$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft (raw, json) Hash identifier: 7pxfZ5Xa+H8dKCpM/R59f/Cc0fgsVqaJYqqOBEmQz98= Subject key identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 0F21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft Manifest number: 0F1B Signing time: Thu 12 Mar 2026 09:01:29 +0000 Manifest this update: Thu 12 Mar 2026 09:01:29 +0000 Manifest next update: Thu 12 Mar 2026 15:01:29 +0000 Files and hashes: 1: IQQLzRKxjKBeHr2DLQykbF1xEug.roa (hash: HTdGPlP9FXezylCpvK+gQqYQsAu3n3g4KhEqqyZGA4o=) 2: S0yXltP6HWuPvlH2o5LUY6e6C-E.roa (hash: ZxI0XtujC5kBibN+ZbrqSCT9IjP9fwJPSQPDqzomie4=) 3: kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl (hash: KEZ2jpT1Gc46DhqrgyIkfNRMZpR4Hq5MTakOEXkkHZU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Mar 2026 15:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3873 (0xf21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Mar 12 09:01:29 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=F7CE7231FE6F7D35AC67E125130F01403245BBCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:17:cd:57:be:fe:14:84:57:30:f0:64:79:4f: fe:86:52:f9:94:99:db:ee:be:6b:7c:2e:c6:ad:a7: d2:8f:b5:7b:ea:3b:38:7d:1d:b7:ec:45:19:15:95: 0a:c3:56:ba:78:7b:ea:a0:5b:fc:09:f9:8c:2f:33: 36:a8:c7:a2:89:ef:ab:26:8f:90:e4:8c:f1:90:02: 6f:3c:40:d3:e8:96:70:1a:d4:d6:c2:4e:95:c2:9a: 12:9e:ec:9f:ab:8f:64:45:bc:54:43:a2:fa:46:16: 9f:3c:32:7e:26:a3:47:f3:1a:87:0b:67:c8:c4:e3: 23:ed:62:52:b1:bc:a6:5e:e7:66:ec:e0:c6:a7:25: d2:ea:75:e5:81:9d:b0:8b:d7:ee:98:06:11:f2:35: d1:87:7c:a5:02:89:e0:65:e5:b4:05:38:fe:d9:e9: 6e:92:b0:2f:28:b2:59:0c:66:27:a0:aa:a5:01:ac: 58:eb:7e:3d:12:fb:eb:0f:a1:9b:02:cf:2f:e2:70: f5:40:fa:b3:92:25:64:a1:eb:a0:cd:57:11:b8:f4: 35:e2:92:21:db:d8:b5:86:1d:02:a2:e9:d8:31:1e: 0b:7a:da:5b:df:0c:bc:2c:c3:75:e1:89:27:97:cb: 12:7c:a2:ac:8e:ba:9a:2f:e9:21:78:35:47:61:d7: df:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:2a:6a:61:68:02:23:e4:41:26:d0:8d:e4:8b:aa:5b:09:4b: ff:4c:88:21:75:95:5f:4a:18:e7:b2:66:72:3d:3e:21:a0:12: 77:0a:ee:11:62:75:1a:7e:b9:d4:d8:9a:fc:c8:10:0c:a5:81: 1d:e4:89:4d:85:57:ba:f1:47:5f:5e:f5:93:16:45:12:bb:e2: 0d:b1:7a:2b:36:10:d5:6c:63:a9:09:33:6e:52:13:3c:6d:b4: 5e:dc:04:9c:94:ea:49:1d:c3:9f:a2:1d:55:20:d9:de:f0:ee: ef:48:fc:5a:78:11:9f:30:92:5b:dd:f8:55:9e:30:8d:44:ba: 4a:9c:9f:ee:95:f0:3f:be:29:26:21:43:e7:d5:8e:6f:0a:ff: 3c:02:37:dd:a8:92:38:d2:a8:8d:4b:4f:28:26:64:86:0b:6b: 08:33:b7:a3:96:85:09:16:0a:aa:84:08:0c:70:53:eb:3b:6b: 70:fc:40:b4:9b:36:51:40:66:8a:b1:39:e9:cf:4f:bf:c1:92: bd:67:35:92:4e:b3:15:7b:fa:8e:ae:30:12:ad:af:a1:fb:b9: 08:2c:9f:b4:c7:9d:10:c3:9c:26:66:d3:01:2f:17:56:d0:55: 3f:8d:b0:a6:df:6d:8b:29:f6:d1:1b:e8:ae:41:11:e9:56:28: 46:8d:ac:58 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNjAzMTIw OTAxMjlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEY3Q0U3MjMxRkU2RjdE MzVBQzY3RTEyNTEzMEYwMTQwMzI0NUJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCVF81Xvv4UhFcw8GR5T/6GUvmUmdvuvmt8Lsatp9KPtXvqOzh9 HbfsRRkVlQrDVrp4e+qgW/wJ+YwvMzaox6KJ76smj5DkjPGQAm88QNPolnAa1NbC TpXCmhKe7J+rj2RFvFRDovpGFp88Mn4mo0fzGocLZ8jE4yPtYlKxvKZe52bs4Man JdLqdeWBnbCL1+6YBhHyNdGHfKUCieBl5bQFOP7Z6W6SsC8oslkMZiegqqUBrFjr fj0S++sPoZsCzy/icPVA+rOSJWSh66DNVxG49DXikiHb2LWGHQKi6dgxHgt62lvf DLwsw3XhiSeXyxJ8oqyOupov6SF4NUdh19+vAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU985yMf5vfTWsZ+ElEw8BQDJFu84wHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgva1BNT0hmTW4wUU9R Znh2Z2p0UHFaTC0zZU9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABwqamFoAiPkQSbQjeSLqlsJS/9MiCF1lV9KGOeyZnI9PiGgEncK7hFidRp+ udTYmvzIEAylgR3kiU2FV7rxR19e9ZMWRRK74g2xeis2ENVsY6kJM25SEzxttF7c BJyU6kkdw5+iHVUg2d7w7u9I/Fp4EZ8wklvd+FWeMI1Eukqcn+6V8D++KSYhQ+fV jm8K/zwCN92okjjSqI1LTygmZIYLawgzt6OWhQkWCqqECAxwU+s7a3D8QLSbNlFA ZoqxOenPT7/Bkr1nNZJOsxV7+o6uMBKtr6H7uQgsn7THnRDDnCZm0wEvF1bQVT+N sKbfbYsp9tEb6K5BEelWKEaNrFg= -----END CERTIFICATE-----Generated at Thu Mar 12 12:25:02 2026 by rpki-client