$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.mft File: LznWwjiJNFGgbrNMUtd6vBiQa-A.mft (raw, json) Hash identifier: KxTa/hyH/Py0K6F034JEF8eKEPzUbyyIal55B7um3uU= Subject key identifier: 2F:40:59:F1:B7:DA:8A:B0:E6:12:96:7F:7C:4F:D3:08:DF:77:77:77 Authority key identifier: 2F:39:D6:C2:38:89:34:51:A0:6E:B3:4C:52:D7:7A:BC:18:90:6B:E0 Certificate issuer: /CN=2F39D6C238893451A06EB34C52D77ABC18906BE0 Certificate serial: 213F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LznWwjiJNFGgbrNMUtd6vBiQa-A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.mft Manifest number: 2134 Signing time: Sun 26 Oct 2025 19:09:44 +0000 Manifest this update: Sun 26 Oct 2025 19:09:44 +0000 Manifest next update: Mon 27 Oct 2025 01:09:44 +0000 Files and hashes: 1: 7zzMdB7u5ay_vYvE83MicNjj9Xo.roa (hash: R1FUwvHwObQjJ297J+3nwp+8OpaE6qSBQinj4OuqmMY=) 2: LznWwjiJNFGgbrNMUtd6vBiQa-A.crl (hash: 6Q8y+vNMrP8SNXrh+iS5GkP/oaQjXFZurSiFKHPOjXg=) 3: zndiDCfoVzgxP-R3Oy9u0SfbSkA.roa (hash: TwsL2eJrwe5D2HIYTlY6JevlROw5vXxZYHmIvVV/5/Y=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LznWwjiJNFGgbrNMUtd6vBiQa-A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 21:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8511 (0x213f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F39D6C238893451A06EB34C52D77ABC18906BE0 Validity Not Before: Oct 26 19:09:44 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2F4059F1B7DA8AB0E612967F7C4FD308DF777777 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1b:ca:33:df:74:25:87:a5:16:88:35:68:4d: 40:cc:11:97:81:e4:7f:5a:b8:8f:59:bb:88:5d:8a: a9:23:5b:ad:d6:41:67:10:ec:9c:dd:3b:83:52:15: a0:d7:e2:6d:7e:48:e3:55:d1:fa:db:c7:a5:7c:82: 02:79:9f:e1:ef:35:3f:16:cd:5e:67:3f:16:b0:7e: 46:56:a0:53:04:d3:14:d2:ef:3f:e1:4d:35:d0:df: 04:b8:80:d0:74:88:d2:59:e2:33:97:42:57:c2:c5: 8f:df:da:13:2a:6a:34:08:4f:09:9c:0c:68:da:8f: bd:d2:3e:79:02:e2:df:ee:a3:c1:37:e8:3a:f2:64: 1f:5b:f8:67:33:5a:03:f6:17:cd:c3:89:62:aa:a0: 4c:6a:66:e0:cf:cc:f0:b5:22:c6:80:e7:80:2f:62: be:e2:72:3d:d4:5f:e9:99:f7:22:cf:8e:86:b1:70: 4c:00:08:e4:0a:6a:d1:90:31:cf:a2:f6:fb:d8:a1: 87:6a:a8:fa:17:02:7d:54:58:9e:a4:e7:dc:be:57: a7:c3:e1:c7:eb:18:4c:7b:79:19:98:8f:d9:65:28: 58:2f:14:c3:93:ab:bb:73:95:ec:b8:05:94:8a:0d: 94:bf:07:df:a7:05:c6:1b:f8:0e:90:09:d7:09:34: 75:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:40:59:F1:B7:DA:8A:B0:E6:12:96:7F:7C:4F:D3:08:DF:77:77:77 X509v3 Authority Key Identifier: keyid:2F:39:D6:C2:38:89:34:51:A0:6E:B3:4C:52:D7:7A:BC:18:90:6B:E0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LznWwjiJNFGgbrNMUtd6vBiQa-A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:3a:3c:de:fc:5a:86:54:3e:c6:79:06:e7:05:0a:ea:ea:d6: 4c:8d:85:79:d7:11:7e:0c:b0:8a:c5:3c:7d:91:26:8a:21:4b: 3e:42:70:7c:01:fb:27:7b:8e:72:2c:e5:cd:81:8e:04:b8:60: 24:81:93:b0:77:78:58:92:cb:d2:1b:df:da:5d:16:52:62:15: 41:78:40:59:0d:45:cf:c9:aa:ec:be:a3:e9:05:03:fd:86:6e: 34:a1:db:7d:ef:d1:34:23:70:85:7c:aa:11:94:0d:e0:2d:56: 61:2f:1a:6c:2d:d4:95:e2:ed:8e:c9:49:59:da:6d:c9:e8:fc: 4a:33:0e:4f:75:ab:5f:df:09:02:94:76:6d:28:bc:b6:48:c0: 6c:2b:5d:c8:14:2b:bc:70:79:11:c3:4c:6f:03:a1:e7:d7:64: 0e:69:59:4e:d4:ac:06:ed:1b:28:35:18:99:28:46:50:f3:f5: aa:45:7c:c3:6d:a8:66:73:a9:07:47:9b:7d:31:42:01:af:f2: 33:ab:29:ce:b0:3b:dc:0f:51:2e:43:0f:5f:b3:06:cc:ec:52: b5:f3:c3:9f:a7:76:a4:fb:6c:e6:fb:a1:69:67:f2:2d:ca:c3: ee:0e:eb:8b:dc:7b:85:87:ac:3d:85:d5:5d:c6:ae:2a:80:00: c2:fe:ec:43 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICIT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYz OUQ2QzIzODg5MzQ1MUEwNkVCMzRDNTJENzdBQkMxODkwNkJFMDAeFw0yNTEwMjYx OTA5NDRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDJGNDA1OUYxQjdEQThB QjBFNjEyOTY3RjdDNEZEMzA4REY3Nzc3NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/G8oz33Qlh6UWiDVoTUDMEZeB5H9auI9Zu4hdiqkjW63WQWcQ 7JzdO4NSFaDX4m1+SONV0frbx6V8ggJ5n+HvNT8WzV5nPxawfkZWoFME0xTS7z/h TTXQ3wS4gNB0iNJZ4jOXQlfCxY/f2hMqajQITwmcDGjaj73SPnkC4t/uo8E36Dry ZB9b+GczWgP2F83DiWKqoExqZuDPzPC1IsaA54AvYr7icj3UX+mZ9yLPjoaxcEwA COQKatGQMc+i9vvYoYdqqPoXAn1UWJ6k59y+V6fD4cfrGEx7eRmYj9llKFgvFMOT q7tzley4BZSKDZS/B9+nBcYb+A6QCdcJNHX7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUL0BZ8bfairDmEpZ/fE/TCN93d3cwHwYDVR0jBBgwFoAULznWwjiJNFGgbrNM Utd6vBiQa+AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 OC9Mem5Xd2ppSk5GR2dick5NVXRkNnZCaVFhLUEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0x6bld3amlKTkZHZ2JyTk1VdGQ2dkJpUWEtQS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTgvTHpuV3dqaUpORkdn YnJOTVV0ZDZ2QmlRYS1BLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADU6PN78WoZUPsZ5BucFCurq1kyNhXnXEX4MsIrFPH2RJoohSz5CcHwB+yd7 jnIs5c2BjgS4YCSBk7B3eFiSy9Ib39pdFlJiFUF4QFkNRc/Jquy+o+kFA/2GbjSh 233v0TQjcIV8qhGUDeAtVmEvGmwt1JXi7Y7JSVnabcno/EozDk91q1/fCQKUdm0o vLZIwGwrXcgUK7xweRHDTG8DoefXZA5pWU7UrAbtGyg1GJkoRlDz9apFfMNtqGZz qQdHm30xQgGv8jOrKc6wO9wPUS5DD1+zBszsUrXzw5+ndqT7bOb7oWln8i3Kw+4O 64vce4WHrD2F1V3GriqAAML+7EM= -----END CERTIFICATE-----Generated at Sun Oct 26 20:40:23 2025 by rpki-client