$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3224/D1ffNJk0GeUIMAyS3GhFGYmw9VM.mft File: D1ffNJk0GeUIMAyS3GhFGYmw9VM.mft (raw, json) Hash identifier: RMdHXGcK5Cpl+vzLn+SAYv40GIAi0nYop0BTbSOXfUo= Subject key identifier: E3:49:85:A2:81:67:74:E0:0A:8C:B7:B4:FB:AE:68:94:13:5F:11:88 Authority key identifier: 0F:57:DF:34:99:34:19:E5:08:30:0C:92:DC:68:45:19:89:B0:F5:53 Certificate issuer: /CN=0F57DF34993419E508300C92DC68451989B0F553 Certificate serial: 0A0A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/D1ffNJk0GeUIMAyS3GhFGYmw9VM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3224/D1ffNJk0GeUIMAyS3GhFGYmw9VM.mft Manifest number: 0A0A Signing time: Fri 22 Nov 2024 15:24:03 +0000 Manifest this update: Fri 22 Nov 2024 15:24:03 +0000 Manifest next update: Fri 22 Nov 2024 21:24:03 +0000 Files and hashes: 1: D1ffNJk0GeUIMAyS3GhFGYmw9VM.crl (hash: 2dphXbxGQifyZ7dFaVG5hNzqJQwRYZ9e/RrCi8QqqYk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3224/D1ffNJk0GeUIMAyS3GhFGYmw9VM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3224/D1ffNJk0GeUIMAyS3GhFGYmw9VM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/D1ffNJk0GeUIMAyS3GhFGYmw9VM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2570 (0xa0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0F57DF34993419E508300C92DC68451989B0F553 Validity Not Before: Nov 22 15:24:03 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E34985A2816774E00A8CB7B4FBAE6894135F1188 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:76:7c:06:07:a7:f3:b5:c4:8a:2d:fc:6d:1b: 40:32:6d:a8:3e:1d:fb:0b:e2:ac:e2:74:e8:8b:fc: 35:76:d2:9a:e5:79:4f:a5:1d:98:83:df:8b:4d:91: 9c:3e:58:52:83:ea:84:79:89:25:03:a6:b1:14:25: 41:72:b5:d3:4d:7f:1e:f0:f5:f2:6c:51:c3:e1:17: 5c:4f:50:f1:48:e7:d7:e7:4a:1c:43:3b:af:c8:58: 40:c7:12:36:14:12:0b:ca:75:22:7b:78:cc:b0:29: 0b:af:03:a9:2e:66:97:03:6a:38:3f:42:44:3e:c3: 49:6d:d2:88:5e:62:4f:f7:aa:aa:d7:e5:39:ff:29: 34:b1:64:ec:07:32:4c:a3:6e:6a:06:29:60:ec:71: d1:cd:f1:89:28:a7:e7:94:9c:5d:23:17:2c:29:ea: 8d:76:dd:7c:b8:8e:f9:c3:13:e9:1e:9e:a6:13:d1: ed:97:99:f0:cb:40:6d:fe:1f:90:e0:ca:37:1e:ce: 50:0a:95:aa:3d:5d:a9:a5:f1:0d:4d:f2:5e:7e:06: 54:a4:b3:5c:60:15:a5:e0:f6:39:25:79:b2:c6:30: 44:b9:92:e9:85:8f:85:89:c5:c1:86:c9:ae:97:39: 59:38:ab:fd:3b:da:75:07:dd:ee:63:3a:60:17:c9: 8b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:49:85:A2:81:67:74:E0:0A:8C:B7:B4:FB:AE:68:94:13:5F:11:88 X509v3 Authority Key Identifier: keyid:0F:57:DF:34:99:34:19:E5:08:30:0C:92:DC:68:45:19:89:B0:F5:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3224/D1ffNJk0GeUIMAyS3GhFGYmw9VM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/D1ffNJk0GeUIMAyS3GhFGYmw9VM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3224/D1ffNJk0GeUIMAyS3GhFGYmw9VM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:dd:d9:f6:0f:65:0e:40:01:98:b1:6d:be:22:80:16:9e:dd: 69:5a:f5:c4:30:eb:cb:cb:80:ee:a5:df:36:8b:78:4e:1e:2a: 9d:00:07:12:01:2c:6e:c3:04:ac:35:f4:2e:0a:0e:43:5f:84: 2e:52:2a:bb:4e:fe:62:c6:11:27:be:a2:38:53:ee:08:e4:69: 24:f1:b4:a7:bb:1b:5d:25:7d:2a:68:ee:f7:37:9c:84:a9:01: ec:4b:e7:6c:6d:d3:97:b7:18:f6:d3:e4:13:b8:5d:dd:8d:da: d8:20:5f:2c:86:3d:6f:15:08:91:98:91:43:75:ce:13:bf:54: ba:0b:b8:8f:f6:0d:33:8d:95:02:a0:1e:62:bd:ba:67:e2:e5: 0d:38:d8:74:e7:02:32:bd:3c:41:e9:52:dc:d4:f2:be:72:4e: a3:1d:d9:a2:a8:36:ca:82:4b:23:ce:8c:aa:87:3f:47:35:d6: 4e:50:b6:6a:72:50:3c:4b:51:60:cf:eb:98:68:c6:ce:a1:41: 83:eb:ed:a6:23:4f:85:89:01:ab:b0:63:b2:57:80:46:47:19: b8:20:1c:aa:b1:02:3b:2e:0b:4f:b5:a8:59:59:60:33:07:a5: 93:26:35:d4:fb:a3:2d:d9:be:c5:f5:ba:89:3d:57:de:7f:7a: 40:80:80:db -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEY1 N0RGMzQ5OTM0MTlFNTA4MzAwQzkyREM2ODQ1MTk4OUIwRjU1MzAeFw0yNDExMjIx NTI0MDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUzNDk4NUEyODE2Nzc0 RTAwQThDQjdCNEZCQUU2ODk0MTM1RjExODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1dnwGB6fztcSKLfxtG0Aybag+HfsL4qzidOiL/DV20prleU+l HZiD34tNkZw+WFKD6oR5iSUDprEUJUFytdNNfx7w9fJsUcPhF1xPUPFI59fnShxD O6/IWEDHEjYUEgvKdSJ7eMywKQuvA6kuZpcDajg/QkQ+w0lt0oheYk/3qqrX5Tn/ KTSxZOwHMkyjbmoGKWDscdHN8Ykop+eUnF0jFywp6o123Xy4jvnDE+kenqYT0e2X mfDLQG3+H5DgyjcezlAKlao9Xaml8Q1N8l5+BlSks1xgFaXg9jklebLGMES5kumF j4WJxcGGya6XOVk4q/072nUH3e5jOmAXyYufAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU40mFooFndOAKjLe0+65olBNfEYgwHwYDVR0jBBgwFoAUD1ffNJk0GeUIMAyS 3GhFGYmw9VMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIy NC9EMWZmTkprMEdlVUlNQXlTM0doRkdZbXc5Vk0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0QxZmZOSmswR2VVSU1BeVMzR2hGR1ltdzlWTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMjQvRDFmZk5KazBHZVVJ TUF5UzNHaEZHWW13OVZNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAArd2fYPZQ5AAZixbb4igBae3Wla9cQw68vLgO6l3zaLeE4eKp0ABxIBLG7D BKw19C4KDkNfhC5SKrtO/mLGESe+ojhT7gjkaSTxtKe7G10lfSpo7vc3nISpAexL 52xt05e3GPbT5BO4Xd2N2tggXyyGPW8VCJGYkUN1zhO/VLoLuI/2DTONlQKgHmK9 umfi5Q042HTnAjK9PEHpUtzU8r5yTqMd2aKoNsqCSyPOjKqHP0c11k5QtmpyUDxL UWDP65hoxs6hQYPr7aYjT4WJAauwY7JXgEZHGbggHKqxAjsuC0+1qFlZYDMHpZMm NdT7oy3ZvsX1uok9V95/ekCAgNs= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:46 2024 by rpki-client on console-ams.rpki-client.org