$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json) Hash identifier: VZmt+s39splZxkeztMZ93NH3PdGdXsRtfyPgcieTwSE= Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 06EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft Manifest number: 06D9 Signing time: Fri 13 Jun 2025 06:39:28 +0000 Manifest this update: Fri 13 Jun 2025 06:39:28 +0000 Manifest next update: Fri 13 Jun 2025 12:39:28 +0000 Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=) 2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: 4UgKREOmG5ywaTXzNlYPoZiJWMdVRoqgDmAFT7vCJj4=) 3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=) 4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=) 5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=) 6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=) 7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 13 Jun 2025 12:39:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1775 (0x6ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Jun 13 06:39:28 2025 GMT Not After : Apr 9 06:41:32 2026 GMT Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8: 6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61: 71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be: 1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9: 3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76: a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd: fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0: d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b: 2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7: b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15: f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b: 67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52: b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68: 1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f: 92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea: d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59: f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4: 16:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50 X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:0f:94:e7:69:2a:46:8f:d6:ea:4d:19:8d:cb:63:6d:88:d0: 2b:aa:b0:b6:84:1d:4f:87:26:58:99:20:18:53:2e:d2:82:61: 02:ee:83:d8:c9:ea:cb:04:2b:1e:34:b5:5c:27:a7:bd:33:a4: 29:40:fa:6b:fb:90:a0:67:31:47:aa:6e:5c:bb:95:cf:f5:76: ad:d7:ad:b8:59:a0:bc:d1:13:91:e5:0c:13:cb:4f:29:ac:3a: 25:63:d4:d8:2e:31:24:3d:a1:3c:64:b4:49:1f:f0:28:9f:57: 93:49:40:34:8f:94:bc:d3:dd:30:fd:d1:ba:85:5b:4d:2f:1d: cc:e5:f6:b3:94:36:0e:00:8a:2e:36:9a:01:70:19:ad:4e:67: e3:f7:38:55:1d:54:b2:57:9f:6a:75:73:a5:26:63:67:77:85: 50:a6:aa:d3:27:84:24:7b:11:96:c3:7e:98:8a:76:9a:9b:5e: bb:e5:0d:45:95:bf:5e:5c:f1:24:94:bf:c5:83:ee:cc:23:d9: ed:3c:fc:cb:30:3e:4f:6b:59:40:80:66:38:a8:36:17:d8:d2: 98:18:32:2f:1b:a1:87:df:9b:65:2b:e0:71:25:aa:60:9d:c9: 8c:93:2b:ef:d8:24:41:6b:e7:e2:db:64:dd:7a:2d:20:2c:de: cc:26:af:75 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTA2MTMw NjM5MjhaFw0yNjA0MDkwNjQxMzJaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD 97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE 8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6 b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEMPlOdpKkaP1upNGY3LY22I0CuqsLaEHU+HJliZIBhTLtKCYQLug9jJ6ssE Kx40tVwnp70zpClA+mv7kKBnMUeqbly7lc/1dq3XrbhZoLzRE5HlDBPLTymsOiVj 1NguMSQ9oTxktEkf8CifV5NJQDSPlLzT3TD90bqFW00vHczl9rOUNg4Aii42mgFw Ga1OZ+P3OFUdVLJXn2p1c6UmY2d3hVCmqtMnhCR7EZbDfpiKdpqbXrvlDUWVv15c 8SSUv8WD7swj2e08/MswPk9rWUCAZjioNhfY0pgYMi8boYffm2Ur4HElqmCdyYyT K+/YJEFr5+LbZN16LSAs3swmr3U= -----END CERTIFICATE-----Generated at Fri Jun 13 10:37:13 2025 by rpki-client