$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft (raw, json) Hash identifier: nrZtvyLh/ntBnsLkfpZ9F8W8IBuLHAY2OvNB2vXoTA8= Subject key identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 09C3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft Manifest number: 09C0 Signing time: Fri 06 Jun 2025 12:14:37 +0000 Manifest this update: Fri 06 Jun 2025 12:14:37 +0000 Manifest next update: Fri 06 Jun 2025 18:14:37 +0000 Files and hashes: 1: SGpuOxsalusTzpYR3fphfkpzMVY.roa (hash: YMN9QVglyHTZ+uAe4m7iUyKbPe/xcnJgsyMEy+dbYZI=) 2: kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl (hash: co+U9ZMldO0asp4DTQ2VH/DpIprKolOb91Xg4xInmng=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:14:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2499 (0x9c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Jun 6 12:14:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F7CE7231FE6F7D35AC67E125130F01403245BBCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:17:cd:57:be:fe:14:84:57:30:f0:64:79:4f: fe:86:52:f9:94:99:db:ee:be:6b:7c:2e:c6:ad:a7: d2:8f:b5:7b:ea:3b:38:7d:1d:b7:ec:45:19:15:95: 0a:c3:56:ba:78:7b:ea:a0:5b:fc:09:f9:8c:2f:33: 36:a8:c7:a2:89:ef:ab:26:8f:90:e4:8c:f1:90:02: 6f:3c:40:d3:e8:96:70:1a:d4:d6:c2:4e:95:c2:9a: 12:9e:ec:9f:ab:8f:64:45:bc:54:43:a2:fa:46:16: 9f:3c:32:7e:26:a3:47:f3:1a:87:0b:67:c8:c4:e3: 23:ed:62:52:b1:bc:a6:5e:e7:66:ec:e0:c6:a7:25: d2:ea:75:e5:81:9d:b0:8b:d7:ee:98:06:11:f2:35: d1:87:7c:a5:02:89:e0:65:e5:b4:05:38:fe:d9:e9: 6e:92:b0:2f:28:b2:59:0c:66:27:a0:aa:a5:01:ac: 58:eb:7e:3d:12:fb:eb:0f:a1:9b:02:cf:2f:e2:70: f5:40:fa:b3:92:25:64:a1:eb:a0:cd:57:11:b8:f4: 35:e2:92:21:db:d8:b5:86:1d:02:a2:e9:d8:31:1e: 0b:7a:da:5b:df:0c:bc:2c:c3:75:e1:89:27:97:cb: 12:7c:a2:ac:8e:ba:9a:2f:e9:21:78:35:47:61:d7: df:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:73:8e:c5:94:cb:ae:19:5a:c5:ea:62:47:c1:9e:05:c3:b5: c6:e0:55:41:55:b9:39:cc:5a:5e:54:13:41:91:59:71:17:84: 05:f4:43:98:14:ad:25:5a:c5:e1:99:f4:3d:b7:b2:da:7f:dc: da:3c:2d:44:e9:a9:ac:73:b3:0c:68:c5:f5:26:86:c4:a2:b4: 19:f6:76:7d:bf:9b:40:07:d8:23:76:87:8c:d2:56:62:62:39: bd:2e:f5:bb:5d:40:8c:87:71:f1:de:e6:bd:ce:fe:e5:d7:4f: 0e:9b:a1:eb:df:94:d7:7f:e8:81:56:d2:fd:8f:40:30:81:cd: 63:2d:77:0c:88:0f:67:d3:ee:8f:ac:bb:aa:35:5c:0a:97:38: 60:a2:f6:01:d0:b9:f1:90:f3:23:26:12:4c:29:89:30:a6:4e: 0b:d2:6f:72:47:89:1c:6b:0a:76:45:23:d8:26:51:47:61:26: 6f:a7:6a:12:44:6d:0c:4a:15:f9:bb:b8:71:c9:3b:94:4a:5b: 78:97:e3:f7:cc:d5:b8:b1:04:4a:3d:df:82:15:7d:6e:d2:42: 85:7e:60:7b:25:18:58:c4:de:25:1a:db:b8:ac:18:f7:f5:10: 94:3d:2b:a9:1e:f2:8e:bd:99:1f:43:00:ec:1a:89:d8:bf:8e: e7:45:87:0a -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNTA2MDYx MjE0MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY3Q0U3MjMxRkU2RjdE MzVBQzY3RTEyNTEzMEYwMTQwMzI0NUJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCVF81Xvv4UhFcw8GR5T/6GUvmUmdvuvmt8Lsatp9KPtXvqOzh9 HbfsRRkVlQrDVrp4e+qgW/wJ+YwvMzaox6KJ76smj5DkjPGQAm88QNPolnAa1NbC TpXCmhKe7J+rj2RFvFRDovpGFp88Mn4mo0fzGocLZ8jE4yPtYlKxvKZe52bs4Man JdLqdeWBnbCL1+6YBhHyNdGHfKUCieBl5bQFOP7Z6W6SsC8oslkMZiegqqUBrFjr fj0S++sPoZsCzy/icPVA+rOSJWSh66DNVxG49DXikiHb2LWGHQKi6dgxHgt62lvf DLwsw3XhiSeXyxJ8oqyOupov6SF4NUdh19+vAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU985yMf5vfTWsZ+ElEw8BQDJFu84wHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgva1BNT0hmTW4wUU9R Znh2Z2p0UHFaTC0zZU9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGxzjsWUy64ZWsXqYkfBngXDtcbgVUFVuTnMWl5UE0GRWXEXhAX0Q5gUrSVa xeGZ9D23stp/3No8LUTpqaxzswxoxfUmhsSitBn2dn2/m0AH2CN2h4zSVmJiOb0u 9btdQIyHcfHe5r3O/uXXTw6boevflNd/6IFW0v2PQDCBzWMtdwyID2fT7o+su6o1 XAqXOGCi9gHQufGQ8yMmEkwpiTCmTgvSb3JHiRxrCnZFI9gmUUdhJm+nahJEbQxK Ffm7uHHJO5RKW3iX4/fM1bixBEo934IVfW7SQoV+YHslGFjE3iUa27isGPf1EJQ9 K6ke8o69mR9DAOwaidi/judFhwo= -----END CERTIFICATE-----Generated at Fri Jun 6 17:30:00 2025 by rpki-client