$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft File: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft (raw, json) Hash identifier: dcqXRUGsO0zxomTfhq8/nfriqpDnU2r1kcF1GfJNbGg= Subject key identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C Authority key identifier: 19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03 Certificate issuer: /CN=193519DD773C40D04F641CC44558D3461297B003 Certificate serial: 1D42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft Manifest number: 1D3C Signing time: Fri 11 Apr 2025 16:37:42 +0000 Manifest this update: Fri 11 Apr 2025 16:37:42 +0000 Manifest next update: Fri 11 Apr 2025 22:37:42 +0000 Files and hashes: 1: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl (hash: CRgXKYsNOBz8iX1U3aT8yMOfd8z0n2QXEnSMQE8FB+4=) 2: ofWDTuZdBsoEHdpdD-hMueJn7lQ.roa (hash: mtF01OQZB4FrXLC5rgApOcnJP5/2xm8KbS60Erj6vHw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 22:37:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7490 (0x1d42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=193519DD773C40D04F641CC44558D3461297B003 Validity Not Before: Apr 11 16:37:42 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=857AD43056F6EE38F2F239E3647797B73033927C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:11:dd:56:1b:93:a0:3a:ef:10:8b:28:0a:3b: 80:72:e5:0d:2a:45:a7:77:3b:65:87:c9:2d:77:ed: 19:66:30:f1:eb:74:54:4d:1f:99:1b:08:56:fa:bd: 45:26:25:3f:ea:1e:22:30:c6:39:ef:5f:39:67:0f: 7b:f7:c5:76:98:2e:bf:f4:a0:ea:b6:8a:f1:39:ba: 1a:02:bf:57:62:fc:c2:15:54:66:9c:d6:d0:09:60: 49:68:ab:0d:24:71:44:d1:4f:86:86:c2:40:15:43: e3:95:ef:92:6b:18:82:77:e5:b8:b0:1f:4f:7e:52: f1:86:79:05:3c:90:f5:35:c7:b7:68:ca:97:18:4d: 79:51:4a:a6:76:fa:62:a1:a7:5e:87:6d:87:a2:81: 6d:c5:f3:40:f6:96:1e:98:22:d3:ba:9d:31:07:c8: 9e:fc:0f:48:05:65:cc:45:fe:76:5c:44:a5:67:45: 98:37:83:95:6b:cf:66:f6:7b:ee:43:87:a3:7e:21: b8:85:e6:0b:74:04:ba:bd:d2:e8:79:54:61:df:ee: bd:16:41:6f:aa:a8:37:a4:0e:35:2e:e0:46:f0:12: ba:76:89:8c:f8:67:89:92:22:24:11:1c:8d:d6:31: 01:18:43:1b:0f:0d:2d:93:eb:78:47:3f:5a:57:52: 82:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C X509v3 Authority Key Identifier: keyid:19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:4e:f7:0a:cf:e1:bd:fd:5b:e9:d7:e9:69:d2:e7:c6:a2:3b: a3:d0:4d:bc:1d:a0:3c:cc:f3:34:32:8f:3b:a2:cf:f5:93:1a: 24:0f:46:4b:87:16:fa:61:a3:61:d9:08:59:c6:df:64:ce:f2: ef:4f:e7:27:08:2a:e8:10:e2:de:94:72:3f:56:d1:b0:ec:9e: 38:00:bc:d2:40:6d:e6:df:6d:bc:c4:a3:fe:ff:62:95:10:97: dd:64:7a:d6:de:cb:39:7b:2a:21:5c:d6:68:00:98:f5:41:a8: 4f:4c:9e:4d:86:5f:86:f4:0f:e6:a9:e0:b5:d1:b1:83:21:6e: 23:c4:ae:95:9f:46:8d:6e:ce:a4:5b:5f:ad:05:59:5b:2d:80: 8c:6a:4b:f1:99:3e:ca:63:34:6a:1f:ab:84:26:6b:09:89:45: de:b9:b0:06:b8:94:ac:d8:87:fd:60:53:d6:72:e7:75:b0:4c: 3b:33:02:aa:86:93:b5:bd:c9:a2:f0:07:5c:1e:5a:2d:c5:6a: 94:64:8d:48:bd:6b:0d:ca:b9:68:2b:f3:f6:d2:e8:2b:2f:ed: b9:dc:d2:ad:6a:13:2d:51:af:fc:c1:27:72:2e:96:70:94:28: b9:ae:cb:c1:8c:27:93:39:8c:26:97:11:77:50:ef:fc:a5:78: 35:06:c6:39 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTkz NTE5REQ3NzNDNDBEMDRGNjQxQ0M0NDU1OEQzNDYxMjk3QjAwMzAeFw0yNTA0MTEx NjM3NDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg1N0FENDMwNTZGNkVF MzhGMkYyMzlFMzY0Nzc5N0I3MzAzMzkyN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPEd1WG5OgOu8QiygKO4By5Q0qRad3O2WHyS137RlmMPHrdFRN H5kbCFb6vUUmJT/qHiIwxjnvXzlnD3v3xXaYLr/0oOq2ivE5uhoCv1di/MIVVGac 1tAJYEloqw0kcUTRT4aGwkAVQ+OV75JrGIJ35biwH09+UvGGeQU8kPU1x7doypcY TXlRSqZ2+mKhp16HbYeigW3F80D2lh6YItO6nTEHyJ78D0gFZcxF/nZcRKVnRZg3 g5Vrz2b2e+5Dh6N+IbiF5gt0BLq90uh5VGHf7r0WQW+qqDekDjUu4EbwErp2iYz4 Z4mSIiQRHI3WMQEYQxsPDS2T63hHP1pXUoLZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUhXrUMFb27jjy8jnjZHeXtzAzknwwHwYDVR0jBBgwFoAUGTUZ3Xc8QNBPZBzE RVjTRhKXsAMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkw My9HVFVaM1hjOFFOQlBaQnpFUlZqVFJoS1hzQU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dUVVozWGM4UU5CUFpCekVSVmpUUmhLWHNBTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5MDMvR1RVWjNYYzhRTkJQ WkJ6RVJWalRSaEtYc0FNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHJO9wrP4b39W+nX6WnS58aiO6PQTbwdoDzM8zQyjzuiz/WTGiQPRkuHFvph o2HZCFnG32TO8u9P5ycIKugQ4t6Ucj9W0bDsnjgAvNJAbebfbbzEo/7/YpUQl91k etbeyzl7KiFc1mgAmPVBqE9Mnk2GX4b0D+ap4LXRsYMhbiPErpWfRo1uzqRbX60F WVstgIxqS/GZPspjNGofq4QmawmJRd65sAa4lKzYh/1gU9Zy53WwTDszAqqGk7W9 yaLwB1weWi3FapRkjUi9aw3KuWgr8/bS6Csv7bnc0q1qEy1Rr/zBJ3IulnCUKLmu y8GMJ5M5jCaXEXdQ7/yleDUGxjk= -----END CERTIFICATE-----Generated at Fri Apr 11 21:55:10 2025 by rpki-client