$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft File: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json) Hash identifier: xNIxYOHjw3l0TDtWt3/G4qJleaDTzAbgO0uH7/yUpVg= Subject key identifier: 5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 23E5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft Manifest number: 1F0F Signing time: Fri 22 Nov 2024 15:21:57 +0000 Manifest this update: Fri 22 Nov 2024 15:21:56 +0000 Manifest next update: Fri 22 Nov 2024 21:21:56 +0000 Files and hashes: 1: 6f5E7d7WPmZSftgs9ezOKogP4Ds.roa (hash: HkXsm2cg6s99F50j5mNIIXYYWPHYSg307dJAHV2SP50=) 2: 76cx8fquGQlU67eDFsoViD7rZXg.roa (hash: n9L11ufu3a/2aLZGTCC1juQpzKRigFfe6Jl/VTLRgWE=) 3: IiRFLwykCE55foHlT9Cyoni3dog.roa (hash: VZF43H+/Xb7dNEQdKEoiW4pZUDAI+mWd5eoYGgXSAoQ=) 4: Mw0AMcJ331Zk3LfIw4rGUcMnjA0.roa (hash: 6MvuvsWQ1pBcXJjGGEiPX7d7itOpdEaZUyt9brNvtkc=) 5: Upm3NFNJTgjaImZFTPOwqDOsodw.roa (hash: kxTQwsh8Ui9oq+ANhu0QENlwzWm7FjQWP+tuXPa7kKg=) 6: _sY32bpnYHuhk-LoecC86lNfRZU.roa (hash: DZvK3eIm+gzA0uWRZkODAbVkxm4LmEKJ1L+/jHrS4f8=) 7: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: 660YZFrlr9A2D9sbOa4Y1SPp3MVN+T+WmZdSlgcCHV4=) 8: l7pq8USURZhbMz4dVzkliHTwzqc.roa (hash: FU4ykIIBjhclH3fHhZphmbq+W7cmGCCpYPTRAjwQDAc=) 9: n_fbJzcBeone-VCh6IJkLgJw3EE.roa (hash: bjY0FSjeG6Q2w9vrLDF+3orzuQJRmNxrodxNW24XpDg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9189 (0x23e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Nov 22 15:21:56 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32: 00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66: 5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8: d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84: df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1: d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92: 04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68: 17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c: 8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d: 46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb: 0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13: 99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3: 8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa: c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1: e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64: 62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36: b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e: 22:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:a2:53:fe:f4:91:cf:58:6b:75:d7:9f:94:39:0b:bb:14:c4: e7:1e:d4:a3:6a:81:dd:be:a8:cf:e4:13:ea:de:41:2d:b7:07: 18:41:7b:93:62:5a:17:59:f6:a2:a7:de:d6:e6:cc:f1:1a:d3: 54:0b:67:92:d3:79:75:c0:4e:0e:a4:bd:9b:04:72:62:d4:97: ab:9e:c2:0c:23:5e:77:29:6e:a4:ca:fa:bb:8b:d4:3b:f7:ea: 6e:f9:24:e2:1a:85:e0:14:d9:74:f3:75:aa:4a:e7:6a:8c:1e: 01:26:de:87:4f:6b:fa:a4:a9:a6:0b:9f:9a:5d:28:08:c0:cc: c1:a3:38:92:f3:0f:59:1d:39:4c:4b:78:fa:b6:6f:b4:a4:6e: ac:dc:7e:ce:3d:2c:bb:1b:79:00:12:90:51:e6:b6:69:8f:b3: 6f:1b:82:a1:e1:98:27:a3:86:82:c4:bf:60:f6:17:7a:3d:eb: 4a:14:0a:c4:78:aa:c1:8e:d5:19:e4:d4:af:e4:a1:0e:32:45: 5e:be:1b:51:ed:5d:fe:54:77:c4:43:f7:53:11:4a:c3:1b:d1: 45:bc:da:d7:7d:ad:29:d5:ef:df:70:13:8c:fe:97:3f:e4:20: d3:c6:77:3d:2a:e7:1c:06:c5:43:95:8a:7f:4b:e4:0d:7e:ca: 1c:b6:4f:79 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICI+UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDExMjIx NTIxNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVBQ0E1QUU2MTAzRTg0 OTgzNDVCQ0JBQkQ0N0E0NDNBQzA5M0MyNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDb8PloUplqqg8dKO/WMgBLS1vguLi5EbMB22E+Zl4pDZ0VYkil mo1W5K4s6NfHrfs3VqL3txdkvHXJhN9hJm2glNtgLdoJNkUo8dn/mE64bfl9MrTI 1cqYkgRw8/CYj2YCmG+N+UiYaBdLmdMWBEkRMvfbW469bI/pILcRsMVH+WmC6YTt jUYuo5B01TG89za5Jnc5uw/H4lkRg5vIQR1MzB9aE5m6mhtwnfFeiJnFcyPrw48L YfCN11SEWp+TWsMi+sB6DO67yTQ9ghhfUpaP4ekfTr5breWIYXmcIpEfZGJbbw4L yGqdNAMTVitfNrZ1T9J5Bq5n4H9ZRpxmLiK7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUWspa5hA+hJg0W8ur1HpEOsCTwlowHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvaXVUUGVMU2Q4TExC MHAweTVJcVVPdVQwR3N3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFKiU/70kc9Ya3XXn5Q5C7sUxOce1KNqgd2+qM/kE+reQS23BxhBe5NiWhdZ 9qKn3tbmzPEa01QLZ5LTeXXATg6kvZsEcmLUl6uewgwjXncpbqTK+ruL1Dv36m75 JOIaheAU2XTzdapK52qMHgEm3odPa/qkqaYLn5pdKAjAzMGjOJLzD1kdOUxLePq2 b7Skbqzcfs49LLsbeQASkFHmtmmPs28bgqHhmCejhoLEv2D2F3o960oUCsR4qsGO 1Rnk1K/koQ4yRV6+G1HtXf5Ud8RD91MRSsMb0UW82td9rSnV799wE4z+lz/kINPG dz0q5xwGxUOVin9L5A1+yhy2T3k= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:39 2024 by rpki-client on console-fra.rpki-client.org