$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft File: yGYvK0iswHfpWADlqpLOFtJuHeo.mft (raw, json) Hash identifier: fKIseSWP6ekc2rAJGQpmsKXHAbAX86pyUJGHuxwXrIE= Subject key identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27 Authority key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA Certificate issuer: /CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Certificate serial: 0124 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft Manifest number: 0123 Signing time: Mon 08 Sep 2025 04:05:00 +0000 Manifest this update: Mon 08 Sep 2025 04:05:00 +0000 Manifest next update: Mon 08 Sep 2025 10:05:00 +0000 Files and hashes: 1: yGYvK0iswHfpWADlqpLOFtJuHeo.crl (hash: RTyhk9xoCdu54ZIfe1IaJ9jXrxychcajSdLUzoSn3io=) 2: zZRym3sAEvXMrbGWy6aM-nia49Y.roa (hash: 8wcckbKfbYd4haPADmGgIisC8XOKMSGdbXZl/xyBpIc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 07:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 292 (0x124) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Validity Not Before: Sep 8 04:05:00 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=947CDE3614F027AFB0FD1C6D9ED9F827170D6327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:53:3e:ae:64:8f:6b:31:45:e5:ec:51:02:5b: 5b:15:41:6a:62:0e:d2:df:92:ca:34:b3:fc:9f:d4: d3:f5:93:40:bd:8e:a4:a3:4b:84:38:04:db:3a:bf: df:bb:a9:b7:7a:0f:28:7b:12:48:54:ac:52:48:55: 1e:99:93:0c:10:b7:06:0a:80:3c:0c:98:79:20:67: 1e:2d:33:c3:fb:37:8d:30:7e:ea:17:e1:f2:27:22: c0:a9:fc:2e:a1:53:e5:ac:b5:25:de:93:45:a2:b6: 1b:4a:7b:89:81:2f:32:c2:8d:98:50:f3:23:0b:22: 88:4d:77:2f:90:8b:20:e9:dd:35:35:af:8a:bb:e5: 8f:7e:50:5d:88:98:07:06:9e:3a:e2:8a:81:a7:83: 1a:9a:6b:c0:45:1d:9c:ab:18:52:d4:6d:6d:85:35: 29:a7:08:1f:00:49:4e:97:ec:43:48:f4:5f:54:6e: 0a:1e:6a:7d:a0:5e:45:e1:df:7e:85:fe:22:be:cc: 22:b3:8b:53:86:64:b7:90:c4:60:84:6f:40:a3:0f: 61:e9:29:bd:a7:44:c4:73:64:be:ba:4e:69:e2:dc: 8c:09:40:c0:00:76:9e:81:ab:17:95:d7:53:07:0f: 1f:b2:a1:b6:f7:d2:b4:54:a0:3c:31:43:82:cc:d0: 36:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27 X509v3 Authority Key Identifier: keyid:C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:e5:3f:a0:51:97:80:e1:61:9b:1c:d7:b5:9e:a2:71:fc:2f: 68:9c:92:a1:c1:32:4a:c0:e7:89:f6:bb:72:b4:4a:48:13:4c: 2d:58:2c:2f:69:d9:b9:c7:75:0d:e7:9d:af:88:0b:1a:98:cf: 10:54:b4:85:18:fa:f7:cf:dd:19:8e:c1:58:96:63:7d:36:b0: df:c6:8c:d7:ca:01:fd:0f:1e:95:90:0c:f5:9e:aa:f2:94:5c: a7:8a:dd:fa:66:57:e9:8f:68:8f:00:f6:73:a2:fc:68:40:2a: b4:91:d3:51:6e:1a:84:d1:56:7b:c3:24:42:a7:0d:66:4a:0a: a2:b2:1f:d5:d5:e9:3f:e9:dd:be:07:07:00:0b:08:72:d1:b6: 8f:69:85:8d:6a:b0:cf:33:ad:fb:42:ee:f0:85:86:92:67:6b: 66:ee:8c:fa:45:6c:11:88:9a:00:ce:60:f4:82:8b:ff:02:2a: 4c:24:c2:ce:13:3a:74:36:70:0b:66:26:58:14:0e:d6:66:e9: 0a:35:a7:7c:67:bb:32:8f:04:74:3f:cf:b9:f9:81:1e:5f:4a: 4a:2d:fe:c9:3a:8f:1e:c2:42:87:e6:6e:3e:2c:dc:62:1e:ed: 22:92:d1:44:52:34:f3:b0:7d:37:75:3a:42:60:77:9e:a7:be: 14:ea:b6:49 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICASQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzg2 NjJGMkI0OEFDQzA3N0U5NTgwMEU1QUE5MkNFMTZEMjZFMURFQTAeFw0yNTA5MDgw NDA1MDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk0N0NERTM2MTRGMDI3 QUZCMEZEMUM2RDlFRDlGODI3MTcwRDYzMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjUz6uZI9rMUXl7FECW1sVQWpiDtLfkso0s/yf1NP1k0C9jqSj S4Q4BNs6v9+7qbd6Dyh7EkhUrFJIVR6ZkwwQtwYKgDwMmHkgZx4tM8P7N40wfuoX 4fInIsCp/C6hU+WstSXek0WithtKe4mBLzLCjZhQ8yMLIohNdy+QiyDp3TU1r4q7 5Y9+UF2ImAcGnjriioGngxqaa8BFHZyrGFLUbW2FNSmnCB8ASU6X7ENI9F9Ubgoe an2gXkXh336F/iK+zCKzi1OGZLeQxGCEb0CjD2HpKb2nRMRzZL66Tmni3IwJQMAA dp6BqxeV11MHDx+yobb30rRUoDwxQ4LM0DYtAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlHzeNhTwJ6+w/Rxtntn4JxcNYycwHwYDVR0jBBgwFoAUyGYvK0iswHfpWADl qpLOFtJuHeowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3 MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3lHWXZLMGlzd0hmcFdBRGxxcExPRnRKdUhlby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzAveUdZdkswaXN3SGZw V0FEbHFwTE9GdEp1SGVvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADPlP6BRl4DhYZsc17WeonH8L2ickqHBMkrA54n2u3K0SkgTTC1YLC9p2bnH dQ3nna+ICxqYzxBUtIUY+vfP3RmOwViWY302sN/GjNfKAf0PHpWQDPWeqvKUXKeK 3fpmV+mPaI8A9nOi/GhAKrSR01FuGoTRVnvDJEKnDWZKCqKyH9XV6T/p3b4HBwAL CHLRto9phY1qsM8zrftC7vCFhpJna2bujPpFbBGImgDOYPSCi/8CKkwkws4TOnQ2 cAtmJlgUDtZm6Qo1p3xnuzKPBHQ/z7n5gR5fSkot/sk6jx7CQofmbj4s3GIe7SKS 0URSNPOwfTd1OkJgd56nvhTqtkk= -----END CERTIFICATE-----Generated at Mon Sep 8 06:17:22 2025 by rpki-client