$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft File: KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft (raw, json) Hash identifier: 8Bb4ydN/wgnPyr657SygrJu23lepcz1KjTijsvdV4KA= Subject key identifier: 30:16:10:8F:C6:33:D5:8B:30:86:6D:F7:AD:81:E9:A6:AD:6A:88:86 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 0FFB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft Manifest number: 0FA2 Signing time: Thu 02 May 2024 09:25:01 +0000 Manifest this update: Thu 02 May 2024 09:25:01 +0000 Manifest next update: Thu 02 May 2024 15:25:01 +0000 Files and hashes: 1: 4zkWDdlmYrkToUTjEtJ4FEzEZHc.roa (hash: wO+nKs6Owz2/qljZvhvDLHD/IqekmywHIUGp6uGCoZE=) 2: FL0Fc8WMCnIl2VEVwLfu7klMaks.roa (hash: 5NBNlM4++EiTm6Rqo5NxfKdrnavMG1y0nYJQOJgnp6Q=) 3: KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl (hash: KOswVqHnSw/aGFd6gU6r7vFmQLKO/KPs9zw9+zJJBig=) 4: RPEfXc1dkjGqL9go8dr3KVCsF3g.roa (hash: ncMwdLHJzi//ZjYbMIieV+i4Cti3lba6NeGEFupHKFE=) 5: TkZSn7pQSmPHY_Knfy8oeT3PZz0.roa (hash: 8mBNptqqkoQDRl+nRsgkuUpQ2+2zqItOCkXjSgxGuWw=) 6: kI1QW5z3Gz7_EVTJ21Es-pzxSos.roa (hash: ZMT1oRzuc8lEt6/2jcIDTmesqE2C9FxObZh/imLda5U=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 15:25:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4091 (0xffb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: May 2 09:25:01 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3016108FC633D58B30866DF7AD81E9A6AD6A8886 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:63:33:e3:a5:12:24:21:e8:10:32:6f:c6:2c: 07:28:3b:e8:b4:cb:93:97:4b:12:2a:ca:68:75:89: 23:0f:7b:bd:e0:72:a2:10:39:3f:e4:de:34:3f:14: 6c:9e:99:4a:10:60:76:a1:b6:6c:ee:27:34:47:75: 81:a5:75:f9:ee:a5:8d:d0:fc:83:8d:85:fc:9a:04: 96:d8:ec:8b:c9:67:72:1f:d8:7e:a1:5b:f7:88:cc: 7b:2c:e5:90:7c:3d:9a:99:99:69:64:72:90:77:2e: 7b:87:d5:45:06:ea:c6:65:31:fe:4f:78:59:9e:2a: 4d:12:a4:97:34:fd:75:bc:52:d5:fd:2b:a7:f0:1e: 5c:26:b3:a5:a8:20:e5:cb:ee:e7:e3:e9:e7:7a:48: 5e:9d:01:03:0c:4c:69:91:94:7c:e9:15:42:b4:2f: d1:6c:6f:d8:9d:4b:38:98:92:dd:5c:b1:f5:74:7c: 4b:fc:69:ef:99:b1:a1:6b:b3:f3:34:a6:3c:cf:de: 9f:c3:1b:9c:e1:4a:f5:bb:09:a3:d7:b2:79:17:a6: 01:a5:cf:a5:3f:68:ae:36:3a:cf:b6:42:c7:3d:89: b6:6c:61:7e:7f:bb:e9:57:15:3c:0e:66:8e:d3:80: e6:57:b0:e4:e1:99:53:ca:f6:4d:d6:e6:14:8c:83: b1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:16:10:8F:C6:33:D5:8B:30:86:6D:F7:AD:81:E9:A6:AD:6A:88:86 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:6d:55:cf:a8:47:82:eb:77:ad:6e:f8:35:4c:47:2b:43:a1: 40:11:9f:6e:6a:e6:8a:c8:e1:b7:25:5d:8e:49:99:12:26:92: 93:e5:30:28:05:40:bf:b5:04:1c:56:4f:10:33:43:ad:7f:65: df:5f:0d:98:89:15:ce:5d:ac:45:19:8c:3d:37:21:70:f6:db: 46:20:26:eb:99:f6:36:21:c1:e6:ad:12:09:eb:fa:ff:b8:ac: 13:82:fd:5f:89:d8:0c:aa:71:7d:90:09:71:0a:d3:7f:7e:9d: d5:aa:2b:73:a6:0a:5b:27:25:be:90:13:7b:ae:2d:95:bb:66: 41:46:2b:28:2d:2a:3f:d8:ee:e3:09:33:5c:d2:78:92:a7:ba: 7d:e4:df:1a:40:26:e6:fa:14:1e:81:e0:33:77:04:59:fe:e5: c5:d6:07:2a:ff:e2:5a:67:a9:a3:c7:fb:55:a0:86:12:93:50: 2b:45:44:66:9d:1e:49:84:e9:86:95:eb:c4:0d:22:18:cb:22: 38:21:e3:32:52:f3:10:36:66:d0:73:11:1f:fa:b1:3b:ab:49: 4a:07:93:2a:d3:ec:b4:e1:b3:95:4d:df:77:7a:8b:09:b5:dd: d7:c2:62:9b:18:d6:f6:6f:be:93:ab:c2:ed:ab:0d:80:53:d3: 02:82:97:46 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICD/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA1MDIw OTI1MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwMTYxMDhGQzYzM0Q1 OEIzMDg2NkRGN0FEODFFOUE2QUQ2QTg4ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEYzPjpRIkIegQMm/GLAcoO+i0y5OXSxIqymh1iSMPe73gcqIQ OT/k3jQ/FGyemUoQYHahtmzuJzRHdYGldfnupY3Q/IONhfyaBJbY7IvJZ3If2H6h W/eIzHss5ZB8PZqZmWlkcpB3LnuH1UUG6sZlMf5PeFmeKk0SpJc0/XW8UtX9K6fw Hlwms6WoIOXL7ufj6ed6SF6dAQMMTGmRlHzpFUK0L9Fsb9idSziYkt1csfV0fEv8 ae+ZsaFrs/M0pjzP3p/DG5zhSvW7CaPXsnkXpgGlz6U/aK42Os+2Qsc9ibZsYX5/ u+lXFTwOZo7TgOZXsOThmVPK9k3W5hSMg7HdAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUMBYQj8Yz1Yswhm33rYHppq1qiIYwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvS3d4UVZDeW9lcVBC THpEREl5TUdMSWNRSWlFLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABxtVc+oR4Lrd61u+DVMRytDoUARn25q5orI4bclXY5JmRImkpPlMCgFQL+1 BBxWTxAzQ61/Zd9fDZiJFc5drEUZjD03IXD220YgJuuZ9jYhweatEgnr+v+4rBOC /V+J2AyqcX2QCXEK039+ndWqK3OmClsnJb6QE3uuLZW7ZkFGKygtKj/Y7uMJM1zS eJKnun3k3xpAJub6FB6B4DN3BFn+5cXWByr/4lpnqaPH+1WghhKTUCtFRGadHkmE 6YaV68QNIhjLIjgh4zJS8xA2ZtBzER/6sTurSUoHkyrT7LThs5VN33d6iwm13dfC YpsY1vZvvpOrwu2rDYBT0wKCl0Y= -----END CERTIFICATE-----Generated at Thu May 2 11:54:54 2024 by rpki-client on console-fra.rpki-client.org