$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft File: QANTiAtHjVuXKhIEzwZR3ilfjso.mft (raw, json) Hash identifier: a+AYFGLc+JwM21d7tt/cuCthlm+AK5oc2v30NnN1MgQ= Subject key identifier: 3E:02:B0:EC:72:B4:53:6E:FB:18:99:9F:8A:FE:BD:6B:63:5D:F8:01 Authority key identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA Certificate issuer: /CN=400353880B478D5B972A1204CF0651DE295F8ECA Certificate serial: 1189 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft Manifest number: 1185 Signing time: Fri 22 Nov 2024 10:21:18 +0000 Manifest this update: Fri 22 Nov 2024 10:21:18 +0000 Manifest next update: Fri 22 Nov 2024 16:21:18 +0000 Files and hashes: 1: QANTiAtHjVuXKhIEzwZR3ilfjso.crl (hash: aAmJ14eIq+gm85MpzBC6zVvFL0BAh8Belf8vCJaOJ5E=) 2: tvwDmzWHcZNqivWzwOmu1lYIB9A.roa (hash: D6DySpLtWk4r//jBvuapPpDjJfCF9Xs0XH8T50WabV4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 16:21:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4489 (0x1189) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=400353880B478D5B972A1204CF0651DE295F8ECA Validity Not Before: Nov 22 10:21:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3E02B0EC72B4536EFB18999F8AFEBD6B635DF801 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:32:58:a9:d9:69:b3:4b:f1:61:4b:87:6a:75: b6:dc:4a:1c:b4:5f:ba:82:db:a0:72:66:f1:81:08: 59:bd:57:ef:79:43:59:e7:38:14:5a:62:1f:35:98: 41:d2:5f:f0:df:8d:c1:62:65:50:ca:e2:5c:08:a0: d0:6d:af:98:80:82:a4:85:45:bf:5e:83:60:f2:53: 99:f3:2d:fe:d7:95:35:30:00:87:20:de:a5:5b:69: 1b:0a:1c:b3:83:65:27:64:be:d9:fa:d4:cf:99:f4: d7:e5:de:c4:9d:7f:a1:a4:37:55:3a:fd:04:50:66: 34:88:f5:cc:62:55:6b:03:3b:7b:eb:ae:8e:0c:8f: b5:3b:c8:7f:cc:ab:c1:4a:b6:6f:10:e5:80:06:dd: 6b:19:c4:d5:49:fe:f5:33:13:ad:62:ec:cf:17:5f: 1c:1b:8b:b4:7a:89:1b:87:32:d1:c7:ee:ea:c5:9d: 2c:19:b7:11:ca:ca:d4:6d:17:bf:f6:4a:2c:0f:8e: 5f:5a:63:d4:33:f4:86:05:10:71:4b:25:a4:fa:95: f1:4d:2a:24:7b:a9:55:95:ee:4e:94:86:70:36:a4: 80:c0:b0:62:2e:39:5b:48:f4:14:d7:a4:b6:9c:0f: 6d:91:f2:30:19:7e:6d:86:c6:12:7b:5a:a2:a1:e5: 0c:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:02:B0:EC:72:B4:53:6E:FB:18:99:9F:8A:FE:BD:6B:63:5D:F8:01 X509v3 Authority Key Identifier: keyid:40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:57:e7:2a:bc:30:11:f4:c9:f6:79:e0:da:f0:84:6b:ae:1d: 62:f0:c5:2b:9b:95:0a:a9:3d:f0:1f:5c:2a:71:29:ac:57:57: f5:2f:9d:1b:c2:7f:34:e6:46:f2:01:46:85:31:f2:41:db:9a: 21:ab:7e:a6:9e:2e:fc:73:ec:be:3d:53:b2:45:ee:7b:f2:87: 53:f3:a4:60:dd:32:40:d1:f7:eb:df:58:c8:47:9c:cd:a5:49: ea:13:0c:b8:f3:37:99:16:67:5d:d8:f9:c2:07:32:4f:c7:86: 87:d7:1d:5c:58:d6:25:eb:50:72:da:99:77:8e:bd:ff:0a:e9: ef:86:d6:70:06:e8:a7:2c:2f:10:f7:9e:c6:f4:e6:3a:29:97: d0:29:97:92:7b:be:a9:04:fb:04:84:36:92:46:f2:b1:9c:e3: d9:ea:11:b0:85:59:38:66:ef:4a:e4:91:3e:f0:9f:b9:c3:62: dc:66:23:e8:d4:aa:1c:3a:c0:50:d2:dc:4e:40:24:58:d5:33: ba:64:1a:4c:c8:2c:9c:78:c3:1e:c9:54:3f:e9:cc:a2:37:50: e3:9e:d0:c1:61:c0:75:16:0a:e0:0c:9b:7e:69:9a:68:0f:4b: a0:50:5d:11:3e:03:06:d2:77:b6:78:27:aa:97:aa:1f:7a:9c: ef:e3:16:4c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICEYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDAw MzUzODgwQjQ3OEQ1Qjk3MkExMjA0Q0YwNjUxREUyOTVGOEVDQTAeFw0yNDExMjIx MDIxMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNFMDJCMEVDNzJCNDUz NkVGQjE4OTk5RjhBRkVCRDZCNjM1REY4MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOMlip2WmzS/FhS4dqdbbcShy0X7qC26ByZvGBCFm9V+95Q1nn OBRaYh81mEHSX/DfjcFiZVDK4lwIoNBtr5iAgqSFRb9eg2DyU5nzLf7XlTUwAIcg 3qVbaRsKHLODZSdkvtn61M+Z9Nfl3sSdf6GkN1U6/QRQZjSI9cxiVWsDO3vrro4M j7U7yH/Mq8FKtm8Q5YAG3WsZxNVJ/vUzE61i7M8XXxwbi7R6iRuHMtHH7urFnSwZ txHKytRtF7/2SiwPjl9aY9Qz9IYFEHFLJaT6lfFNKiR7qVWV7k6UhnA2pIDAsGIu OVtI9BTXpLacD22R8jAZfm2GxhJ7WqKh5Qz1AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUPgKw7HK0U277GJmfiv69a2Nd+AEwHwYDVR0jBBgwFoAUQANTiAtHjVuXKhIE zwZR3ilfjsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 MC9RQU5UaUF0SGpWdVhLaElFendaUjNpbGZqc28uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FBTlRpQXRIalZ1WEtoSUV6d1pSM2lsZmpzby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTAvUUFOVGlBdEhqVnVY S2hJRXp3WlIzaWxmanNvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAB5X5yq8MBH0yfZ54NrwhGuuHWLwxSublQqpPfAfXCpxKaxXV/UvnRvCfzTm RvIBRoUx8kHbmiGrfqaeLvxz7L49U7JF7nvyh1PzpGDdMkDR9+vfWMhHnM2lSeoT DLjzN5kWZ13Y+cIHMk/HhofXHVxY1iXrUHLamXeOvf8K6e+G1nAG6KcsLxD3nsb0 5jopl9Apl5J7vqkE+wSENpJG8rGc49nqEbCFWThm70rkkT7wn7nDYtxmI+jUqhw6 wFDS3E5AJFjVM7pkGkzILJx4wx7JVD/pzKI3UOOe0MFhwHUWCuAMm35pmmgPS6BQ XRE+AwbSd7Z4J6qXqh96nO/jFkw= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:38 2024 by rpki-client on console-fra.rpki-client.org