$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft File: rzr00B8M0Fbw4_aYgAsiOu53PSA.mft (raw, json) Hash identifier: laKp+SAoO13vP/9qc6A3bI8fqw0fEUuEM1kmt2f/gQ4= Subject key identifier: 13:F9:2B:2A:74:56:33:A9:8F:4B:51:2A:97:6B:DE:0B:BD:2F:07:CB Authority key identifier: AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20 Certificate issuer: /CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20 Certificate serial: 24C7 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft Manifest number: 24B1 Signing time: Tue 03 Jun 2025 21:14:23 +0000 Manifest this update: Tue 03 Jun 2025 21:14:23 +0000 Manifest next update: Wed 04 Jun 2025 03:14:23 +0000 Files and hashes: 1: Kk7lkFGOd63QwS1t6Wm8i_dkaIM.roa (hash: 4azzc8YreuK6NU6y8WTs2uAQ4eEJtFH2AV2cGlG1rC4=) 2: d16R1vhzR6AdU3s3oYlV8svDpoc.roa (hash: pZyYQk5Fbz2ihWXOaIedm3qeVm2r1E2UFUu++wqvZGo=) 3: rzr00B8M0Fbw4_aYgAsiOu53PSA.crl (hash: gBF0uF81nx/K9+uiDaiEivex1gOkEUVbklJV5LtQeNY=) 4: w6v7yydptDXSZ48j16_eXtT0ihA.roa (hash: CWsOZMP55Xzr2Prr/bR0hScMOPX06WSPiTnRdohDoiE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9415 (0x24c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20 Validity Not Before: Jun 3 21:14:23 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=13F92B2A745633A98F4B512A976BDE0BBD2F07CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d3:e1:a1:be:b7:78:45:74:59:a0:58:31:fc: 11:35:85:ee:16:c7:ea:a4:6c:cc:e4:ed:f0:4b:67: 18:80:3c:e3:ab:c5:c8:e6:6c:a9:9b:df:9d:b8:2c: 32:e7:6d:38:a9:ba:fe:4e:5e:9b:79:8c:1f:23:0a: 5f:ca:7b:83:47:ca:c0:5f:64:39:bd:b1:41:1c:38: 3f:58:35:f5:62:9e:21:32:f6:ef:01:99:82:2b:79: 2b:f3:60:a8:22:f4:48:28:ca:21:44:9e:e7:0f:69: 49:d0:10:6e:c9:fb:ae:3c:ed:d3:6e:c2:6e:1e:3a: 17:cf:c6:e3:61:05:50:7a:8b:17:df:e7:8d:16:92: 0f:49:f4:3c:1d:ba:b3:65:fb:b4:57:39:00:41:a8: a5:84:29:f5:e8:af:24:f7:d2:5a:a1:c1:cf:fb:e5: ae:7b:8d:a9:9b:52:0b:91:e5:ae:4b:97:44:26:e7: 9e:5c:f6:dd:72:44:d2:a8:53:47:62:46:fe:37:46: b6:24:10:a1:27:21:a8:dd:02:52:26:94:fa:c2:45: dc:01:35:cd:74:bc:db:d9:f5:60:cf:ec:20:76:c4: c5:66:82:57:fe:1f:56:f2:58:34:3b:8e:45:db:ba: fc:56:ea:b2:23:d3:1b:19:43:6e:7d:e2:7e:98:f5: 79:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:F9:2B:2A:74:56:33:A9:8F:4B:51:2A:97:6B:DE:0B:BD:2F:07:CB X509v3 Authority Key Identifier: keyid:AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:35:1a:2a:ff:bb:f4:28:db:2f:ee:c2:3d:61:32:62:7c:7d: a0:67:0a:05:a8:ae:d8:f3:e6:ad:54:f4:99:fd:99:ef:cd:57: 8a:f3:0d:ee:4f:8c:6c:e8:76:26:b4:45:65:7d:68:16:14:dd: 50:e2:37:95:3b:d6:8a:87:d8:0a:41:78:ff:42:7b:ef:a2:1d: ef:27:cc:58:75:44:e6:11:bf:53:ea:3f:24:b9:91:c7:3c:48: f2:5a:81:f4:50:97:09:96:70:2c:55:ba:17:40:ff:37:2f:2b: 9f:d5:9f:cc:b4:cb:b5:9d:9f:23:4e:03:ea:2f:64:f5:b2:dc: 49:c2:59:95:32:b1:47:66:7c:73:2a:ad:54:b5:41:9d:16:09: b4:95:ae:df:46:23:64:08:28:04:35:3d:a4:88:e1:63:d0:82: 12:18:63:51:b9:26:e1:c6:50:ca:77:77:c4:9e:9a:6d:0d:80: 6f:8b:c8:7a:bc:59:32:5f:a3:2c:61:b3:fa:b7:1a:ed:07:8d: 75:96:cb:23:04:e9:d1:69:6f:72:f3:95:15:47:b5:02:db:cd: 3f:53:96:4a:b4:19:82:9d:42:e3:e4:84:2c:10:53:58:75:0d: 20:1e:e0:01:c0:a8:e3:b1:48:78:14:ef:64:7f:c4:f3:35:4d: 9c:d2:42:c0 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICJMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUYz QUY0RDAxRjBDRDA1NkYwRTNGNjk4ODAwQjIyM0FFRTc3M0QyMDAeFw0yNTA2MDMy MTE0MjNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDEzRjkyQjJBNzQ1NjMz QTk4RjRCNTEyQTk3NkJERTBCQkQyRjA3Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC70+Ghvrd4RXRZoFgx/BE1he4Wx+qkbMzk7fBLZxiAPOOrxcjm bKmb3524LDLnbTipuv5OXpt5jB8jCl/Ke4NHysBfZDm9sUEcOD9YNfViniEy9u8B mYIreSvzYKgi9EgoyiFEnucPaUnQEG7J+6487dNuwm4eOhfPxuNhBVB6ixff540W kg9J9DwdurNl+7RXOQBBqKWEKfXoryT30lqhwc/75a57jambUguR5a5Ll0Qm555c 9t1yRNKoU0diRv43RrYkEKEnIajdAlImlPrCRdwBNc10vNvZ9WDP7CB2xMVmglf+ H1byWDQ7jkXbuvxW6rIj0xsZQ2594n6Y9XnlAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUE/krKnRWM6mPS1Eql2veC70vB8swHwYDVR0jBBgwFoAUrzr00B8M0Fbw4/aY gAsiOu53PSAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz L3J6cjAwQjhNMEZidzRfYVlnQXNpT3U1M1BTQS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcnpyMDBCOE0wRmJ3NF9hWWdBc2lPdTUzUFNBLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMzL3J6cjAwQjhNMEZidzRf YVlnQXNpT3U1M1BTQS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQByNRoq/7v0KNsv7sI9YTJifH2gZwoFqK7Y8+atVPSZ/ZnvzVeK8w3uT4xs6HYm tEVlfWgWFN1Q4jeVO9aKh9gKQXj/Qnvvoh3vJ8xYdUTmEb9T6j8kuZHHPEjyWoH0 UJcJlnAsVboXQP83Lyuf1Z/MtMu1nZ8jTgPqL2T1stxJwlmVMrFHZnxzKq1UtUGd Fgm0la7fRiNkCCgENT2kiOFj0IISGGNRuSbhxlDKd3fEnpptDYBvi8h6vFkyX6Ms YbP6txrtB411lssjBOnRaW9y85UVR7UC280/U5ZKtBmCnULj5IQsEFNYdQ0gHuAB wKjjsUh4FO9kf8TzNU2c0kLA -----END CERTIFICATE-----Generated at Wed Jun 4 01:23:05 2025 by rpki-client