$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3255/xuX5wWRNY_ogamb_ZxfB0RoqMC0.mft File: xuX5wWRNY_ogamb_ZxfB0RoqMC0.mft (raw, json) Hash identifier: I33P3UnOMh6k6VpruJpxvaB4rcFQXY8z2gi3UzbvjNg= Subject key identifier: 34:AA:52:06:2B:D6:B5:F7:71:34:B2:BF:04:69:A6:4A:CA:BB:74:6A Authority key identifier: C6:E5:F9:C1:64:4D:63:FA:20:6A:66:FF:67:17:C1:D1:1A:2A:30:2D Certificate issuer: /CN=C6E5F9C1644D63FA206A66FF6717C1D11A2A302D Certificate serial: 0CA5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xuX5wWRNY_ogamb_ZxfB0RoqMC0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/xuX5wWRNY_ogamb_ZxfB0RoqMC0.mft Manifest number: 0CA4 Signing time: Fri 24 Oct 2025 17:35:59 +0000 Manifest this update: Fri 24 Oct 2025 17:35:59 +0000 Manifest next update: Fri 24 Oct 2025 23:35:59 +0000 Files and hashes: 1: UbBWEWLjtIuxoQZhDwQjxJGfOj0.roa (hash: 1kYvUM2Xl87aE6PKMHwLOSeiRpB9pAikX4ZR9sd/sqU=) 2: xuX5wWRNY_ogamb_ZxfB0RoqMC0.crl (hash: qDEmrSFb3N7su7ub8bcjAuQmDOEbgGTYUZQV11Iix7U=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/xuX5wWRNY_ogamb_ZxfB0RoqMC0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/xuX5wWRNY_ogamb_ZxfB0RoqMC0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xuX5wWRNY_ogamb_ZxfB0RoqMC0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 23:35:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3237 (0xca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C6E5F9C1644D63FA206A66FF6717C1D11A2A302D Validity Not Before: Oct 24 17:35:59 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=34AA52062BD6B5F77134B2BF0469A64ACABB746A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:08:b2:ea:05:24:28:62:89:7b:59:5e:7b:55: 02:54:b7:5a:90:5a:5f:6c:b1:a7:80:79:4f:90:d8: e8:8b:1d:19:98:3c:58:c5:79:d5:8e:2b:30:b7:fc: 46:42:8e:4a:cf:a2:7a:38:f1:6c:2f:8e:0f:87:49: 4e:d7:06:b4:37:6c:99:2b:b9:46:f3:b3:9e:dc:b8: 5c:c9:1c:cd:f8:5d:9b:dd:ad:7a:2d:20:24:f2:18: e3:19:4e:94:ce:bd:dd:dd:4b:09:be:80:82:bf:42: b5:ae:ca:67:8c:33:1a:59:8e:2f:cc:af:21:cc:14: 46:31:a3:b9:0f:5c:27:ae:c0:a3:61:65:a6:c1:2e: 99:a0:58:f8:31:e0:64:30:3a:63:1a:16:40:01:4c: c4:2a:f2:4b:d0:04:fd:ef:f5:38:a5:37:69:44:49: 36:88:fc:87:22:64:65:5e:b0:cb:6a:e0:33:d0:81: 88:da:a8:a6:dc:e5:54:dd:73:02:71:53:ed:0d:f7: 53:64:db:c0:b3:0e:46:60:a2:a7:df:99:3c:68:43: 32:b2:df:6f:a5:24:5f:85:a6:61:82:dc:73:0f:33: 66:30:2e:e4:e9:bd:72:56:98:13:fb:e1:58:ff:b3: 38:76:14:b7:63:a1:64:4f:8a:5a:c1:55:01:fa:ca: fb:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:AA:52:06:2B:D6:B5:F7:71:34:B2:BF:04:69:A6:4A:CA:BB:74:6A X509v3 Authority Key Identifier: keyid:C6:E5:F9:C1:64:4D:63:FA:20:6A:66:FF:67:17:C1:D1:1A:2A:30:2D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/xuX5wWRNY_ogamb_ZxfB0RoqMC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xuX5wWRNY_ogamb_ZxfB0RoqMC0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/xuX5wWRNY_ogamb_ZxfB0RoqMC0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:13:e9:c4:59:64:86:66:4e:2b:f2:8c:9c:89:de:20:d0:34: 97:6d:f1:45:15:7f:08:42:b8:8a:31:84:84:32:e6:63:66:d7: 4b:9e:54:e6:4e:97:18:b9:99:3b:dd:cc:d9:2f:df:86:f8:6d: e4:c8:ce:a0:b6:a6:00:a4:94:63:a6:a7:49:7d:3a:72:23:3f: bc:dd:4d:aa:e6:0f:3a:b5:78:12:6d:2d:3b:1e:57:70:e2:81: 9e:dc:fb:37:8e:43:c0:6a:d2:d3:df:24:6e:2a:df:99:50:b6: c6:a3:cf:25:02:d7:85:f6:2d:fe:80:cc:06:d2:72:0e:8c:21: 58:21:c8:6e:71:e5:1c:68:d0:50:f9:7c:23:2a:6d:90:97:e1: d6:3d:0b:e9:75:94:96:71:0a:4c:3e:e5:8b:eb:eb:ff:f3:4e: 94:b6:b6:4d:81:ab:67:cd:dc:04:5e:fd:5a:f3:c5:50:fa:33: cc:4b:b3:a4:f1:a3:e6:43:80:04:2c:93:8f:a3:69:f6:c9:90: c0:35:7c:a7:73:48:b3:69:16:72:4e:c6:d3:92:4e:64:1b:a2: 83:4d:14:6c:fc:d0:05:ce:54:9a:5e:af:47:2d:05:6e:28:41: 85:b5:9d:68:c4:89:13:be:01:46:93:3a:60:f1:b3:90:90:1e: 08:87:d1:9c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzZF NUY5QzE2NDRENjNGQTIwNkE2NkZGNjcxN0MxRDExQTJBMzAyRDAeFw0yNTEwMjQx NzM1NTlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDM0QUE1MjA2MkJENkI1 Rjc3MTM0QjJCRjA0NjlBNjRBQ0FCQjc0NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZCLLqBSQoYol7WV57VQJUt1qQWl9ssaeAeU+Q2OiLHRmYPFjF edWOKzC3/EZCjkrPono48Wwvjg+HSU7XBrQ3bJkruUbzs57cuFzJHM34XZvdrXot ICTyGOMZTpTOvd3dSwm+gIK/QrWuymeMMxpZji/MryHMFEYxo7kPXCeuwKNhZabB LpmgWPgx4GQwOmMaFkABTMQq8kvQBP3v9TilN2lESTaI/IciZGVesMtq4DPQgYja qKbc5VTdcwJxU+0N91Nk28CzDkZgoqffmTxoQzKy32+lJF+FpmGC3HMPM2YwLuTp vXJWmBP74Vj/szh2FLdjoWRPilrBVQH6yvtXAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUNKpSBivWtfdxNLK/BGmmSsq7dGowHwYDVR0jBBgwFoAUxuX5wWRNY/ogamb/ ZxfB0RoqMC0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 NS94dVg1d1dSTllfb2dhbWJfWnhmQjBSb3FNQzAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3h1WDV3V1JOWV9vZ2FtYl9aeGZCMFJvcU1DMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTUveHVYNXdXUk5ZX29n YW1iX1p4ZkIwUm9xTUMwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAMT6cRZZIZmTivyjJyJ3iDQNJdt8UUVfwhCuIoxhIQy5mNm10ueVOZOlxi5 mTvdzNkv34b4beTIzqC2pgCklGOmp0l9OnIjP7zdTarmDzq1eBJtLTseV3DigZ7c +zeOQ8Bq0tPfJG4q35lQtsajzyUC14X2Lf6AzAbScg6MIVghyG5x5Rxo0FD5fCMq bZCX4dY9C+l1lJZxCkw+5Yvr6//zTpS2tk2Bq2fN3ARe/VrzxVD6M8xLs6Txo+ZD gAQsk4+jafbJkMA1fKdzSLNpFnJOxtOSTmQbooNNFGz80AXOVJper0ctBW4oQYW1 nWjEiRO+AUaTOmDxs5CQHgiH0Zw= -----END CERTIFICATE-----Generated at Fri Oct 24 21:15:26 2025 by rpki-client