$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft File: th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft (raw, json) Hash identifier: qANE3hYpMlvfaypxO90ly75VGh8toDnin4Lfu+XtiZQ= Subject key identifier: 18:6E:78:B4:5B:3C:95:AF:28:F9:9F:C9:5D:6D:94:94:0A:37:55:1B Authority key identifier: B6:1E:91:38:CF:EB:7D:89:AB:8C:F5:42:76:ED:29:B3:D8:08:E0:BC Certificate issuer: /CN=B61E9138CFEB7D89AB8CF54276ED29B3D808E0BC Certificate serial: 05B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft Manifest number: 05B1 Signing time: Fri 24 Oct 2025 18:07:29 +0000 Manifest this update: Fri 24 Oct 2025 18:07:29 +0000 Manifest next update: Sat 25 Oct 2025 00:07:29 +0000 Files and hashes: 1: th6ROM_rfYmrjPVCdu0ps9gI4Lw.crl (hash: VxjcgXB2Qz0jzttqJtX8+kQcnnm6ZVQmkbS17Von3+I=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 00:07:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1457 (0x5b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B61E9138CFEB7D89AB8CF54276ED29B3D808E0BC Validity Not Before: Oct 24 18:07:29 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=186E78B45B3C95AF28F99FC95D6D94940A37551B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:1b:c6:9f:2c:76:70:3d:16:0a:60:0c:28:9d: 0b:6e:02:15:0e:70:04:d0:29:47:03:3c:0b:c3:d4: 2e:d2:75:0e:ae:c0:63:70:93:c2:34:17:5a:cc:ce: 15:f6:7a:c8:84:9a:ac:9e:6b:a3:69:2c:43:28:77: d9:af:a0:84:40:eb:b2:39:05:b9:b8:ba:c6:a3:9d: 02:aa:02:c0:33:24:9c:05:b7:eb:04:7a:98:0e:0a: f3:2d:a9:c4:59:52:36:21:d2:c0:39:47:e2:13:81: 57:60:4f:a8:7b:6c:4e:f8:26:f8:15:f8:aa:b1:21: 91:c7:63:e8:23:65:39:20:4e:1a:ff:13:66:69:bf: f6:22:44:57:bf:17:8c:bd:e4:d1:51:45:63:7a:e3: 5c:cd:2f:bc:fa:33:3f:9b:12:3e:2c:80:d9:3d:64: 81:00:bc:71:04:f9:4c:3d:00:8f:dd:ee:5a:83:0a: 84:34:cd:b6:39:52:8e:bf:af:6a:c4:4a:86:24:17: fd:b6:cf:8a:46:d6:c9:1e:12:b4:95:2e:54:a3:10: 33:fa:36:8e:c2:4a:a8:d5:ac:0e:ef:73:3f:d1:1c: ed:44:b6:f5:80:fa:02:da:cf:06:f8:a4:cd:0f:3b: b1:27:10:ec:52:61:b6:bc:94:7a:f8:00:32:6f:fd: 37:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:6E:78:B4:5B:3C:95:AF:28:F9:9F:C9:5D:6D:94:94:0A:37:55:1B X509v3 Authority Key Identifier: keyid:B6:1E:91:38:CF:EB:7D:89:AB:8C:F5:42:76:ED:29:B3:D8:08:E0:BC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:bf:2c:5f:08:66:f4:71:a3:d5:91:13:b5:1f:68:57:c1:38: 5d:a1:66:6f:41:ba:9b:0a:d1:a2:bf:90:03:33:71:7a:48:06: 1f:52:39:95:f0:67:2f:8e:6b:3a:21:63:56:70:a4:00:51:45: d1:f1:c9:46:1f:5c:a1:ac:47:37:40:12:c0:35:73:fa:82:ea: 18:0e:33:41:c9:3f:d9:f3:ff:2f:30:d9:9a:c6:1b:0b:9f:e3: 9d:8d:40:6a:50:55:25:4d:cd:0a:5c:3f:42:1f:28:cf:1c:05: bd:c6:65:5a:ee:dc:46:d2:7c:51:b8:14:87:a7:25:fd:a8:91: f6:39:44:6a:2d:3e:84:bb:1f:0d:83:d1:dd:73:c9:4c:f5:36: 88:01:29:ee:e1:bd:df:db:68:aa:aa:4a:af:ef:8d:20:b3:69: 79:e2:fa:de:51:b2:09:26:ca:05:bd:c7:55:d1:b6:9e:56:83: 39:22:58:be:9a:82:76:21:a3:cc:bd:58:2f:e9:97:60:2e:2f: 21:2d:6c:49:92:89:32:44:39:40:c1:bc:ed:1c:fc:51:b8:35: f4:fa:f1:d8:36:be:69:84:6a:0b:0e:cd:a8:c5:71:d3:d7:4b: a6:9a:c9:c7:1d:e7:df:d0:25:3f:3d:9b:c9:ce:84:bb:27:63: 92:e1:ae:5c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjYx RTkxMzhDRkVCN0Q4OUFCOENGNTQyNzZFRDI5QjNEODA4RTBCQzAeFw0yNTEwMjQx ODA3MjlaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE4NkU3OEI0NUIzQzk1 QUYyOEY5OUZDOTVENkQ5NDk0MEEzNzU1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1G8afLHZwPRYKYAwonQtuAhUOcATQKUcDPAvD1C7SdQ6uwGNw k8I0F1rMzhX2esiEmqyea6NpLEMod9mvoIRA67I5Bbm4usajnQKqAsAzJJwFt+sE epgOCvMtqcRZUjYh0sA5R+ITgVdgT6h7bE74JvgV+KqxIZHHY+gjZTkgThr/E2Zp v/YiRFe/F4y95NFRRWN641zNL7z6Mz+bEj4sgNk9ZIEAvHEE+Uw9AI/d7lqDCoQ0 zbY5Uo6/r2rESoYkF/22z4pG1skeErSVLlSjEDP6No7CSqjVrA7vcz/RHO1EtvWA +gLazwb4pM0PO7EnEOxSYba8lHr4ADJv/TchAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUGG54tFs8la8o+Z/JXW2UlAo3VRswHwYDVR0jBBgwFoAUth6ROM/rfYmrjPVC du0ps9gI4LwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 NS90aDZST01fcmZZbXJqUFZDZHUwcHM5Z0k0THcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3RoNlJPTV9yZlltcmpQVkNkdTBwczlnSTRMdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDUvdGg2Uk9NX3JmWW1y alBWQ2R1MHBzOWdJNEx3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJW/LF8IZvRxo9WRE7UfaFfBOF2hZm9BupsK0aK/kAMzcXpIBh9SOZXwZy+O azohY1ZwpABRRdHxyUYfXKGsRzdAEsA1c/qC6hgOM0HJP9nz/y8w2ZrGGwuf452N QGpQVSVNzQpcP0IfKM8cBb3GZVru3EbSfFG4FIenJf2okfY5RGotPoS7Hw2D0d1z yUz1NogBKe7hvd/baKqqSq/vjSCzaXni+t5RsgkmygW9x1XRtp5WgzkiWL6agnYh o8y9WC/pl2AuLyEtbEmSiTJEOUDBvO0c/FG4NfT68dg2vmmEagsOzajFcdPXS6aa yccd59/QJT89m8nOhLsnY5Lhrlw= -----END CERTIFICATE-----Generated at Fri Oct 24 21:29:16 2025 by rpki-client