW+zv7oiJ5WEHRwJT57YNg=) 26: bMukxhA3mRD8FzJKB0sOAEAkeDM.cer (hash: hgyEk7p+2uka+8Dh/oD63YEHQUIQKXKINZ23ZTKtGuM=) 27: cROxlpJLKFBkXlV_4f_EwNArHRk.cer (hash: w1sp85DgKoH5FkFAiTzS6UJrRjyweoeHQP5JGjjh7/A=) 28: ewmQZr0q8jQpPIeRezOxq4YZcO8.cer (hash: CNXeIfDztGd1pWXAaZegh5JU70HVvW6HWZBFNJIFzuA=) 29: kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer (hash: y6Zsoy+RPiiXnOyyv4FeE4WNdZl/iPLN0mdbFXSMWoM=) 30: kyJKXF8ZT3ppLYvrg_4sgV33P6E.cer (hash: c/VhNpy/FSkLnWKeTuKiHqklv4fX3sVM6QsyhcXl86Y=) 31: nSBaudzcoWJFoGiYBZEB_JB9yyE.cer (hash: g8J+UlfVMFkaVVI87ZTsJaM7yNPmXH+jUE26CahNLmE=) 32: qaFpos8CL7oK84PKmXtFZP7V-Js.cer (hash: JowGsi42scnLPteNex3bQ2bXOTOPsvvBWT+vHkFWinE=) 33: th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer (hash: FLULIea45w6PIZEZmbVTDappg5OI8ATL48qtzTx13NI=) 34: wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer (hash: a15GongcJFUHHFfjO51nN1dPZpj63TPycQ9eomoY9/U=) 35: zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer (hash: iT/PX6Riwc5fBt/KpFuaqzCt7khHuY0Z6GWr3eBmH24=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Mar 2026 11:29:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17990 (0x4646) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9162E3D0000, serialNumber=D711EC0D378158A4476FE6EA7D70A54A95195A11 Validity Not Before: Mar 12 05:29:56 2026 GMT Not After : Sep 30 00:00:00 2027 GMT Subject: CN=DEFE8D120E2039EDED403620CDC7B9A6CBAC2ED1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:75:b5:cb:94:9f:20:dc:c4:96:62:1b:07:cc: a6:69:4e:5a:dc:27:40:69:45:24:b7:4e:76:7f:60: 38:ab:56:3d:19:a4:72:8c:8b:c1:c9:00:90:6c:aa: d2:db:e9:21:3d:6c:77:8a:94:43:6a:d7:ab:34:59: 46:77:45:55:8d:2b:9f:88:ba:f3:49:c7:03:28:a7: f0:3e:64:74:65:0e:7e:40:45:87:a5:09:1a:60:39: 6f:ad:f5:0a:fa:80:e8:56:9a:02:b9:b3:13:0d:19: 61:9a:af:4a:09:40:98:ce:66:c9:0e:0b:9f:e6:60: 2c:aa:af:c0:ca:77:0e:21:1b:c5:38:e0:78:ee:c2: 58:51:45:f8:7f:59:43:74:e3:82:ac:de:50:55:53: aa:13:a7:6e:22:53:25:a3:5b:d2:c6:24:cb:07:24: 07:27:8f:1f:d4:72:fe:bc:f7:4e:05:ed:a9:9d:7b: ac:df:8a:5b:34:94:2f:2c:84:ee:15:59:d2:13:4e: cf:d3:cc:ce:f6:e4:44:ad:22:79:81:64:90:f4:c1: 72:b0:1a:06:2a:bc:8a:e5:03:1c:01:07:b9:36:c6: 9f:9d:75:6a:ab:66:77:71:cf:e9:da:89:83:c2:7c: 1c:24:3c:37:a6:53:4b:36:1d:83:79:2a:87:fc:4a: 70:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:FE:8D:12:0E:20:39:ED:ED:40:36:20:CD:C7:B9:A6:CB:AC:2E:D1 X509v3 Authority Key Identifier: keyid:D7:11:EC:0D:37:81:58:A4:47:6F:E6:EA:7D:70:A5:4A:95:19:5A:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:3c:85:43:7b:8b:3f:85:b6:29:97:b6:85:eb:5e:e2:a5:51: 30:5a:a1:02:e8:f0:c1:da:3b:fd:eb:a2:b5:83:db:63:c7:26: 95:58:a6:04:2f:e6:00:b6:1c:f9:fb:f1:6e:c2:6b:76:1b:41: f4:19:b9:93:5f:fd:98:57:2b:be:90:90:f9:e0:55:54:b0:39: 25:8f:8f:c7:aa:18:b9:fb:0d:fe:96:a5:c3:65:f6:b1:9d:26: 6e:75:cb:98:b2:c9:69:3a:27:03:b8:52:12:1e:de:5d:5f:d8: dd:45:9f:85:87:bf:c4:2f:33:f2:8e:c7:9b:b9:10:97:de:3b: d7:8f:10:b7:18:ae:76:b4:a6:a0:62:89:f3:31:eb:1d:b8:d8: 8e:17:cf:7f:53:16:da:a9:6a:a8:11:57:c8:fc:fc:77:d7:b8: ca:02:d6:c4:c1:cf:4b:9b:d9:77:29:1e:9f:30:87:d4:78:9f: 5f:ad:26:f0:14:a3:71:c2:5e:f9:65:97:1c:23:f6:04:c4:e7: 7e:4a:83:03:8d:68:94:48:52:0e:1a:3a:b2:e7:a3:d2:d1:5f: 17:4e:b3:01:8a:c3:22:2b:62:b6:76:2e:fc:bb:a3:af:f4:e1: 75:93:fa:df:64:6c:4e:91:7a:26:4b:b5:16:98:13:d0:61:6f: f6:83:c1:17 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgICRkYwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx NjJFM0QwMDAwMTEwLwYDVQQFEyhENzExRUMwRDM3ODE1OEE0NDc2RkU2RUE3RDcw QTU0QTk1MTk1QTExMB4XDTI2MDMxMjA1Mjk1NloXDTI3MDkzMDAwMDAwMFowMzEx MC8GA1UEAxMoREVGRThEMTIwRTIwMzlFREVENDAzNjIwQ0RDN0I5QTZDQkFDMkVE MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOh1tcuUnyDcxJZiGwfM pmlOWtwnQGlFJLdOdn9gOKtWPRmkcoyLwckAkGyq0tvpIT1sd4qUQ2rXqzRZRndF VY0rn4i680nHAyin8D5kdGUOfkBFh6UJGmA5b631CvqA6FaaArmzEw0ZYZqvSglA mM5myQ4Ln+ZgLKqvwMp3DiEbxTjgeO7CWFFF+H9ZQ3TjgqzeUFVTqhOnbiJTJaNb 0sYkywckByePH9Ry/rz3TgXtqZ17rN+KWzSULyyE7hVZ0hNOz9PMzvbkRK0ieYFk kPTBcrAaBiq8iuUDHAEHuTbGn511aqtmd3HP6dqJg8J8HCQ8N6ZTSzYdg3kqh/xK cPUCAwEAAaOCAh0wggIZMB0GA1UdDgQWBBTe/o0SDiA57e1ANiDNx7mmy6wu0TAf BgNVHSMEGDAWgBTXEewNN4FYpEdv5up9cKVKlRlaETAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jbm5pYy5j bi9ycGtpL0E5MTYyRTNEMDAwMC8xeEhzRFRlQldLUkhiLWJxZlhDbFNwVVpXaEUu Y3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFw bmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQx RkYyLzF4SHNEVGVCV0tSSGItYnFmWENsU3BVWldoRS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGYBggrBgEFBQcBCwSBizCBiDBTBggrBgEFBQcwC4ZHcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzF4SHNEVGVCV0tSSGItYnFmWENs U3BVWldoRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5jbi9y cmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcB BwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCMPIVD e4s/hbYpl7aF617ipVEwWqEC6PDB2jv966K1g9tjxyaVWKYEL+YAthz5+/Fuwmt2 G0H0GbmTX/2YVyu+kJD54FVUsDklj4/Hqhi5+w3+lqXDZfaxnSZudcuYsslpOicD uFISHt5dX9jdRZ+Fh7/ELzPyjsebuRCX3jvXjxC3GK52tKagYonzMesduNiOF89/ UxbaqWqoEVfI/Px317jKAtbEwc9Lm9l3KR6fMIfUeJ9frSbwFKNxwl75ZZccI/YE xOd+SoMDjWiUSFIOGjqy56PS0V8XTrMBisMiK2K2di78u6Ov9OF1k/rfZGxOkXom S7UWmBPQYW/2g8EX -----END CERTIFICATE-----Generated at Thu Mar 12 09:31:10 2026 by rpki-client