$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft File: -ta0PAnQSQoN9_iR359jtSDPIQ8.mft (raw, json) Hash identifier: +WLHaBqVRAJtaBvexB+1ojEXAa5N8R6eEHkXTPIFcqk= Subject key identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 1011 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft Manifest number: 1009 Signing time: Sun 20 Jul 2025 11:41:37 +0000 Manifest this update: Sun 20 Jul 2025 11:41:37 +0000 Manifest next update: Sun 20 Jul 2025 17:41:37 +0000 Files and hashes: 1: -ta0PAnQSQoN9_iR359jtSDPIQ8.crl (hash: doIRwZP+mmjSS3xa8JzVJadh1Ec3xOWACdqThQvkIN8=) 2: jZYYEWocgaa7kE62wHrtcbhmeqg.roa (hash: imxvfDsgpwHiKGk2ShLZNPp9PfRPBN6EzLl65EE3xwI=) 3: quj3JK30OXbnje-5SHznSVufOkU.roa (hash: QFco1R1nZco2MXFS8wJ24/UVjY0SEkcS4e5JbGrfWNA=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:43:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4113 (0x1011) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Jul 20 11:41:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4BCC447184497A8FAEB3769AD767F2E2871D2EAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:48:ee:2b:68:e0:56:e6:b1:31:28:fd:47:ec: 4f:11:cb:57:24:26:ab:d1:62:af:be:7f:2a:fc:e0: a6:ca:09:fa:df:39:bf:1a:4d:ee:e7:d2:04:13:4c: ac:e2:0e:1e:ad:f4:e7:66:10:72:a4:dc:dc:58:0b: 2b:30:18:84:09:a9:c2:92:f5:48:0c:e0:c7:e2:e8: 76:37:fe:e1:0b:b8:b7:cc:b4:a7:1c:f6:f0:00:a2: 4c:88:c2:0d:1c:77:ee:ed:5e:1b:ab:6c:63:b1:fc: b8:42:c7:dc:5d:96:72:b1:a2:f2:ab:6d:8b:6e:f6: 28:87:66:1f:a9:05:09:e7:13:7d:9d:7e:49:b9:35: 62:13:98:cc:ad:e2:3f:3e:50:3a:6d:ad:48:06:a3: 4d:d0:25:33:71:7f:f4:45:31:2e:da:ea:70:d2:f2: bb:86:d1:7d:04:a2:98:b1:ca:26:25:9b:b7:84:56: af:f6:ae:d6:85:b8:1a:b5:78:24:84:58:57:60:b1: ed:e2:3f:f0:d1:fa:4c:57:30:15:22:fa:37:8b:f8: 10:fd:c8:f7:0a:50:d3:19:f8:15:cd:0d:b4:c8:b6: 35:e0:c2:1d:71:28:31:3d:05:53:bd:9f:f7:f2:c8: 51:e0:c9:cb:a8:e3:82:d0:1e:9e:d2:83:a2:44:6e: 5c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:f3:8a:98:8b:05:b2:5e:eb:11:fb:fb:65:e2:ec:0e:a9:87: 60:2f:60:b7:08:07:06:e6:a6:13:9f:66:77:9c:2d:80:79:e2: e2:85:71:47:e0:8e:3c:6c:cc:26:88:45:bd:84:55:8d:fb:48: f7:54:ef:ed:fe:5d:9f:96:4f:31:0f:a0:ae:7a:2b:74:8b:ce: 81:4c:25:6b:c5:60:fb:d7:e8:82:eb:b2:af:73:54:5b:89:81: 61:26:c7:b0:52:ce:37:3a:14:1f:3e:d6:46:1e:28:91:12:53: f2:78:62:53:a6:c7:b6:2b:88:fb:bc:d2:e5:e3:5c:c1:78:ee: 6c:77:ac:7d:d2:98:61:b9:be:ab:80:96:46:9e:94:36:20:83: 1c:c7:12:40:ab:ab:d5:c8:2d:7f:95:76:6b:fd:07:a8:8f:38: 64:8f:c3:15:24:c2:1b:e8:99:57:fa:a9:43:cf:54:9c:4a:30: 53:4d:d3:02:40:a1:80:44:4a:28:a3:6f:a2:08:11:3d:4e:b9: 7f:f3:d0:ab:e1:2b:c7:ec:9a:86:97:9e:96:db:d6:72:f5:27: 2c:18:6c:49:69:32:4e:6f:9c:ac:f5:0f:c9:52:70:9f:25:96: 98:a7:75:22:d1:c7:2f:6e:08:72:62:72:9c:1e:d8:65:e7:4a: 1d:85:43:30 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICEBEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA3MjAx MTQxMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRCQ0M0NDcxODQ0OTdB OEZBRUIzNzY5QUQ3NjdGMkUyODcxRDJFQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhSO4raOBW5rExKP1H7E8Ry1ckJqvRYq++fyr84KbKCfrfOb8a Te7n0gQTTKziDh6t9OdmEHKk3NxYCyswGIQJqcKS9UgM4Mfi6HY3/uELuLfMtKcc 9vAAokyIwg0cd+7tXhurbGOx/LhCx9xdlnKxovKrbYtu9iiHZh+pBQnnE32dfkm5 NWITmMyt4j8+UDptrUgGo03QJTNxf/RFMS7a6nDS8ruG0X0EopixyiYlm7eEVq/2 rtaFuBq1eCSEWFdgse3iP/DR+kxXMBUi+jeL+BD9yPcKUNMZ+BXNDbTItjXgwh1x KDE9BVO9n/fyyFHgycuo44LQHp7Sg6JEblyVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUS8xEcYRJeo+us3aa12fy4ocdLqwwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvLXRhMFBBblFTUW9O OV9pUjM1OWp0U0RQSVE4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGvzipiLBbJe6xH7+2Xi7A6ph2AvYLcIBwbmphOfZnecLYB54uKFcUfgjjxs zCaIRb2EVY37SPdU7+3+XZ+WTzEPoK56K3SLzoFMJWvFYPvX6ILrsq9zVFuJgWEm x7BSzjc6FB8+1kYeKJESU/J4YlOmx7YriPu80uXjXMF47mx3rH3SmGG5vquAlkae lDYggxzHEkCrq9XILX+Vdmv9B6iPOGSPwxUkwhvomVf6qUPPVJxKMFNN0wJAoYBE Siijb6IIET1OuX/z0KvhK8fsmoaXnpbb1nL1JywYbElpMk5vnKz1D8lScJ8llpin dSLRxy9uCHJicpwe2GXnSh2FQzA= -----END CERTIFICATE-----Generated at Sun Jul 20 12:43:20 2025 by rpki-client