$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.mft File: GBfR2X6KEbbXPxwWXuqul0g9_ek.mft (raw, json) Hash identifier: aZTHG6GYM7Si9u5Dckx6SBcJ9UKAdWi/lOB++1uOVxQ= Subject key identifier: DC:F5:46:B5:5E:D1:F6:F2:B5:6F:CC:A8:0F:71:87:38:B3:AE:0C:20 Authority key identifier: 18:17:D1:D9:7E:8A:11:B6:D7:3F:1C:16:5E:EA:AE:97:48:3D:FD:E9 Certificate issuer: /CN=1817D1D97E8A11B6D73F1C165EEAAE97483DFDE9 Certificate serial: 1480 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.mft Manifest number: 147C Signing time: Sun 16 Feb 2025 19:57:38 +0000 Manifest this update: Sun 16 Feb 2025 19:57:38 +0000 Manifest next update: Mon 17 Feb 2025 01:57:38 +0000 Files and hashes: 1: GBfR2X6KEbbXPxwWXuqul0g9_ek.crl (hash: 3GIVrlC7qaGma4V7q90Q2O1SDtiMxX1um8a3H1m5b3M=) 2: jeRqT-U67iHCPC6sGRXxmqGg3To.roa (hash: a/ZnvznW8+bmn2gNXwFRyzDr6mmblMwmC0wW6Xa1SWM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 22:57:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5248 (0x1480) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1817D1D97E8A11B6D73F1C165EEAAE97483DFDE9 Validity Not Before: Feb 16 19:57:38 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DCF546B55ED1F6F2B56FCCA80F718738B3AE0C20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:18:72:fe:b5:67:ff:a7:bd:ee:a3:37:9a:07: 07:f1:d3:ae:45:ab:45:9c:d8:1a:ce:7e:23:71:76: ef:d0:34:f2:16:57:93:24:b3:ce:8a:e2:7b:84:4c: 33:10:37:e5:51:9b:5e:ab:5d:61:1b:53:37:11:32: 45:df:f4:5c:8d:5f:e4:0c:5d:69:c7:07:ce:a2:93: a0:09:fb:3e:fa:8a:7f:00:6f:dc:f6:b3:e0:0b:62: 22:00:dc:60:32:9f:d2:9a:de:3f:15:76:18:04:78: 7c:62:f4:9d:7c:73:9e:d2:69:64:4d:b8:e7:d0:f7: 93:ec:81:1e:d6:e7:55:2c:cc:3d:16:4c:33:fa:0f: 24:9a:e6:e7:7d:0c:07:88:5c:88:ba:1c:41:c4:6a: 74:89:9a:f9:5a:90:21:63:ac:01:a6:82:be:34:dd: 25:08:d8:64:02:0f:06:0d:41:f1:b0:55:1d:1a:c0: 5e:ad:35:42:de:6e:9d:5c:a7:88:e9:20:88:7f:eb: dc:1f:14:23:55:f8:80:7c:ca:cf:70:3b:83:60:d5: 22:3d:23:e6:a0:fd:1d:54:21:10:e8:82:bc:5f:78: f7:82:83:24:c6:9e:04:0b:11:0e:34:fe:31:9d:db: ba:a7:65:e9:0b:c6:73:7f:c1:50:f3:ec:75:b1:fa: b6:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:F5:46:B5:5E:D1:F6:F2:B5:6F:CC:A8:0F:71:87:38:B3:AE:0C:20 X509v3 Authority Key Identifier: keyid:18:17:D1:D9:7E:8A:11:B6:D7:3F:1C:16:5E:EA:AE:97:48:3D:FD:E9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:d1:b1:60:ef:d3:1d:9e:9f:2b:1a:2f:f3:ee:d8:4c:df:14: dd:45:03:d0:74:42:d9:04:f7:34:ee:ba:25:d8:38:54:06:6c: 76:bc:54:ab:d4:5b:b8:1e:31:c4:d6:71:3e:d0:88:af:6f:30: e0:5d:a3:ff:65:27:ab:39:a1:1b:4f:e5:8c:27:90:45:b8:33: 8d:83:73:d9:84:88:e8:88:bc:9d:ad:06:6a:e0:5c:cf:d5:fb: 14:06:be:c1:c3:7c:49:0f:3d:be:52:87:5c:f4:e6:64:3e:64: 7b:50:70:ec:a8:25:1a:87:6e:b9:10:20:77:3e:a7:24:ec:65: 47:bc:a0:11:e9:c8:63:b6:ac:87:98:07:e9:35:d5:7c:c1:65: 24:5f:e0:c9:46:b6:9f:da:71:12:47:c5:3b:8a:19:93:9f:ad: 00:6c:8f:8a:2b:78:c3:4c:48:17:98:7b:d7:c9:87:4d:96:9f: da:53:92:08:14:12:c8:15:c6:d6:d2:c5:4c:5e:2b:dc:58:d7: 3c:d8:4b:8e:4a:30:f3:04:8d:16:46:3d:44:3d:52:88:93:b6: 17:6c:11:a1:59:68:ba:11:02:f0:fb:8b:db:23:f0:08:d8:68: 14:02:78:99:98:72:04:11:ac:bf:b8:11:b5:6d:96:47:5f:75: 35:42:9d:89 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICFIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgx N0QxRDk3RThBMTFCNkQ3M0YxQzE2NUVFQUFFOTc0ODNERkRFOTAeFw0yNTAyMTYx OTU3MzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERDRjU0NkI1NUVEMUY2 RjJCNTZGQ0NBODBGNzE4NzM4QjNBRTBDMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxGHL+tWf/p73uozeaBwfx065Fq0Wc2BrOfiNxdu/QNPIWV5Mk s86K4nuETDMQN+VRm16rXWEbUzcRMkXf9FyNX+QMXWnHB86ik6AJ+z76in8Ab9z2 s+ALYiIA3GAyn9Ka3j8VdhgEeHxi9J18c57SaWRNuOfQ95PsgR7W51UszD0WTDP6 DySa5ud9DAeIXIi6HEHEanSJmvlakCFjrAGmgr403SUI2GQCDwYNQfGwVR0awF6t NULebp1cp4jpIIh/69wfFCNV+IB8ys9wO4Ng1SI9I+ag/R1UIRDogrxfePeCgyTG ngQLEQ40/jGd27qnZekLxnN/wVDz7HWx+rZ7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU3PVGtV7R9vK1b8yoD3GHOLOuDCAwHwYDVR0jBBgwFoAUGBfR2X6KEbbXPxwW Xuqul0g9/ekwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3 OC9HQmZSMlg2S0ViYlhQeHdXWHVxdWwwZzlfZWsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dCZlIyWDZLRWJiWFB4d1dYdXF1bDBnOV9lay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvR0JmUjJYNktFYmJY UHh3V1h1cXVsMGc5X2VrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHfRsWDv0x2enysaL/Pu2EzfFN1FA9B0QtkE9zTuuiXYOFQGbHa8VKvUW7ge McTWcT7QiK9vMOBdo/9lJ6s5oRtP5YwnkEW4M42Dc9mEiOiIvJ2tBmrgXM/V+xQG vsHDfEkPPb5Sh1z05mQ+ZHtQcOyoJRqHbrkQIHc+pyTsZUe8oBHpyGO2rIeYB+k1 1XzBZSRf4MlGtp/acRJHxTuKGZOfrQBsj4oreMNMSBeYe9fJh02Wn9pTkggUEsgV xtbSxUxeK9xY1zzYS45KMPMEjRZGPUQ9UoiTthdsEaFZaLoRAvD7i9sj8AjYaBQC eJmYcgQRrL+4EbVtlkdfdTVCnYk= -----END CERTIFICATE-----Generated at Sun Feb 16 22:09:17 2025 by rpki-client