$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft File: MtXsFcXlZORw7HsUzUfeLYYqzoM.mft (raw, json) Hash identifier: nrJfy+/BsMuR6GuL8cDPvwxF3WOfcIuCKuaT02GYs0k= Subject key identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3 Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 57 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft Manifest number: 53 Signing time: Fri 22 Nov 2024 15:24:23 +0000 Manifest this update: Fri 22 Nov 2024 15:24:23 +0000 Manifest next update: Fri 22 Nov 2024 21:24:23 +0000 Files and hashes: 1: JLQYInniMmjrZ1vFfNGSmRm-nvs.roa (hash: QlXwsqHXts+1fdHKwVf4SHuTfyC0wOTsCK0g1e5FrpE=) 2: MtXsFcXlZORw7HsUzUfeLYYqzoM.crl (hash: RsFRR/kYQN3rC/0cOmFSDkGR5ad7LMmoI8OZT8T7D+o=) 3: RdzlYXdrkIlz5zdq_uky2869UaM.roa (hash: Zrtno3SiPYmnE7VIpxd3/w1CoF3rH7IuIaaCg+DwPAU=) 4: dhForz2_NrloVzISJkp8QaFMXCs.roa (hash: /umIRMrhIJaUfWsHQfs27h7od4A6sDNvV6muipplBvw=) 5: phU4YJh5EUs8U1V3CbndmrNmfO0.roa (hash: CZhyDj2FMIi+v5w3tJPQMA4talNR9mcJmi9qREPZn/A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 87 (0x57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Nov 22 15:24:23 2024 GMT Not After : Nov 6 09:48:25 2025 GMT Subject: CN=47AC346E7B3AC13DA66FB22DEB396C0EE042F7C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:06:ad:80:a7:c7:cb:d9:7d:75:2c:0c:3f:cd: c2:0d:d0:0f:94:80:71:80:08:b7:0d:13:d2:22:2e: 1f:69:28:26:a3:1f:7b:5b:82:d2:b7:18:d1:6b:dc: dd:7a:40:ed:ab:f0:fa:0b:60:77:af:60:f3:87:e8: 42:da:79:19:1c:dc:e1:96:7a:b5:cd:15:32:74:d9: 78:00:f9:ed:c6:df:84:c8:58:88:9a:91:31:55:c1: 21:2d:57:8c:47:bf:a1:ce:cc:9b:dd:07:18:30:67: a2:a9:94:4c:69:ea:53:21:88:d6:5c:10:c3:f1:a7: b4:90:07:76:2e:23:65:d9:ee:4a:48:ab:82:aa:20: 49:96:56:a2:82:28:70:db:75:f7:51:7d:82:16:97: b5:05:af:af:f5:ea:ee:ec:4a:e0:12:d8:ba:30:1b: 11:b3:aa:d5:db:a9:3d:12:36:63:cd:09:e9:b8:b4: 4d:cc:4b:d0:a9:a2:d2:e9:66:a0:cd:7a:e6:1c:b2: 09:c2:0c:7a:5e:5c:13:94:b5:64:28:13:c3:a6:c1: 02:5f:67:c7:b0:62:2a:2e:00:c8:15:04:d7:4f:59: e8:8c:7f:84:b6:f2:3d:50:37:04:31:c8:8a:88:b6: 4a:77:c9:be:89:01:e8:ca:76:2c:05:d7:91:52:25: fb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3 X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:f7:b6:64:76:58:c8:25:d4:75:fd:16:3c:01:e9:c8:f5:3f: ef:9a:98:4e:90:23:c1:73:fb:7e:42:a0:47:e4:f6:dd:3f:43: 80:f3:3f:6b:3f:2f:fc:48:87:d2:07:a0:61:81:f3:d8:b8:8c: 19:c5:2d:29:23:06:b3:e3:9b:10:27:e3:ef:1f:8e:93:5b:f1: 1a:fe:e8:20:7b:30:25:3c:21:2e:f7:ab:d5:ad:5f:71:2a:07: 3e:07:a5:38:4d:85:95:79:fa:95:20:c3:d9:e2:fb:48:70:3a: ef:d2:8c:7a:2e:53:2f:04:10:4d:58:71:e7:db:ce:26:ec:a8: 2f:d3:c8:9d:e2:4a:21:3a:17:67:6f:a9:c0:8d:72:b6:8d:8a: fa:5c:18:d9:ec:73:c9:59:31:a0:4c:ea:39:ca:36:17:8d:0a: 1b:d9:69:ac:df:50:b7:27:5b:03:be:93:58:88:6d:d7:f4:ff: 9d:3a:32:03:a7:db:1c:65:63:71:84:3f:37:f7:68:aa:8d:e0: 51:9a:5a:7b:22:9c:4d:5e:32:3d:5f:e6:25:7b:d1:b1:c8:a8: 1e:82:23:0d:c2:2d:bc:d7:a2:23:ce:25:4b:58:40:f8:68:d4: c4:7c:14:b1:2a:82:02:46:ff:cd:45:53:41:2d:1c:c8:98:51: 1c:d3:7d:24 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIBVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzMkQ1 RUMxNUM1RTU2NEU0NzBFQzdCMTRDRDQ3REUyRDg2MkFDRTgzMB4XDTI0MTEyMjE1 MjQyM1oXDTI1MTEwNjA5NDgyNVowMzExMC8GA1UEAxMoNDdBQzM0NkU3QjNBQzEz REE2NkZCMjJERUIzOTZDMEVFMDQyRjdDMzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANUGrYCnx8vZfXUsDD/Nwg3QD5SAcYAItw0T0iIuH2koJqMfe1uC 0rcY0Wvc3XpA7avw+gtgd69g84foQtp5GRzc4ZZ6tc0VMnTZeAD57cbfhMhYiJqR MVXBIS1XjEe/oc7Mm90HGDBnoqmUTGnqUyGI1lwQw/GntJAHdi4jZdnuSkirgqog SZZWooIocNt191F9ghaXtQWvr/Xq7uxK4BLYujAbEbOq1dupPRI2Y80J6bi0TcxL 0Kmi0ulmoM165hyyCcIMel5cE5S1ZCgTw6bBAl9nx7BiKi4AyBUE109Z6Ix/hLby PVA3BDHIioi2SnfJvokB6Mp2LAXXkVIl+8sCAwEAAaOCAgwwggIIMB0GA1UdDgQW BBRHrDRuezrBPaZvsi3rOWwO4EL3wzAfBgNVHSMEGDAWgBQy1ewVxeVk5HDsexTN R94thirOgzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMDIz L010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTXRYc0ZjWGxaT1J3N0hzVXpVZmVMWVlxem9NLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAyMy9NdFhzRmNYbFpPUnc3 SHNVelVmZUxZWXF6b00ubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAJve2ZHZYyCXUdf0WPAHpyPU/75qYTpAjwXP7fkKgR+T23T9DgPM/az8v/EiH 0gegYYHz2LiMGcUtKSMGs+ObECfj7x+Ok1vxGv7oIHswJTwhLver1a1fcSoHPgel OE2FlXn6lSDD2eL7SHA679KMei5TLwQQTVhx59vOJuyoL9PIneJKIToXZ2+pwI1y to2K+lwY2exzyVkxoEzqOco2F40KG9lprN9QtydbA76TWIht1/T/nToyA6fbHGVj cYQ/N/doqo3gUZpaeyKcTV4yPV/mJXvRscioHoIjDcItvNeiI84lS1hA+GjUxHwU sSqCAkb/zUVTQS0cyJhRHNN9JA== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:38 2024 by rpki-client on console-fra.rpki-client.org