$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft File: qaFpos8CL7oK84PKmXtFZP7V-Js.mft (raw, json) Hash identifier: zZXj9TwRVxyrZ93+657t1UNP2B9RRpz/SA7d2+3iMFU= Subject key identifier: 2B:16:57:18:FF:B4:71:E6:D9:83:81:1B:34:9F:CF:8F:44:B9:98:BE Authority key identifier: A9:A1:69:A2:CF:02:2F:BA:0A:F3:83:CA:99:7B:45:64:FE:D5:F8:9B Certificate issuer: /CN=A9A169A2CF022FBA0AF383CA997B4564FED5F89B Certificate serial: 02C5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft Manifest number: 02C3 Signing time: Thu 12 Mar 2026 09:00:56 +0000 Manifest this update: Thu 12 Mar 2026 09:00:56 +0000 Manifest next update: Thu 12 Mar 2026 15:00:56 +0000 Files and hashes: 1: bd9GrxZEfHWtOWHMuYJUpax949Y.roa (hash: Vy2eK3SQCyGw1GNGKXYuy4gqV0cZkl9Rql6LWidAWcA=) 2: qaFpos8CL7oK84PKmXtFZP7V-Js.crl (hash: 8vvgFxDgBvRzwYucSAAMHYbExQYjgEsdVnW6H7kaALo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Mar 2026 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 709 (0x2c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9A169A2CF022FBA0AF383CA997B4564FED5F89B Validity Not Before: Mar 12 09:00:56 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=2B165718FFB471E6D983811B349FCF8F44B998BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:bf:94:ff:7b:7c:37:5a:1f:e8:b6:66:c3:6f: 66:38:b7:ae:da:2e:b1:ad:5c:ff:df:d7:a7:ad:7e: 70:4b:4f:7a:44:61:e8:b8:4d:e6:c5:b6:2f:95:6b: 48:87:0a:24:3a:f8:b7:f7:6f:36:c0:5f:ac:96:66: 8c:fb:47:ea:8a:ae:1b:f7:3f:f2:eb:4e:20:90:c7: 47:99:75:23:d0:0b:fe:4c:ba:60:7c:45:db:e8:0a: 8e:97:2a:87:33:b0:0a:be:54:cd:69:a8:71:14:25: 20:ca:dd:e8:72:a5:11:4d:9e:41:8b:97:66:1b:bc: 45:16:61:05:54:25:aa:c6:24:05:5d:b0:36:3b:da: 80:35:25:bb:ec:85:6e:30:5c:a6:91:52:70:7f:f1: 74:72:0a:27:32:4a:70:b5:dd:e3:eb:4d:d3:c2:55: 2c:ab:e3:37:59:98:9c:63:51:eb:29:63:8d:6a:1b: dd:6c:f4:44:87:eb:1e:7d:f8:60:93:05:1b:5f:58: f0:fc:5b:f1:cf:68:78:d7:46:3f:d5:b9:73:06:10: af:9c:56:1f:0a:8b:b5:0e:80:ad:c3:92:90:07:f2: ec:b8:a4:e1:7b:b9:53:f7:db:1b:8a:a5:bd:ea:c1: 65:04:13:7a:d3:d4:b6:06:d0:a7:bf:83:5a:ef:1f: c5:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:16:57:18:FF:B4:71:E6:D9:83:81:1B:34:9F:CF:8F:44:B9:98:BE X509v3 Authority Key Identifier: keyid:A9:A1:69:A2:CF:02:2F:BA:0A:F3:83:CA:99:7B:45:64:FE:D5:F8:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:24:8e:cc:dc:94:24:9f:aa:fa:9a:db:9e:bb:ce:b2:88:1c: ab:9a:50:02:79:28:bd:f8:26:95:ce:c3:bd:8b:4c:b8:56:bc: 51:0c:f0:3d:1d:68:5d:d5:04:67:ea:75:d1:6e:1b:66:54:a7: 04:fa:b3:40:bf:5b:9f:29:62:f1:c8:3a:4d:60:d9:89:29:0f: 6d:db:52:71:c5:d3:8a:a7:e3:ae:f2:a7:a8:f2:b7:32:78:6a: d9:a5:77:3f:6f:a0:5e:0c:78:38:20:8e:0d:5d:06:c6:0b:7e: c7:7b:d4:e1:2d:b5:fb:45:d6:bf:09:76:8e:a7:df:37:d4:6e: 9d:e7:00:dc:bb:2e:04:50:ce:b3:1e:b6:00:65:cf:41:80:b4: 3d:de:eb:c6:28:06:7a:e1:2e:42:c1:df:99:6c:2d:c6:47:07: db:b9:44:3a:d3:8b:77:ba:68:0b:33:ed:57:40:cb:3e:37:ae: ca:a5:c6:d1:2c:5c:56:40:59:c6:1f:60:f1:99:9d:d2:fd:10: d4:d5:b1:bf:cc:e6:af:a0:81:1e:b2:69:ce:fe:55:df:d9:3e: 49:07:f8:14:90:0f:0c:0c:ad:57:e9:8f:a4:3b:2b:19:c2:9b: 81:d4:42:9c:66:4f:81:fe:6c:98:40:61:fb:5b:cb:79:61:ac: e7:4e:2d:da -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTlB MTY5QTJDRjAyMkZCQTBBRjM4M0NBOTk3QjQ1NjRGRUQ1Rjg5QjAeFw0yNjAzMTIw OTAwNTZaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDJCMTY1NzE4RkZCNDcx RTZEOTgzODExQjM0OUZDRjhGNDRCOTk4QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjv5T/e3w3Wh/otmbDb2Y4t67aLrGtXP/f16etfnBLT3pEYei4 TebFti+Va0iHCiQ6+Lf3bzbAX6yWZoz7R+qKrhv3P/LrTiCQx0eZdSPQC/5MumB8 RdvoCo6XKoczsAq+VM1pqHEUJSDK3ehypRFNnkGLl2YbvEUWYQVUJarGJAVdsDY7 2oA1JbvshW4wXKaRUnB/8XRyCicySnC13ePrTdPCVSyr4zdZmJxjUespY41qG91s 9ESH6x59+GCTBRtfWPD8W/HPaHjXRj/VuXMGEK+cVh8Ki7UOgK3DkpAH8uy4pOF7 uVP32xuKpb3qwWUEE3rT1LYG0Ke/g1rvH8UhAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKxZXGP+0cebZg4EbNJ/Pj0S5mL4wHwYDVR0jBBgwFoAUqaFpos8CL7oK84PK mXtFZP7V+JswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM5 OS9xYUZwb3M4Q0w3b0s4NFBLbVh0RlpQN1YtSnMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FhRnBvczhDTDdvSzg0UEttWHRGWlA3Vi1Kcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzOTkvcWFGcG9zOENMN29L ODRQS21YdEZaUDdWLUpzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGwkjszclCSfqvqa2567zrKIHKuaUAJ5KL34JpXOw72LTLhWvFEM8D0daF3V BGfqddFuG2ZUpwT6s0C/W58pYvHIOk1g2YkpD23bUnHF04qn467yp6jytzJ4atml dz9voF4MeDggjg1dBsYLfsd71OEttftF1r8Jdo6n3zfUbp3nANy7LgRQzrMetgBl z0GAtD3e68YoBnrhLkLB35lsLcZHB9u5RDrTi3e6aAsz7VdAyz43rsqlxtEsXFZA WcYfYPGZndL9ENTVsb/M5q+ggR6yac7+Vd/ZPkkH+BSQDwwMrVfpj6Q7KxnCm4HU QpxmT4H+bJhAYftby3lhrOdOLdo= -----END CERTIFICATE-----Generated at Thu Mar 12 12:24:10 2026 by rpki-client