Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.mft
File: F1mdmaUx-BsV172e8tRomDHw2F0.mft (raw, json)
Hash identifier: lowE7ij8Zd3lnMi1CmjOKBPqpdVLBdrNOI/eSXSw36U=
Subject key identifier: EB:7D:B0:F1:34:58:D7:F6:3E:25:07:D2:EF:36:D2:BC:FE:EB:51:81
Authority key identifier: 17:59:9D:99:A5:31:F8:1B:15:D7:BD:9E:F2:D4:68:98:31:F0:D8:5D
Certificate issuer: /CN=17599D99A531F81B15D7BD9EF2D4689831F0D85D
Certificate serial: 0424
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.mft
Manifest number: 0420
Signing time: Sun 13 Apr 2025 22:07:48 +0000
Manifest this update: Sun 13 Apr 2025 22:07:48 +0000
Manifest next update: Mon 14 Apr 2025 04:07:48 +0000
Files and hashes: 1: F1mdmaUx-BsV172e8tRomDHw2F0.crl (hash: c7rCSaPTld99MdTgHG5zTAwYQxBe9ECjB90WcnBBuTc=)
2: lK4-oeFtUHF3mLUrePlLBIigGdY.roa (hash: aRbdXVoiAdr31won1vJ0j6ZH5WVSIeE8Zz3myefySLI=)
3: rnGy2SUaXF4Kw4ixb86-0SixpOI.roa (hash: mUNwqaq2nGxEL9FXUQArwT2qiRUusdcg6R4vJKJFAhA=)
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 04:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1060 (0x424)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17599D99A531F81B15D7BD9EF2D4689831F0D85D
Validity
Not Before: Apr 13 22:07:48 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=EB7DB0F13458D7F63E2507D2EF36D2BCFEEB5181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e7:1c:d3:4f:72:2a:ba:ea:d2:cd:9f:a0:a5:
81:dc:f3:67:bc:0b:2d:48:d5:32:5f:e6:45:3c:ec:
28:e1:de:76:10:28:4d:5d:63:68:67:e5:19:34:8d:
d4:90:e8:81:ef:89:3a:dc:29:d0:66:0f:bc:11:47:
84:be:04:52:bc:00:74:16:2f:99:f8:d4:8a:e1:79:
bf:2e:e6:fa:84:b3:60:9c:90:bc:32:b4:9d:30:68:
07:6b:1f:4d:df:63:bf:22:f2:75:2e:bc:b6:53:1a:
0a:bf:a4:25:69:15:c3:99:ee:ef:9d:d5:58:a2:26:
b9:19:55:0a:3f:78:c4:2b:6a:fa:af:18:f4:9b:bf:
15:7f:d1:63:6d:d3:40:8a:70:a8:7b:da:9c:62:c0:
03:f7:df:24:da:c4:23:0d:79:7d:18:30:73:7b:b9:
b2:70:04:3d:f6:f7:22:54:3a:8c:0f:20:58:a4:81:
dc:85:a9:f6:df:2c:9c:ce:5c:33:28:71:46:86:5e:
5e:f1:2b:23:5b:c9:41:5c:eb:e9:9b:96:a2:9e:a3:
e4:d6:41:87:02:3a:0b:99:01:4f:80:20:c0:38:fa:
93:88:a3:26:84:ad:d6:f9:f2:11:b3:a5:ca:8a:43:
f8:41:6a:82:ad:0a:a6:88:84:57:ae:77:dd:b0:c6:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7D:B0:F1:34:58:D7:F6:3E:25:07:D2:EF:36:D2:BC:FE:EB:51:81
X509v3 Authority Key Identifier:
keyid:17:59:9D:99:A5:31:F8:1B:15:D7:BD:9E:F2:D4:68:98:31:F0:D8:5D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
12:53:17:37:9b:ed:27:38:cc:58:80:a1:42:b9:dd:cf:ee:b7:
85:80:24:c1:ae:84:c3:86:5e:a4:bc:d4:0c:bb:b8:cc:1c:23:
62:c5:c7:fa:94:82:c4:a2:8b:06:ab:9a:16:ce:01:9c:9f:dd:
74:5b:33:e4:13:fa:c4:7d:ab:54:6c:0f:dc:53:71:be:16:e4:
f5:ba:a6:a6:39:11:9c:24:c0:b8:4b:e2:77:e8:10:56:9a:80:
f5:bb:b8:b3:73:61:80:09:4b:18:ed:ae:a5:5d:41:f6:e1:00:
ea:bf:ec:30:d1:a0:dd:2c:a8:ac:1a:b2:42:0f:d1:15:12:b0:
36:44:c2:32:9f:11:2c:2f:19:e3:02:99:d5:85:31:cd:20:44:
39:21:b4:5f:eb:6e:04:65:39:27:a1:d3:ec:b3:6f:c2:5e:51:
45:5b:89:f6:3d:c5:99:b2:bc:ec:e3:6a:a4:b3:17:78:93:9f:
64:23:f1:11:ce:10:37:89:35:ac:6a:a2:ef:d1:bf:e7:31:15:
07:87:7a:78:96:e0:07:80:55:4f:59:1d:0f:a0:f7:ea:71:25:
55:bd:af:9a:22:63:6b:fd:65:97:42:23:c5:b8:0f:e3:66:53:
c3:1c:6a:38:59:4f:e5:30:2d:dd:df:58:6d:5a:7a:25:9e:18:
f9:e7:40:76
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTc1
OTlEOTlBNTMxRjgxQjE1RDdCRDlFRjJENDY4OTgzMUYwRDg1RDAeFw0yNTA0MTMy
MjA3NDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVCN0RCMEYxMzQ1OEQ3
RjYzRTI1MDdEMkVGMzZEMkJDRkVFQjUxODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC35xzTT3IquurSzZ+gpYHc82e8Cy1I1TJf5kU87Cjh3nYQKE1d
Y2hn5Rk0jdSQ6IHviTrcKdBmD7wRR4S+BFK8AHQWL5n41Irheb8u5vqEs2CckLwy
tJ0waAdrH03fY78i8nUuvLZTGgq/pCVpFcOZ7u+d1ViiJrkZVQo/eMQravqvGPSb
vxV/0WNt00CKcKh72pxiwAP33yTaxCMNeX0YMHN7ubJwBD329yJUOowPIFikgdyF
qfbfLJzOXDMocUaGXl7xKyNbyUFc6+mblqKeo+TWQYcCOguZAU+AIMA4+pOIoyaE
rdb58hGzpcqKQ/hBaoKtCqaIhFeud92wxuZFAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU632w8TRY1/Y+JQfS7zbSvP7rUYEwHwYDVR0jBBgwFoAUF1mdmaUx+BsV172e
8tRomDHw2F0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk5
NC9GMW1kbWFVeC1Cc1YxNzJlOHRSb21ESHcyRjAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0YxbWRtYVV4LUJzVjE3MmU4dFJvbURIdzJGMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5OTQvRjFtZG1hVXgtQnNW
MTcyZTh0Um9tREh3MkYwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABJTFzeb7Sc4zFiAoUK53c/ut4WAJMGuhMOGXqS81Ay7uMwcI2LFx/qUgsSi
iwarmhbOAZyf3XRbM+QT+sR9q1RsD9xTcb4W5PW6pqY5EZwkwLhL4nfoEFaagPW7
uLNzYYAJSxjtrqVdQfbhAOq/7DDRoN0sqKwaskIP0RUSsDZEwjKfESwvGeMCmdWF
Mc0gRDkhtF/rbgRlOSeh0+yzb8JeUUVbifY9xZmyvOzjaqSzF3iTn2Qj8RHOEDeJ
Naxqou/Rv+cxFQeHeniW4AeAVU9ZHQ+g9+pxJVW9r5oiY2v9ZZdCI8W4D+NmU8Mc
ajhZT+UwLd3fWG1aeiWeGPnnQHY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:37:20 2025 by rpki-client