$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3229/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.mft File: hkJ-VFo-gGs0Xw0gwOOeIcToUBw.mft (raw, json) Hash identifier: C6JNIy0KlQ3XGp8OyjVCpy4YJ7+3hYjqRkd1ap0PFQ4= Subject key identifier: 5A:E5:EB:E6:F2:69:00:47:5A:8B:A4:8D:FD:4E:DA:E4:5D:DB:34:BF Authority key identifier: 86:42:7E:54:5A:3E:80:6B:34:5F:0D:20:C0:E3:9E:21:C4:E8:50:1C Certificate issuer: /CN=86427E545A3E806B345F0D20C0E39E21C4E8501C Certificate serial: 0933 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3229/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.mft Manifest number: 0933 Signing time: Fri 22 Nov 2024 10:21:05 +0000 Manifest this update: Fri 22 Nov 2024 10:21:05 +0000 Manifest next update: Fri 22 Nov 2024 16:21:05 +0000 Files and hashes: 1: hkJ-VFo-gGs0Xw0gwOOeIcToUBw.crl (hash: FJH7VHrZLs8/NB+Um+ISzyw8AlDwfr/maqQQIY5UTsM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3229/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3229/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 16:21:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2355 (0x933) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86427E545A3E806B345F0D20C0E39E21C4E8501C Validity Not Before: Nov 22 10:21:05 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5AE5EBE6F26900475A8BA48DFD4EDAE45DDB34BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1e:4d:89:ad:a4:d1:cf:95:af:20:d2:72:38: c8:10:41:3a:e8:23:5d:d7:16:57:21:b6:a1:2d:cd: 37:8c:84:f4:c0:4f:89:ab:6c:d5:dd:7b:d5:e0:7f: f3:3f:af:a6:fb:8e:b7:98:ab:91:d0:66:6b:14:fe: ad:d6:f1:55:51:f2:0b:00:8f:e4:30:ac:35:cc:03: 91:99:87:8f:d5:a8:b6:61:1f:1c:ca:bc:86:e4:93: 00:eb:89:c4:89:c1:27:42:a6:28:3b:47:cc:ca:06: 41:a8:f0:6b:9c:ab:08:ce:6d:4a:18:b3:2a:ee:98: ca:54:87:81:ed:a7:08:d4:e0:fe:84:b3:a1:d2:39: 61:15:02:16:10:08:ea:3c:f5:98:a9:89:71:7a:05: 5b:a9:17:4b:46:f6:f9:c7:74:5a:b0:96:2a:f2:e9: b1:a6:d2:5c:ad:c7:c8:58:ac:d4:a2:2c:5c:51:6c: 71:5e:dd:4e:58:97:31:43:64:25:41:f2:5b:aa:b6: 53:dc:c3:b9:41:6f:1d:e4:31:b4:1c:03:0e:8c:53: 24:c2:04:9d:f1:2b:9f:42:9e:97:9e:92:58:78:27: 9e:dd:1f:df:e1:8e:49:a6:03:2a:4f:54:f2:d9:1d: 5b:c7:da:79:aa:04:d9:a7:5b:49:e4:d9:0e:a3:d8: dd:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:E5:EB:E6:F2:69:00:47:5A:8B:A4:8D:FD:4E:DA:E4:5D:DB:34:BF X509v3 Authority Key Identifier: keyid:86:42:7E:54:5A:3E:80:6B:34:5F:0D:20:C0:E3:9E:21:C4:E8:50:1C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3229/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3229/hkJ-VFo-gGs0Xw0gwOOeIcToUBw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:3b:eb:d0:03:ac:3b:5a:5c:91:00:01:43:66:43:8d:0e:48: f7:72:ae:d3:c9:63:f6:10:89:3d:13:56:81:6e:14:e8:f7:e4: be:87:c6:ef:b8:03:bf:d6:14:44:ed:bc:c9:41:29:e0:4a:a2: 8a:1b:46:5b:3d:25:db:de:a8:57:0b:01:cc:8e:53:49:47:b8: 53:a3:ea:d9:49:92:aa:64:9c:fb:64:a8:ce:71:c6:d5:63:40: 9c:8d:fb:35:05:86:2a:86:b3:a1:e6:38:9e:8d:63:8b:4a:cc: 8e:5f:a0:5b:12:ea:8d:13:2c:6c:16:3a:18:0f:55:2f:be:ba: fb:70:bb:cb:8f:44:5f:fe:79:5c:1a:49:7e:20:3d:4a:db:ac: 3b:23:6d:6e:99:76:c7:5e:d1:72:4d:ac:a2:f5:04:2c:6b:1a: 2d:a8:32:ea:d2:e2:54:2c:ac:f6:c7:c9:28:1d:12:a8:f6:f5: 33:79:7b:e2:cc:85:60:c0:72:84:ac:ef:fc:39:e8:91:cf:08: 5a:e0:c6:38:16:65:0e:fc:2e:50:2a:f1:91:ae:b2:0b:7a:75: 99:21:2a:76:eb:99:30:48:b3:f0:73:79:9e:8e:aa:1d:7b:35: b2:2e:4f:54:67:b9:4b:fd:09:d3:0b:9f:0c:c5:5d:93:a9:fb: 8e:3f:34:82 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0 MjdFNTQ1QTNFODA2QjM0NUYwRDIwQzBFMzlFMjFDNEU4NTAxQzAeFw0yNDExMjIx MDIxMDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVBRTVFQkU2RjI2OTAw NDc1QThCQTQ4REZENEVEQUU0NUREQjM0QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAHk2JraTRz5WvINJyOMgQQTroI13XFlchtqEtzTeMhPTAT4mr bNXde9Xgf/M/r6b7jreYq5HQZmsU/q3W8VVR8gsAj+QwrDXMA5GZh4/VqLZhHxzK vIbkkwDricSJwSdCpig7R8zKBkGo8GucqwjObUoYsyrumMpUh4HtpwjU4P6Es6HS OWEVAhYQCOo89ZipiXF6BVupF0tG9vnHdFqwliry6bGm0lytx8hYrNSiLFxRbHFe 3U5YlzFDZCVB8luqtlPcw7lBbx3kMbQcAw6MUyTCBJ3xK59Cnpeeklh4J57dH9/h jkmmAypPVPLZHVvH2nmqBNmnW0nk2Q6j2N11AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUWuXr5vJpAEdai6SN/U7a5F3bNL8wHwYDVR0jBBgwFoAUhkJ+VFo+gGs0Xw0g wOOeIcToUBwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIy OS9oa0otVkZvLWdHczBYdzBnd09PZUljVG9VQncuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2hrSi1WRm8tZ0dzMFh3MGd3T09lSWNUb1VCdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMjkvaGtKLVZGby1nR3Mw WHcwZ3dPT2VJY1RvVUJ3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEE769ADrDtaXJEAAUNmQ40OSPdyrtPJY/YQiT0TVoFuFOj35L6Hxu+4A7/W FETtvMlBKeBKooobRls9JdveqFcLAcyOU0lHuFOj6tlJkqpknPtkqM5xxtVjQJyN +zUFhiqGs6HmOJ6NY4tKzI5foFsS6o0TLGwWOhgPVS++uvtwu8uPRF/+eVwaSX4g PUrbrDsjbW6Zdsde0XJNrKL1BCxrGi2oMurS4lQsrPbHySgdEqj29TN5e+LMhWDA coSs7/w56JHPCFrgxjgWZQ78LlAq8ZGusgt6dZkhKnbrmTBIs/BzeZ6Oqh17NbIu T1RnuUv9CdMLnwzFXZOp+44/NII= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:38 2024 by rpki-client on console-fra.rpki-client.org