$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft File: s7pq7zuPouXZteQ0OOACDUJqHso.mft (raw, json) Hash identifier: weV8m5ZHECWUXm4evcduH9rhXrEVc7cyPccnhXOt4bs= Subject key identifier: C7:40:47:DB:46:31:A4:74:E1:19:9E:E6:1A:2B:3A:FC:7A:1A:B9:54 Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 1CE2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft Manifest number: 1CC4 Signing time: Fri 13 Mar 2026 05:00:50 +0000 Manifest this update: Fri 13 Mar 2026 05:00:50 +0000 Manifest next update: Fri 13 Mar 2026 11:00:50 +0000 Files and hashes: 1: -o2ojTOqYYJIDpWfOiyLjZ31yxQ.roa (hash: MNolSCJVzDPmPWSVrY58xBA1Z6PwYrpG1yrKqcxt0ho=) 2: 9EagA56WVM6kpTQ8jadQG7pUMDE.roa (hash: L6JnTaYkliglaFxtnTSH80tKSo26V8tuLROJtvyDN5A=) 3: A7_TBOfWNcoCaZKhjBsM-eCbm1E.roa (hash: +dDBCkGwdU2tDXqTGw8aRO3YIU674YysRVfukmnjpWE=) 4: HjQoiWdSark1Vq_WBRravxkv_Pg.roa (hash: XBR6XXXcZGbdzil4gB51pnfrtY7dwGqHOJqSoNbHj+o=) 5: LiAQvuPyRcNAWaIePmmOLQCJB9M.roa (hash: D9nMEz0k907otUZV2bbM4LEH3tQm/EJJFBh3krolfHM=) 6: N0ykxOYRwjcbjGA-CRafyOh6b58.roa (hash: 5XKU2EuhR7yCyj5g6B5Az+R37tn+S+RHA0GT9i3eSVQ=) 7: TKyNWD1BkvQVJhcoExsJPNXZ8RA.roa (hash: tt1jtRoSM7ZcVuEJtyj2l/29W5SUIpR0xkxvDDm2Is4=) 8: UcTohbTQodAbEAI3lzS2aS5o8k8.roa (hash: Vd+P8Da+KkTKhV689IfBELIJGjeJR1MDlO/BU9VdRD0=) 9: gIpZp16RVJiyaukGncHAAp8v7Z4.roa (hash: KlFqfBhgn1zm+5r4EvNoSG+8QugbfpO1s1kFZ8Il0qU=) 10: mMFE8XbmKzkCukTu2c6-RlL6OVE.roa (hash: Zi/XHNT9Cksmx9bOlUksNhaZ8bRdvbMS+qgdAoQCgpI=) 11: q-9Ry7-1k_3djUpTgosZ8igSYDc.roa (hash: 6k801Xs8mnm7m8Hxv8JUH3LVMp3KISuyxt42Gy19gjk=) 12: s7pq7zuPouXZteQ0OOACDUJqHso.crl (hash: w5DZbr+s5DW2mkQCaCsRENntV0V3mlAfOXYEGgznFk8=) 13: tEsvDAANOTtJFf8oaAsz7pMudq4.roa (hash: 7peBtdsiHI0wHp98ydqxlvhy96MGbeVHwjS5dAx0n4k=) 14: vkWmHQcT_WfmSt8gQcnOswgyK4o.roa (hash: x3N7xl+pzlyFbxXl0X4yw//BbVjll4FUrmQW5XSju64=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Mar 2026 11:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7394 (0x1ce2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Mar 13 05:00:50 2026 GMT Not After : Jan 9 08:23:18 2027 GMT Subject: CN=C74047DB4631A474E1199EE61A2B3AFC7A1AB954 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4e:b3:10:31:ca:b7:57:21:7d:b3:22:cc:ab: 67:13:04:00:35:46:88:7b:b5:52:d0:0d:61:b1:09: f9:24:ce:3c:72:16:fe:d8:3d:4f:94:c7:94:47:c1: 58:bc:0a:cb:f8:68:bb:fd:2a:78:61:3e:da:11:1c: fa:5c:bb:21:ab:6d:d3:1c:57:a0:2f:ba:aa:a8:bf: 19:1b:6c:cc:2d:6e:b2:af:17:92:11:a1:00:86:99: 12:8d:77:06:24:cd:a8:0d:ea:82:71:66:5b:7b:e2: c7:34:44:1e:aa:59:6b:97:30:c5:f8:06:d3:a1:34: 90:4b:f4:f8:0e:a5:c2:e7:78:88:45:fd:aa:d2:d9: 46:93:1d:52:a2:15:b5:c8:f6:a8:75:e4:ee:23:18: 59:82:17:87:60:3f:63:1d:89:20:9a:7e:74:b8:a0: 04:13:9a:0c:b0:b4:a8:d8:d8:a0:4e:25:b2:9c:fb: 37:c4:23:43:07:a9:3e:24:7d:14:c5:af:07:33:84: d1:dd:af:e2:72:fb:41:a0:a8:6a:b0:9a:80:b1:48: 1d:f4:71:6c:94:fb:7d:36:c4:c0:5e:1b:ee:bd:fc: 7a:03:dc:e4:5d:96:82:5c:2d:13:80:9d:ff:f3:85: 8b:04:d7:f0:0d:31:6b:e2:86:15:46:0b:dc:e4:ea: ae:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:40:47:DB:46:31:A4:74:E1:19:9E:E6:1A:2B:3A:FC:7A:1A:B9:54 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:ec:55:5f:5e:da:3e:bd:a6:7c:7f:f5:dc:b8:d3:03:f3:69: cc:be:60:02:7a:02:3b:60:e7:9d:f1:61:79:b2:36:f6:18:ad: f2:f7:18:9a:a1:ad:69:51:6c:0e:55:61:22:15:05:c1:ef:74: 4c:cb:ab:1b:4f:0a:11:74:6d:0d:4f:6d:61:e7:99:66:75:cf: de:89:43:00:e5:59:55:f5:f2:d1:a1:34:5d:af:63:1b:3f:d5: 46:44:03:ee:eb:11:e6:a8:56:30:d7:5e:9f:28:2e:dc:a7:2b: 34:a5:01:2b:d4:0e:a3:86:df:d5:bb:a6:95:02:3c:df:a5:33: 72:6c:5f:6a:7c:38:ba:7d:b8:89:ab:67:d4:a0:f3:2a:59:30: 35:96:bf:d6:91:a3:16:5b:18:06:48:f7:f0:54:5e:6b:82:b4: fa:4a:7d:94:60:9b:d1:a2:75:3b:61:3a:57:61:3a:e8:43:2d: 61:c1:de:e5:bf:a3:81:86:a6:87:c4:4c:79:1d:f3:6a:b0:a8: 10:fd:4e:a6:3b:e1:97:63:81:21:c9:b7:52:5d:bb:76:93:8b: 1b:8b:ea:74:15:8c:ee:81:0c:62:c5:42:18:d0:b2:6f:25:04: 43:8c:c8:06:13:5e:11:e3:db:80:0e:45:c8:fb:9a:a3:77:4d: 62:d3:15:b0 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICHOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNjAzMTMw NTAwNTBaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEM3NDA0N0RCNDYzMUE0 NzRFMTE5OUVFNjFBMkIzQUZDN0ExQUI5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDATrMQMcq3VyF9syLMq2cTBAA1Roh7tVLQDWGxCfkkzjxyFv7Y PU+Ux5RHwVi8Csv4aLv9KnhhPtoRHPpcuyGrbdMcV6AvuqqovxkbbMwtbrKvF5IR oQCGmRKNdwYkzagN6oJxZlt74sc0RB6qWWuXMMX4BtOhNJBL9PgOpcLneIhF/arS 2UaTHVKiFbXI9qh15O4jGFmCF4dgP2MdiSCafnS4oAQTmgywtKjY2KBOJbKc+zfE I0MHqT4kfRTFrwczhNHdr+Jy+0GgqGqwmoCxSB30cWyU+302xMBeG+69/HoD3ORd loJcLROAnf/zhYsE1/ANMWvihhVGC9zk6q5fAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUx0BH20YxpHThGZ7mGis6/HoauVQwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3M3cHE3enVQb3VYWnRl UTBPT0FDRFVKcUhzby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCD7FVfXto+vaZ8f/XcuNMD82nMvmACegI7YOed8WF5sjb2GK3y9xiaoa1pUWwO VWEiFQXB73RMy6sbTwoRdG0NT21h55lmdc/eiUMA5VlV9fLRoTRdr2MbP9VGRAPu 6xHmqFYw116fKC7cpys0pQEr1A6jht/Vu6aVAjzfpTNybF9qfDi6fbiJq2fUoPMq WTA1lr/WkaMWWxgGSPfwVF5rgrT6Sn2UYJvRonU7YTpXYTroQy1hwd7lv6OBhqaH xEx5HfNqsKgQ/U6mO+GXY4EhybdSXbt2k4sbi+p0FYzugQxixUIY0LJvJQRDjMgG E14R49uADkXI+5qjd01i0xWw -----END CERTIFICATE-----Generated at Fri Mar 13 09:19:33 2026 by rpki-client