$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft File: -ta0PAnQSQoN9_iR359jtSDPIQ8.mft (raw, json) Hash identifier: fYIcCOG3CVwLEqA/EZFXKR2Tav+bNsKF8Xu/k3X4geA= Subject key identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 1208 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft Manifest number: 11F4 Signing time: Mon 27 Oct 2025 20:43:32 +0000 Manifest this update: Mon 27 Oct 2025 20:43:32 +0000 Manifest next update: Tue 28 Oct 2025 02:43:32 +0000 Files and hashes: 1: -ta0PAnQSQoN9_iR359jtSDPIQ8.crl (hash: ADdMbG+V5LjGeoEChXsv/PaHZmHYNP9KrX/2YjI4jfQ=) 2: 1_xVmznRbjgrARcOnrUzK3zkMkM.roa (hash: GCP9qK5uGloZHD8Mka7pysVMWzi2GGVFtT7E7LtKHac=) 3: CHHbDf38ok5HgG-AYJgAhy91wqY.roa (hash: KxJWeGq5HBzWbxvVwSmjxZ9pOeTHY0fE5UXqtx6WfOk=) 4: Cni4ivS0aTSHai9yUx7gJbz5jK8.roa (hash: 84n7AGw6yl+gQsNwUYQ53IvU2VCFXFgTwWVhGMKyhIk=) 5: LiLhG4umWIFvssfr-YRo7VPi9PQ.roa (hash: 8VzvX+6L2up29XAoS07TOWxozlHhFYSU/9tMLFarKws=) 6: MRmJHXHbniE2rjTMj7-XBPn2PFE.roa (hash: AZznRSYPnsoxRC7iuvzdOmezQdGSxGrbcrS0Svin9+Q=) 7: PZpMpUI55eB2vbRtNWyVquWC7y0.roa (hash: XGAKJedxzNaXjaRNceMDOB16UaE9Le2pcMQeq9bqLtI=) 8: Pie-aA_SMXi1KlttjIhePqYurTU.roa (hash: 4oxtWmiOezYONOy5kp6vAgerw2OZ94LDmtSh2UUa1A4=) 9: llh71OO6sGwAfZdC60WJs1U2NU0.roa (hash: 5pHK2BD7cThMf2Gdvo1WL3olc9aZ3jLaBSG3cDaQoIc=) 10: miGjVDXbOzQQTZP9E5umEPnWCAw.roa (hash: bFWWTZfSgak8dwI4OZSJZy4GLdjg6INc4Sl9XfE3d4k=) 11: rovnomnuVFMNJzTNeyy5W6WRMe0.roa (hash: aVXERw9JByy2HpoXIifbCTO+OLw9MnI6ZPVD8/WtLto=) 12: sZKnapg00fgKKe4LkAFvTWPY7bc.roa (hash: QsFYItD1U7Qqi5MRKBnZXLcVx+4eR2sBukx9xvp60fM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 02:43:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4616 (0x1208) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Oct 27 20:43:32 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=4BCC447184497A8FAEB3769AD767F2E2871D2EAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:48:ee:2b:68:e0:56:e6:b1:31:28:fd:47:ec: 4f:11:cb:57:24:26:ab:d1:62:af:be:7f:2a:fc:e0: a6:ca:09:fa:df:39:bf:1a:4d:ee:e7:d2:04:13:4c: ac:e2:0e:1e:ad:f4:e7:66:10:72:a4:dc:dc:58:0b: 2b:30:18:84:09:a9:c2:92:f5:48:0c:e0:c7:e2:e8: 76:37:fe:e1:0b:b8:b7:cc:b4:a7:1c:f6:f0:00:a2: 4c:88:c2:0d:1c:77:ee:ed:5e:1b:ab:6c:63:b1:fc: b8:42:c7:dc:5d:96:72:b1:a2:f2:ab:6d:8b:6e:f6: 28:87:66:1f:a9:05:09:e7:13:7d:9d:7e:49:b9:35: 62:13:98:cc:ad:e2:3f:3e:50:3a:6d:ad:48:06:a3: 4d:d0:25:33:71:7f:f4:45:31:2e:da:ea:70:d2:f2: bb:86:d1:7d:04:a2:98:b1:ca:26:25:9b:b7:84:56: af:f6:ae:d6:85:b8:1a:b5:78:24:84:58:57:60:b1: ed:e2:3f:f0:d1:fa:4c:57:30:15:22:fa:37:8b:f8: 10:fd:c8:f7:0a:50:d3:19:f8:15:cd:0d:b4:c8:b6: 35:e0:c2:1d:71:28:31:3d:05:53:bd:9f:f7:f2:c8: 51:e0:c9:cb:a8:e3:82:d0:1e:9e:d2:83:a2:44:6e: 5c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:6d:31:56:cd:f6:d2:44:cd:96:c4:4c:6f:ba:c9:2f:dc:aa: cb:02:43:b0:8b:4a:75:4a:c2:cc:12:7a:e0:94:26:12:9f:f6: 08:85:11:bf:fc:22:48:3c:3f:3c:53:ca:12:a0:63:db:96:57: 54:32:c8:90:27:11:21:ec:f8:af:18:28:27:12:d8:9e:0c:eb: 20:7f:7c:79:d9:e3:1e:ef:99:a2:2f:47:99:e0:f7:33:bb:b7: 52:58:ed:40:47:20:27:e5:06:e6:86:47:4a:20:b0:88:0e:37: 71:82:4f:05:7d:fd:42:2b:70:ed:8c:d2:82:cf:e0:4f:bc:8d: 70:a5:a3:a2:e1:50:b8:6a:0c:71:ff:e5:db:0d:78:c5:ac:48: ef:c8:06:08:c5:1b:fd:34:20:11:64:4c:bb:63:a8:df:4f:c5: 89:17:dc:7d:40:bb:36:fc:14:18:b7:f7:9a:f3:ed:16:e5:b5: 63:38:6e:e7:7a:56:af:2a:99:ba:14:a3:29:37:f7:a5:29:b3: 04:32:c5:a2:27:cd:e2:98:b8:fd:52:48:ae:da:27:ab:a1:06: ac:2f:6a:75:78:28:b7:e6:a0:72:af:10:1a:2f:49:80:5b:2a: 1e:d4:50:f1:0f:d9:0a:7c:dc:24:25:a8:a1:15:ba:fa:ca:4e: 39:9a:11:61 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICEggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTEwMjcy MDQzMzJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDRCQ0M0NDcxODQ0OTdB OEZBRUIzNzY5QUQ3NjdGMkUyODcxRDJFQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhSO4raOBW5rExKP1H7E8Ry1ckJqvRYq++fyr84KbKCfrfOb8a Te7n0gQTTKziDh6t9OdmEHKk3NxYCyswGIQJqcKS9UgM4Mfi6HY3/uELuLfMtKcc 9vAAokyIwg0cd+7tXhurbGOx/LhCx9xdlnKxovKrbYtu9iiHZh+pBQnnE32dfkm5 NWITmMyt4j8+UDptrUgGo03QJTNxf/RFMS7a6nDS8ruG0X0EopixyiYlm7eEVq/2 rtaFuBq1eCSEWFdgse3iP/DR+kxXMBUi+jeL+BD9yPcKUNMZ+BXNDbTItjXgwh1x KDE9BVO9n/fyyFHgycuo44LQHp7Sg6JEblyVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUS8xEcYRJeo+us3aa12fy4ocdLqwwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvLXRhMFBBblFTUW9O OV9pUjM1OWp0U0RQSVE4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAVtMVbN9tJEzZbETG+6yS/cqssCQ7CLSnVKwswSeuCUJhKf9giFEb/8Ikg8 PzxTyhKgY9uWV1QyyJAnESHs+K8YKCcS2J4M6yB/fHnZ4x7vmaIvR5ng9zO7t1JY 7UBHICflBuaGR0ogsIgON3GCTwV9/UIrcO2M0oLP4E+8jXClo6LhULhqDHH/5dsN eMWsSO/IBgjFG/00IBFkTLtjqN9PxYkX3H1Auzb8FBi395rz7RbltWM4bud6Vq8q mboUoyk396UpswQyxaInzeKYuP1SSK7aJ6uhBqwvanV4KLfmoHKvEBovSYBbKh7U UPEP2Qp83CQlqKEVuvrKTjmaEWE= -----END CERTIFICATE-----Generated at Tue Oct 28 02:24:41 2025 by rpki-client