$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft File: -ta0PAnQSQoN9_iR359jtSDPIQ8.mft (raw, json) Hash identifier: f5aMl+xBI/JCM3wdrNRPmEAgaHPEqsK8WoDpPsy8vGA= Subject key identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 110B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft Manifest number: 10FB Signing time: Sun 07 Sep 2025 13:04:24 +0000 Manifest this update: Sun 07 Sep 2025 13:04:24 +0000 Manifest next update: Sun 07 Sep 2025 19:04:24 +0000 Files and hashes: 1: -ZZb-6c-Wd7Tjge5gpverfNpsgA.roa (hash: HXdK03trP6XBIKeBgjUxSm8kA9kWC/XQa72N0+sODVs=) 2: -ta0PAnQSQoN9_iR359jtSDPIQ8.crl (hash: 9AUGHrFI6O98XIVObQpFdpbBaDsGzj1cD6Xmkmg8lKg=) 3: 1_xVmznRbjgrARcOnrUzK3zkMkM.roa (hash: GCP9qK5uGloZHD8Mka7pysVMWzi2GGVFtT7E7LtKHac=) 4: LiLhG4umWIFvssfr-YRo7VPi9PQ.roa (hash: 8VzvX+6L2up29XAoS07TOWxozlHhFYSU/9tMLFarKws=) 5: MRmJHXHbniE2rjTMj7-XBPn2PFE.roa (hash: AZznRSYPnsoxRC7iuvzdOmezQdGSxGrbcrS0Svin9+Q=) 6: PZpMpUI55eB2vbRtNWyVquWC7y0.roa (hash: XGAKJedxzNaXjaRNceMDOB16UaE9Le2pcMQeq9bqLtI=) 7: jZYYEWocgaa7kE62wHrtcbhmeqg.roa (hash: imxvfDsgpwHiKGk2ShLZNPp9PfRPBN6EzLl65EE3xwI=) 8: llh71OO6sGwAfZdC60WJs1U2NU0.roa (hash: 5pHK2BD7cThMf2Gdvo1WL3olc9aZ3jLaBSG3cDaQoIc=) 9: miGjVDXbOzQQTZP9E5umEPnWCAw.roa (hash: bFWWTZfSgak8dwI4OZSJZy4GLdjg6INc4Sl9XfE3d4k=) 10: rovnomnuVFMNJzTNeyy5W6WRMe0.roa (hash: aVXERw9JByy2HpoXIifbCTO+OLw9MnI6ZPVD8/WtLto=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 15:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4363 (0x110b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Sep 7 13:04:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4BCC447184497A8FAEB3769AD767F2E2871D2EAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:48:ee:2b:68:e0:56:e6:b1:31:28:fd:47:ec: 4f:11:cb:57:24:26:ab:d1:62:af:be:7f:2a:fc:e0: a6:ca:09:fa:df:39:bf:1a:4d:ee:e7:d2:04:13:4c: ac:e2:0e:1e:ad:f4:e7:66:10:72:a4:dc:dc:58:0b: 2b:30:18:84:09:a9:c2:92:f5:48:0c:e0:c7:e2:e8: 76:37:fe:e1:0b:b8:b7:cc:b4:a7:1c:f6:f0:00:a2: 4c:88:c2:0d:1c:77:ee:ed:5e:1b:ab:6c:63:b1:fc: b8:42:c7:dc:5d:96:72:b1:a2:f2:ab:6d:8b:6e:f6: 28:87:66:1f:a9:05:09:e7:13:7d:9d:7e:49:b9:35: 62:13:98:cc:ad:e2:3f:3e:50:3a:6d:ad:48:06:a3: 4d:d0:25:33:71:7f:f4:45:31:2e:da:ea:70:d2:f2: bb:86:d1:7d:04:a2:98:b1:ca:26:25:9b:b7:84:56: af:f6:ae:d6:85:b8:1a:b5:78:24:84:58:57:60:b1: ed:e2:3f:f0:d1:fa:4c:57:30:15:22:fa:37:8b:f8: 10:fd:c8:f7:0a:50:d3:19:f8:15:cd:0d:b4:c8:b6: 35:e0:c2:1d:71:28:31:3d:05:53:bd:9f:f7:f2:c8: 51:e0:c9:cb:a8:e3:82:d0:1e:9e:d2:83:a2:44:6e: 5c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:50:15:5d:6b:e9:dd:42:2b:bb:cc:89:65:57:b9:4c:07:39: 02:6e:8f:08:aa:12:f6:89:fc:41:8f:30:3f:2c:34:ae:b6:1d: 12:fb:da:da:f8:ef:49:47:2e:c0:e7:57:68:c5:1e:49:ab:ab: 9d:af:15:43:cc:51:fb:db:b4:27:25:1e:a5:9e:3b:2a:29:d0: 94:9c:a1:72:5b:69:c0:05:e0:81:7b:d8:14:84:7a:56:40:0f: b8:31:16:48:97:1b:2a:b0:1a:96:ac:f9:6a:87:1f:a4:2b:a8: 1a:d0:6b:ca:44:5f:25:ad:fa:cf:1d:4d:e1:69:3c:c3:48:d8: cb:35:66:2f:a6:a6:a5:81:40:d2:e3:5a:25:94:77:ef:65:53: 03:95:3d:8d:4f:3e:26:93:95:e3:ab:0d:bf:f7:f9:95:a9:e8: d8:60:43:6e:e3:ca:a5:27:11:15:e4:0b:c7:0b:72:08:cd:a8: 05:c3:b2:d6:7a:47:95:d4:bd:16:5e:00:03:cb:59:c4:79:24: 21:32:92:98:9b:52:e4:38:0e:93:6a:81:26:61:da:7e:a3:d4: 1b:6e:d2:88:cf:6a:3a:af:6f:74:c4:27:c7:af:d8:68:9c:be: a8:6a:7c:1e:f2:f4:f0:e8:4c:d7:b7:78:24:0b:e0:2c:43:41: 79:2b:d3:be -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICEQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA5MDcx MzA0MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRCQ0M0NDcxODQ0OTdB OEZBRUIzNzY5QUQ3NjdGMkUyODcxRDJFQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhSO4raOBW5rExKP1H7E8Ry1ckJqvRYq++fyr84KbKCfrfOb8a Te7n0gQTTKziDh6t9OdmEHKk3NxYCyswGIQJqcKS9UgM4Mfi6HY3/uELuLfMtKcc 9vAAokyIwg0cd+7tXhurbGOx/LhCx9xdlnKxovKrbYtu9iiHZh+pBQnnE32dfkm5 NWITmMyt4j8+UDptrUgGo03QJTNxf/RFMS7a6nDS8ruG0X0EopixyiYlm7eEVq/2 rtaFuBq1eCSEWFdgse3iP/DR+kxXMBUi+jeL+BD9yPcKUNMZ+BXNDbTItjXgwh1x KDE9BVO9n/fyyFHgycuo44LQHp7Sg6JEblyVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUS8xEcYRJeo+us3aa12fy4ocdLqwwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvLXRhMFBBblFTUW9O OV9pUjM1OWp0U0RQSVE4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABlQFV1r6d1CK7vMiWVXuUwHOQJujwiqEvaJ/EGPMD8sNK62HRL72tr470lH LsDnV2jFHkmrq52vFUPMUfvbtCclHqWeOyop0JScoXJbacAF4IF72BSEelZAD7gx FkiXGyqwGpas+WqHH6QrqBrQa8pEXyWt+s8dTeFpPMNI2Ms1Zi+mpqWBQNLjWiWU d+9lUwOVPY1PPiaTleOrDb/3+ZWp6NhgQ27jyqUnERXkC8cLcgjNqAXDstZ6R5XU vRZeAAPLWcR5JCEykpibUuQ4DpNqgSZh2n6j1Btu0ojPajqvb3TEJ8ev2Gicvqhq fB7y9PDoTNe3eCQL4CxDQXkr074= -----END CERTIFICATE-----Generated at Sun Sep 7 14:30:09 2025 by rpki-client