$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft File: Lowd4ZR0A1y-pngFS22U9a-lM2E.mft (raw, json) Hash identifier: 1gnvWERL0ZlrpneeZqfxvF+yimVDTGeEXZuotHwsVb8= Subject key identifier: FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Certificate serial: 1B14 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft Manifest number: 1B0A Signing time: Fri 06 Jun 2025 12:09:57 +0000 Manifest this update: Fri 06 Jun 2025 12:09:57 +0000 Manifest next update: Fri 06 Jun 2025 18:09:57 +0000 Files and hashes: 1: IYkJ5FCKNtKSqqAO-jf5CgFrRyo.roa (hash: iyH8j7lARJGiKTyNhZuxwAzL7RSAxkLDiciZi2qy3S0=) 2: Lowd4ZR0A1y-pngFS22U9a-lM2E.crl (hash: RMMqEksHo6JCAk8OuCf3pMXBa37QWdW6mNPxSdklm4A=) 3: fioZ3GbSWc8xCxZSX5xMaJKL5Kw.roa (hash: kSZPAF+X3T3iZ+QjAo6L0K9L6zaSBOEvFL86EZHGiME=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:09:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6932 (0x1b14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Validity Not Before: Jun 6 12:09:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=FF932E425E060B53CC63EEF8B42B916DB3C01C6C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ce:ca:10:5a:c9:8f:d2:27:85:80:bb:25:3e: 26:96:85:3f:5b:51:fb:24:48:0d:d4:0d:5e:91:18: 04:52:77:b0:2d:d3:78:33:73:59:ab:3d:50:93:aa: 29:dd:c9:6d:31:6a:60:fb:17:57:f1:b6:f3:a5:bf: ce:7d:00:da:c1:8f:9c:11:a4:28:73:44:98:bd:2f: 63:2c:f2:d6:d5:1f:e7:f0:e8:6f:42:ec:2c:4a:d4: 53:f8:f3:4e:f4:bb:5c:01:19:43:9f:2b:b4:3c:cd: 8e:20:5d:b4:f1:30:b7:0d:be:35:06:12:30:a0:cb: 80:f1:c0:44:2c:b2:20:c8:53:66:f2:2c:36:d1:53: f6:aa:45:78:6d:b6:9c:13:2d:81:42:14:e2:e9:3d: 76:92:3a:5d:98:cc:7b:db:66:b1:88:a1:47:2b:1d: 41:d5:b1:0c:78:bb:83:ca:f7:02:ff:e7:5f:d5:53: f0:0b:95:fc:83:77:e4:a3:ff:19:71:e2:0a:73:a5: 18:c1:12:1c:c9:77:90:c4:05:91:12:72:b2:af:fa: f4:c1:eb:93:09:a5:4b:fb:0a:49:d4:2d:00:f4:ac: 02:11:35:44:af:04:83:7d:28:49:09:f4:8a:c5:84: fd:3c:9a:04:0b:e6:34:60:9f:20:19:e6:a5:85:96: 45:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C X509v3 Authority Key Identifier: keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:c4:a9:b9:91:26:db:58:80:13:14:00:25:d6:47:2c:f0:eb: ed:3b:76:60:bd:0c:95:6c:69:0d:78:9d:f8:4e:f6:d6:e7:75: 49:09:ee:89:03:26:dc:b7:b3:8c:e5:dd:57:ea:b0:a6:bf:7d: 82:83:01:be:5b:a9:b6:0d:01:04:04:8f:c8:e0:02:49:76:63: b4:ae:6a:ca:f8:e8:f5:3c:bc:67:0e:dd:9a:ba:b7:b7:bf:fb: 0a:39:d8:de:b1:39:e5:b8:c9:ae:8c:d5:b7:23:8b:7c:68:a0: 3e:3b:3e:4f:50:cf:85:30:e0:83:3a:c8:bd:1c:85:29:e7:3d: c9:d3:ec:5d:fe:71:2f:47:ba:2f:dc:c4:a1:e7:9d:40:dd:7d: 42:c6:16:36:f7:94:55:90:08:e1:c7:c7:0e:7f:a1:36:2e:05: 25:a4:46:52:3c:3a:e8:08:e3:46:ab:34:47:db:e3:97:d4:bf: 76:42:f8:1f:f9:de:21:1a:50:d2:56:91:b9:74:98:e2:8c:f6: c9:cf:37:8d:d9:2f:ff:cb:ee:4b:e4:17:1f:61:09:2a:a8:ca: a4:67:ae:61:c8:58:1d:a7:37:e7:2d:b4:e0:7c:95:f0:72:fc: f5:b4:29:18:ed:9e:9f:ae:5e:c7:df:ff:4c:9d:d3:e9:72:4a: a5:01:fc:8b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTA2MDYx MjA5NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZGOTMyRTQyNUUwNjBC NTNDQzYzRUVGOEI0MkI5MTZEQjNDMDFDNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1zsoQWsmP0ieFgLslPiaWhT9bUfskSA3UDV6RGARSd7At03gz c1mrPVCTqindyW0xamD7F1fxtvOlv859ANrBj5wRpChzRJi9L2Ms8tbVH+fw6G9C 7CxK1FP48070u1wBGUOfK7Q8zY4gXbTxMLcNvjUGEjCgy4DxwEQssiDIU2byLDbR U/aqRXhttpwTLYFCFOLpPXaSOl2YzHvbZrGIoUcrHUHVsQx4u4PK9wL/51/VU/AL lfyDd+Sj/xlx4gpzpRjBEhzJd5DEBZEScrKv+vTB65MJpUv7CknULQD0rAIRNUSv BIN9KEkJ9IrFhP08mgQL5jRgnyAZ5qWFlkUvAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU/5MuQl4GC1PMY+74tCuRbbPAHGwwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3 L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0xvd2Q0WlIwQTF5LXBu Z0ZTMjJVOWEtbE0yRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBCxKm5kSbbWIATFAAl1kcs8OvtO3ZgvQyVbGkNeJ34TvbW53VJCe6JAybct7OM 5d1X6rCmv32CgwG+W6m2DQEEBI/I4AJJdmO0rmrK+Oj1PLxnDt2aure3v/sKOdje sTnluMmujNW3I4t8aKA+Oz5PUM+FMOCDOsi9HIUp5z3J0+xd/nEvR7ov3MSh551A 3X1CxhY295RVkAjhx8cOf6E2LgUlpEZSPDroCONGqzRH2+OX1L92Qvgf+d4hGlDS VpG5dJjijPbJzzeN2S//y+5L5BcfYQkqqMqkZ65hyFgdpzfnLbTgfJXwcvz1tCkY 7Z6frl7H3/9MndPpckqlAfyL -----END CERTIFICATE-----Generated at Fri Jun 6 17:34:57 2025 by rpki-client