$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft File: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft (raw, json) Hash identifier: 3kETYMCLop5StJF+nxbZ+F9xVSJkLTowwm35fNXudeI= Subject key identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE Authority key identifier: 69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 Certificate issuer: /CN=697447C397D18C9E110B24E505C1146CF13EA871 Certificate serial: 40 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft Manifest number: 3F Signing time: Tue 21 Oct 2025 07:04:15 +0000 Manifest this update: Tue 21 Oct 2025 07:04:15 +0000 Manifest next update: Tue 21 Oct 2025 13:04:15 +0000 Files and hashes: 1: BZUi2Cy-x-5xY8XLQ7H-sa3JIuI.roa (hash: r4NPIAsWOPVI4/TlBnHCHN0/vB3fsl6rRgv0C6aogiE=) 2: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl (hash: hzVtvR5+yKOt5hbq7r6d3Zs43bsDTYq8N7Q5TSQAJIM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:04:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64 (0x40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=697447C397D18C9E110B24E505C1146CF13EA871 Validity Not Before: Oct 21 07:04:15 2025 GMT Not After : Oct 9 06:50:27 2026 GMT Subject: CN=AA54C733A646C84D43400EF5B3B5FE12DF33E3CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:f4:45:c8:e1:99:dc:ac:f8:b0:ab:32:f1: ec:35:60:05:c1:82:85:2a:68:82:d4:ce:52:46:71: df:ff:e3:66:54:ed:49:c4:c0:a8:e2:b7:d5:49:a2: f6:aa:aa:ca:24:79:c9:3f:7c:88:59:e6:b3:37:b9: 95:fb:98:63:34:0b:d2:a0:8c:b0:19:73:71:3a:bf: a5:b8:31:77:d3:16:14:3c:4a:26:e2:ab:4b:00:d4: ef:ae:07:ee:49:34:7c:d3:28:4c:44:47:97:7a:24: e0:dc:e8:51:bf:1b:10:74:c1:05:45:09:11:73:9d: 40:cf:c3:82:09:97:11:12:9f:89:af:f1:9f:16:f1: 0b:6f:60:17:70:07:7f:af:9b:67:58:22:e4:13:26: 7d:42:a0:eb:48:55:9f:55:bc:0e:40:5e:aa:a0:80: 64:65:f7:c0:7e:88:55:98:8d:bd:13:90:59:54:10: 34:50:03:45:73:b3:4d:40:15:9c:28:aa:fc:88:a7: c5:e6:35:82:8f:fc:90:48:77:d7:16:14:70:16:9d: d7:38:43:89:0f:d7:4b:17:d5:25:53:9b:0a:6c:b2: bd:08:f4:49:2f:16:d4:24:63:2d:9c:db:1d:56:18: 8b:bf:92:fb:e5:da:38:c1:ac:5c:a1:67:f7:e0:2f: c8:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE X509v3 Authority Key Identifier: keyid:69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:df:39:a7:33:3e:20:d9:5d:85:c0:a6:f8:e5:2a:28:d0:f4: 0e:20:50:0e:06:bf:79:d0:21:5b:23:e3:66:dd:d9:76:21:dd: 73:8f:29:bd:74:ed:80:83:b0:7b:fd:6e:c6:b5:9d:af:71:dd: 15:40:ba:53:41:5d:e1:7c:0a:62:d3:33:e1:fa:1f:52:ac:68: 5b:dd:f2:4a:1d:81:c6:1e:d9:dc:3b:bd:c1:4d:10:82:61:ed: a4:c9:74:d5:05:57:b6:7a:29:74:92:7c:24:a4:77:02:ba:49: a0:dd:3a:aa:11:25:0e:26:a4:37:06:a8:61:05:d1:9c:8c:0b: ea:de:43:3e:44:eb:d5:55:18:c2:bf:86:4f:79:a7:a4:72:1b: 15:82:46:8e:8c:45:4c:2a:3f:9a:91:a3:d1:e4:b6:e4:a6:f1: 44:87:7d:12:77:af:9f:f7:3c:95:dd:50:59:9d:59:9a:47:b3: 21:13:c3:1b:92:c2:49:b7:a0:03:d6:20:04:5d:9f:9c:bd:91: 8f:08:c8:19:40:2d:f4:01:a4:0c:5a:53:23:c5:0e:91:be:c7: b1:41:46:b7:a5:c3:f5:ee:54:cf:23:8f:dd:0e:24:88:31:67: 3c:68:88:a7:59:07:ea:ad:a4:fa:e9:8a:08:44:bd:88:84:35: df:ab:0c:b7 -----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgIBQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTc0 NDdDMzk3RDE4QzlFMTEwQjI0RTUwNUMxMTQ2Q0YxM0VBODcxMB4XDTI1MTAyMTA3 MDQxNVoXDTI2MTAwOTA2NTAyN1owMzExMC8GA1UEAxMoQUE1NEM3MzNBNjQ2Qzg0 RDQzNDAwRUY1QjNCNUZFMTJERjMzRTNDRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMgZ9EXI4ZncrPiwqzLx7DVgBcGChSpogtTOUkZx3//jZlTtScTA qOK31Umi9qqqyiR5yT98iFnmsze5lfuYYzQL0qCMsBlzcTq/pbgxd9MWFDxKJuKr SwDU764H7kk0fNMoTERHl3ok4NzoUb8bEHTBBUUJEXOdQM/DggmXERKfia/xnxbx C29gF3AHf6+bZ1gi5BMmfUKg60hVn1W8DkBeqqCAZGX3wH6IVZiNvROQWVQQNFAD RXOzTUAVnCiq/IinxeY1go/8kEh31xYUcBad1zhDiQ/XSxfVJVObCmyyvQj0SS8W 1CRjLZzbHVYYi7+S++XaOMGsXKFn9+AvyH0CAwEAAaOCAgowggIGMB0GA1UdDgQW BBSqVMczpkbITUNADvWztf4S3zPjzjAfBgNVHSMEGDAWgBRpdEfDl9GMnhELJOUF wRRs8T6ocTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MzEv YVhSSHc1ZlJqSjRSQ3lUbEJjRVViUEUtcUhFLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9hWFJIdzVmUmpKNFJDeVRsQmNFVWJQRS1xSEUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MzEvYVhSSHc1ZlJqSjRSQ3lU bEJjRVViUEUtcUhFLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsG AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEB ADLfOaczPiDZXYXApvjlKijQ9A4gUA4Gv3nQIVsj42bd2XYh3XOPKb107YCDsHv9 bsa1na9x3RVAulNBXeF8CmLTM+H6H1KsaFvd8kodgcYe2dw7vcFNEIJh7aTJdNUF V7Z6KXSSfCSkdwK6SaDdOqoRJQ4mpDcGqGEF0ZyMC+reQz5E69VVGMK/hk95p6Ry GxWCRo6MRUwqP5qRo9HktuSm8USHfRJ3r5/3PJXdUFmdWZpHsyETwxuSwkm3oAPW IARdn5y9kY8IyBlALfQBpAxaUyPFDpG+x7FBRrelw/XuVM8jj90OJIgxZzxoiKdZ B+qtpPrpighEvYiENd+rDLc= -----END CERTIFICATE-----Generated at Tue Oct 21 10:23:58 2025 by rpki-client