$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft File: 7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft (raw, json) Hash identifier: bQcG0dO+JOu2dDt1gghVjSxUgGwp6R6+zjiYg9fYJt0= Subject key identifier: 84:B2:46:AC:88:B2:39:A0:6B:33:57:4C:E0:F4:1B:77:81:94:AA:21 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 2073 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft Manifest number: 2041 Signing time: Sat 06 Sep 2025 12:06:38 +0000 Manifest this update: Sat 06 Sep 2025 12:06:38 +0000 Manifest next update: Sat 06 Sep 2025 18:06:38 +0000 Files and hashes: 1: 7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl (hash: nBQkZeUJ58/rkMyhSygr4s+lC/FWYxR4W5Elpxu+Fuk=) 2: NUkHOx0MM_UhSf4mXaEd7TlPWEE.roa (hash: mX8XLeO+zszvnK60l0trG+zbEKC3ubHM+ob7incrUTg=) 3: NfW9ixqx7VgotkkSnHgDKsh9dMY.roa (hash: Kie2q3O8eSHwiR0YzejrLsyQsmYHNodx8EF7zb/LMb0=) 4: S08gk3iwLLEpMcj1QO7K4KhStgU.roa (hash: yOf9iY1WMYzrbZrzaW1zGaZqbmiHAxIWjmbN/VW8KO8=) 5: SnwzkyZwfLVEJiP7wGX50bglsyU.roa (hash: Es9/z1r/+Fywv8gJgfUxwAGY0kCQtfSuFzlK9mwSc3I=) 6: a5VjISKzB5OHVPbIcpAmzw2vVVY.roa (hash: IbL8QfOTW3H+VPdlptYPq13rZd+vhPVLsoo3KN+W6PE=) 7: dNK-t-rgPXrn6eHRDfAxg535HMU.roa (hash: dIyzfQT0ryWEJXRFD6QWEqQEAS+y7x62ixhfYBY5SMQ=) 8: jhEg6HuRZNTrgrJYUd5elMT5s9c.roa (hash: sWbzhWThXRWbF9GlffFSK1iZraf+0A95K++Of9ZD/lk=) 9: o_oAkdJTg2XeO1GwIypjLQPXohM.roa (hash: 4/5vSj9d5XDVtoHiWhC8a+MOhwVdu7cs1BRGxj4luCs=) 10: tOrFct_T2uf3YfTFAUqLYVfWzos.roa (hash: 1joSZa7uWWmp1eUI7gk+vcbJECdoLlixcSZdzkjVXik=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 18:06:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8307 (0x2073) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 6 12:06:38 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=84B246AC88B239A06B33574CE0F41B778194AA21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d4:83:33:f7:e8:35:66:fc:41:d5:38:bf:41: 50:d3:bc:85:e9:5e:f3:30:72:7e:b2:f6:ee:16:86: 9f:78:74:fe:c0:32:1b:6c:80:33:2f:38:7e:28:9e: b3:f8:13:f4:ee:0a:bc:9c:b6:65:ea:b6:61:2a:8d: 0f:f6:53:c3:ce:74:e5:24:43:1a:29:32:28:28:9d: d8:fe:11:6b:12:4c:d0:6b:e7:81:65:c3:d5:64:9f: f5:9e:0a:1e:66:94:09:c8:9f:2a:46:fb:1e:b3:22: be:84:dd:bd:ec:64:b7:2e:cf:c8:de:80:d9:f8:db: 6e:45:aa:93:98:ec:ec:31:2d:7d:38:c5:2c:02:08: fe:ca:c5:46:8e:ce:3c:9f:90:be:bc:f7:e5:0b:fe: d6:48:2c:22:90:ef:3c:fb:da:e3:6f:4c:09:0f:83: e6:d1:5c:cb:cd:75:30:88:3c:c6:04:1b:e0:c9:83: 51:79:ef:07:77:f8:81:13:b6:86:1f:80:d2:21:f8: 67:3a:0b:55:9f:d5:bc:93:9b:b6:45:c1:e8:b9:1f: 0d:8e:32:ce:f9:f9:b9:e7:2b:e1:72:14:8c:dc:b7: c0:90:02:fd:0f:5c:23:7d:ae:07:b9:8d:51:9d:0a: 4b:7c:c5:f7:ca:9e:a0:a1:96:ce:b3:34:46:80:6c: 12:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B2:46:AC:88:B2:39:A0:6B:33:57:4C:E0:F4:1B:77:81:94:AA:21 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:f0:02:d9:76:35:b1:3e:3e:0c:c7:c1:ec:e8:cc:83:a4:9c: 44:83:b3:8e:2a:66:51:23:94:3c:56:db:6a:31:9d:e6:cb:ec: 49:9c:7a:0c:70:50:56:41:bc:dd:0c:bc:a6:bd:5c:cc:5a:60: e6:df:25:dd:8c:f8:bd:c8:61:df:c3:6d:1a:11:3f:9c:81:94: 0d:7c:b3:be:f1:1d:94:1f:f8:43:6f:32:3e:99:e2:85:82:92: 29:dc:f6:a8:0d:cc:d3:6f:a5:9c:3d:bc:0d:17:9f:86:69:7c: d3:a3:71:9f:fd:e4:bb:2b:41:42:ca:1e:bd:8f:53:df:0c:45: b9:dc:2a:2d:47:37:48:e4:9f:c4:21:1c:18:79:f9:4f:28:6c: b0:27:65:2f:df:9d:dc:2c:20:90:7f:e2:0a:8a:f5:f3:6f:77: 27:1a:1f:f3:d0:df:37:5e:b9:84:44:da:59:fa:2b:3d:5f:0a: 2a:2e:91:49:f2:e4:9e:cd:5f:25:e7:03:6e:3f:42:b7:28:cf: 4a:bf:5b:e0:88:9e:48:3f:eb:27:2e:68:66:df:e1:2d:90:f2: 59:68:30:8c:86:4d:a3:53:80:15:1c:3d:84:e5:51:a1:e3:c7: 31:13:16:a0:28:86:fc:2f:2d:81:ac:56:bb:a0:8e:08:39:5a: 0f:f2:26:a5 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MDYx MjA2MzhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg0QjI0NkFDODhCMjM5 QTA2QjMzNTc0Q0UwRjQxQjc3ODE5NEFBMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCw1IMz9+g1ZvxB1Ti/QVDTvIXpXvMwcn6y9u4Whp94dP7AMhts gDMvOH4onrP4E/TuCryctmXqtmEqjQ/2U8POdOUkQxopMigondj+EWsSTNBr54Fl w9Vkn/WeCh5mlAnInypG+x6zIr6E3b3sZLcuz8jegNn4225FqpOY7OwxLX04xSwC CP7KxUaOzjyfkL689+UL/tZILCKQ7zz72uNvTAkPg+bRXMvNdTCIPMYEG+DJg1F5 7wd3+IETtoYfgNIh+Gc6C1Wf1byTm7ZFwei5Hw2OMs75+bnnK+FyFIzct8CQAv0P XCN9rge5jVGdCkt8xffKnqChls6zNEaAbBJ/AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUhLJGrIiyOaBrM1dM4PQbd4GUqiEwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvN0JESk5GVjFuR1dk SzdnWi13Zl9jR1BPekRJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAKvwAtl2NbE+PgzHwezozIOknESDs44qZlEjlDxW22oxnebL7EmcegxwUFZB vN0MvKa9XMxaYObfJd2M+L3IYd/DbRoRP5yBlA18s77xHZQf+ENvMj6Z4oWCkinc 9qgNzNNvpZw9vA0Xn4ZpfNOjcZ/95LsrQULKHr2PU98MRbncKi1HN0jkn8QhHBh5 +U8obLAnZS/fndwsIJB/4gqK9fNvdycaH/PQ3zdeuYRE2ln6Kz1fCioukUny5J7N XyXnA24/Qrcoz0q/W+CInkg/6ycuaGbf4S2Q8lloMIyGTaNTgBUcPYTlUaHjxzET FqAohvwvLYGsVrugjgg5Wg/yJqU= -----END CERTIFICATE-----Generated at Sat Sep 6 15:32:12 2025 by rpki-client