$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft File: qaFpos8CL7oK84PKmXtFZP7V-Js.mft (raw, json) Hash identifier: HWyKgxiUg8v/F+VL47OGQQm+v2O2mJ5+ew10wbjUd08= Subject key identifier: 2B:16:57:18:FF:B4:71:E6:D9:83:81:1B:34:9F:CF:8F:44:B9:98:BE Authority key identifier: A9:A1:69:A2:CF:02:2F:BA:0A:F3:83:CA:99:7B:45:64:FE:D5:F8:9B Certificate issuer: /CN=A9A169A2CF022FBA0AF383CA997B4564FED5F89B Certificate serial: 15 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft Manifest number: 15 Signing time: Fri 24 Oct 2025 17:35:58 +0000 Manifest this update: Fri 24 Oct 2025 17:35:58 +0000 Manifest next update: Fri 24 Oct 2025 23:35:58 +0000 Files and hashes: 1: qaFpos8CL7oK84PKmXtFZP7V-Js.crl (hash: ePQa/2BuStrUqueQwbFuz7BKVAo38pvhTwYAJBntsgo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 23:35:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9A169A2CF022FBA0AF383CA997B4564FED5F89B Validity Not Before: Oct 24 17:35:58 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=2B165718FFB471E6D983811B349FCF8F44B998BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:bf:94:ff:7b:7c:37:5a:1f:e8:b6:66:c3:6f: 66:38:b7:ae:da:2e:b1:ad:5c:ff:df:d7:a7:ad:7e: 70:4b:4f:7a:44:61:e8:b8:4d:e6:c5:b6:2f:95:6b: 48:87:0a:24:3a:f8:b7:f7:6f:36:c0:5f:ac:96:66: 8c:fb:47:ea:8a:ae:1b:f7:3f:f2:eb:4e:20:90:c7: 47:99:75:23:d0:0b:fe:4c:ba:60:7c:45:db:e8:0a: 8e:97:2a:87:33:b0:0a:be:54:cd:69:a8:71:14:25: 20:ca:dd:e8:72:a5:11:4d:9e:41:8b:97:66:1b:bc: 45:16:61:05:54:25:aa:c6:24:05:5d:b0:36:3b:da: 80:35:25:bb:ec:85:6e:30:5c:a6:91:52:70:7f:f1: 74:72:0a:27:32:4a:70:b5:dd:e3:eb:4d:d3:c2:55: 2c:ab:e3:37:59:98:9c:63:51:eb:29:63:8d:6a:1b: dd:6c:f4:44:87:eb:1e:7d:f8:60:93:05:1b:5f:58: f0:fc:5b:f1:cf:68:78:d7:46:3f:d5:b9:73:06:10: af:9c:56:1f:0a:8b:b5:0e:80:ad:c3:92:90:07:f2: ec:b8:a4:e1:7b:b9:53:f7:db:1b:8a:a5:bd:ea:c1: 65:04:13:7a:d3:d4:b6:06:d0:a7:bf:83:5a:ef:1f: c5:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:16:57:18:FF:B4:71:E6:D9:83:81:1B:34:9F:CF:8F:44:B9:98:BE X509v3 Authority Key Identifier: keyid:A9:A1:69:A2:CF:02:2F:BA:0A:F3:83:CA:99:7B:45:64:FE:D5:F8:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qaFpos8CL7oK84PKmXtFZP7V-Js.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3399/qaFpos8CL7oK84PKmXtFZP7V-Js.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:35:99:49:78:9c:fb:bd:5f:f5:36:c8:db:56:db:d7:c5:2a: 6e:3d:71:12:20:7d:43:84:15:71:f2:5e:e6:e7:69:b5:d9:9c: ed:58:5a:91:c0:a8:3c:bc:cc:27:57:7f:9c:b0:b3:dd:37:b1: 3a:6a:5f:ca:dc:18:aa:cb:e1:8e:e2:b3:30:d2:38:5b:e9:cb: 70:5f:e3:58:18:a0:34:1e:a0:5f:02:6f:01:b3:48:d7:4d:8f: 04:45:dc:c9:ae:29:f6:54:a5:6a:86:9e:04:18:3d:f8:7e:92: c9:55:64:34:bf:d4:bb:42:33:67:6a:7a:d6:99:9e:47:1e:ec: 39:df:1d:2a:1b:b1:2e:2b:a4:75:66:a3:74:ad:00:5e:43:1f: c9:1e:82:d8:b9:d9:eb:63:a7:57:62:30:40:ca:67:3e:09:ec: c7:81:c0:c8:ac:a4:49:62:07:e1:e2:47:a5:b0:31:d1:41:80: dc:b2:28:c4:cb:0e:93:7d:94:ec:57:9c:5c:94:ac:ad:0a:ba: 35:58:0b:39:23:45:76:62:1b:30:96:1c:28:3b:3b:c9:1f:f9: 9f:5e:bf:fb:be:d5:98:1c:8d:ce:88:f7:70:a9:d7:7b:11:a2: b8:69:39:b6:13:e4:7d:6e:0d:b5:bc:90:23:77:aa:14:fc:3a: 29:67:3d:02 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIBFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBOUEx NjlBMkNGMDIyRkJBMEFGMzgzQ0E5OTdCNDU2NEZFRDVGODlCMB4XDTI1MTAyNDE3 MzU1OFoXDTI2MTAyMzAzMDEwM1owMzExMC8GA1UEAxMoMkIxNjU3MThGRkI0NzFF NkQ5ODM4MTFCMzQ5RkNGOEY0NEI5OThCRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOO/lP97fDdaH+i2ZsNvZji3rtousa1c/9/Xp61+cEtPekRh6LhN 5sW2L5VrSIcKJDr4t/dvNsBfrJZmjPtH6oquG/c/8utOIJDHR5l1I9AL/ky6YHxF 2+gKjpcqhzOwCr5UzWmocRQlIMrd6HKlEU2eQYuXZhu8RRZhBVQlqsYkBV2wNjva gDUlu+yFbjBcppFScH/xdHIKJzJKcLXd4+tN08JVLKvjN1mYnGNR6yljjWob3Wz0 RIfrHn34YJMFG19Y8Pxb8c9oeNdGP9W5cwYQr5xWHwqLtQ6ArcOSkAfy7Lik4Xu5 U/fbG4qlverBZQQTetPUtgbQp7+DWu8fxSECAwEAAaOCAgwwggIIMB0GA1UdDgQW BBQrFlcY/7Rx5tmDgRs0n8+PRLmYvjAfBgNVHSMEGDAWgBSpoWmizwIvugrzg8qZ e0Vk/tX4mzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMzk5 L3FhRnBvczhDTDdvSzg0UEttWHRGWlA3Vi1Kcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcWFGcG9zOENMN29LODRQS21YdEZaUDdWLUpzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM5OS9xYUZwb3M4Q0w3b0s4 NFBLbVh0RlpQN1YtSnMubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAIDWZSXic+71f9TbI21bb18Uqbj1xEiB9Q4QVcfJe5udptdmc7VhakcCoPLzM J1d/nLCz3TexOmpfytwYqsvhjuKzMNI4W+nLcF/jWBigNB6gXwJvAbNI102PBEXc ya4p9lSlaoaeBBg9+H6SyVVkNL/Uu0IzZ2p61pmeRx7sOd8dKhuxLiukdWajdK0A XkMfyR6C2LnZ62OnV2IwQMpnPgnsx4HAyKykSWIH4eJHpbAx0UGA3LIoxMsOk32U 7FecXJSsrQq6NVgLOSNFdmIbMJYcKDs7yR/5n16/+77VmByNzoj3cKnXexGiuGk5 thPkfW4NtbyQI3eqFPw6KWc9Ag== -----END CERTIFICATE-----Generated at Fri Oct 24 21:06:25 2025 by rpki-client