$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft File: kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft (raw, json) Hash identifier: Ke3R0HsuJ/PEtEUn9Pis0o3cbWwBX9vSyMAxdRJ3ya4= Subject key identifier: 02:BE:71:AB:DC:17:50:55:EE:56:6B:24:25:4B:64:E8:B0:74:2F:4B Authority key identifier: 90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07 Certificate issuer: /CN=9077E7B0AF580F78FE010699FA0DB8107E186F07 Certificate serial: 085C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft Manifest number: 085A Signing time: Fri 04 Apr 2025 14:06:10 +0000 Manifest this update: Fri 04 Apr 2025 14:06:10 +0000 Manifest next update: Fri 04 Apr 2025 20:06:10 +0000 Files and hashes: 1: kHfnsK9YD3j-AQaZ-g24EH4Ybwc.crl (hash: CbnKMFDCQDbkdCNJ53z96NilybTgXBb8jSUdiDZMt+c=) 2: pAdMn1MlkjJlCVSP2QmkkAwaBc8.roa (hash: 1Ko/Sx6oQmP0Opi3hp+4gnvjm2R0mnMU8LAySvjv/+Y=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2140 (0x85c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9077E7B0AF580F78FE010699FA0DB8107E186F07 Validity Not Before: Apr 4 14:06:10 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=02BE71ABDC175055EE566B24254B64E8B0742F4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:cd:bd:b4:6b:bd:11:af:30:2c:d0:71:fd:49: 1f:03:b2:6b:b5:d8:8d:53:07:dd:d3:83:d6:09:75: 9c:d1:03:b3:14:fb:e4:07:00:76:be:03:b6:13:6d: 82:32:7e:39:ab:c4:dd:18:d1:e4:a7:a1:72:07:12: 3f:1d:da:60:0c:05:cb:3e:a7:7c:2d:eb:a1:77:3a: 6e:95:7e:6a:0f:b3:d0:cf:d9:d5:72:88:87:7b:bf: cd:45:d8:3d:b7:5a:51:9a:c5:82:33:0c:ca:f8:46: 0f:5c:ba:16:92:05:2f:cc:cd:bd:d7:dc:95:5b:40: 3e:56:bf:65:af:99:b1:23:83:5c:d3:23:46:4b:c0: 1f:db:a0:fa:f9:10:a3:35:29:c7:1b:49:c0:a0:88: 66:f7:f0:f2:b4:e4:12:d7:f2:45:10:5a:be:9a:8a: bb:68:30:a3:62:6e:df:30:e5:58:0c:e4:03:22:bd: b6:bb:b5:6c:27:fa:4c:62:02:b3:03:d9:f3:2c:4b: 93:97:3b:1c:3d:3a:d5:e6:ba:81:ad:c0:84:99:c2: b0:a0:b6:b9:cf:04:5f:c9:57:91:d7:68:a4:65:fe: 3d:d2:e0:1e:5b:94:f5:63:c0:3c:ce:bb:da:8d:ae: 8e:76:32:4c:b2:dd:4e:6c:a0:9b:2d:4b:ad:3a:c1: 50:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:BE:71:AB:DC:17:50:55:EE:56:6B:24:25:4B:64:E8:B0:74:2F:4B X509v3 Authority Key Identifier: keyid:90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:92:17:ab:e1:58:72:6f:47:b4:8d:81:ea:74:79:e6:71:b9: 10:c6:35:b0:5e:33:d8:64:05:ce:23:a9:80:6e:a8:da:8b:d3: cb:cc:3c:1c:ba:82:bc:a2:46:bd:7f:47:d9:73:bd:0f:fe:eb: 9c:c9:3f:ad:b1:b7:9e:24:7b:e7:84:18:59:39:32:e6:97:87: 79:78:48:50:2e:9c:99:ef:58:b0:70:c1:7c:27:45:7d:2f:3d: 56:7a:ca:ef:ad:9b:b7:f5:ce:0c:d9:3c:46:91:e3:b3:b7:d5: 2c:3c:2d:d6:c8:c9:7d:f3:df:fe:f5:be:a1:c6:40:44:8e:d3: 83:14:0e:6d:b2:50:13:57:fb:78:04:5b:63:c7:0e:f9:9f:dc: 42:72:06:2c:f9:dd:71:09:ac:b8:7d:08:2c:3f:2f:91:c5:a7: 1d:6e:f2:07:63:46:2a:8d:d0:b4:af:33:e6:a7:04:7e:ab:21: 5c:56:f6:01:02:6d:d2:74:35:bc:89:d2:ef:77:56:17:b9:b6: 00:1d:e2:64:48:e8:96:73:75:ff:28:52:ff:60:60:ef:60:81: 74:fc:b0:cc:da:ec:18:c6:a1:be:93:db:e9:13:e5:e5:52:61: 55:af:31:bc:00:8c:39:55:ca:1f:21:2e:51:8c:f9:4c:0b:b3: 5e:b7:2c:f5 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTA3 N0U3QjBBRjU4MEY3OEZFMDEwNjk5RkEwREI4MTA3RTE4NkYwNzAeFw0yNTA0MDQx NDA2MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDAyQkU3MUFCREMxNzUw NTVFRTU2NkIyNDI1NEI2NEU4QjA3NDJGNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfzb20a70RrzAs0HH9SR8Dsmu12I1TB93Tg9YJdZzRA7MU++QH AHa+A7YTbYIyfjmrxN0Y0eSnoXIHEj8d2mAMBcs+p3wt66F3Om6VfmoPs9DP2dVy iId7v81F2D23WlGaxYIzDMr4Rg9cuhaSBS/Mzb3X3JVbQD5Wv2WvmbEjg1zTI0ZL wB/boPr5EKM1KccbScCgiGb38PK05BLX8kUQWr6airtoMKNibt8w5VgM5AMivba7 tWwn+kxiArMD2fMsS5OXOxw9OtXmuoGtwISZwrCgtrnPBF/JV5HXaKRl/j3S4B5b lPVjwDzOu9qNro52Mkyy3U5soJstS606wVBlAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUAr5xq9wXUFXuVmskJUtk6LB0L0swHwYDVR0jBBgwFoAUkHfnsK9YD3j+AQaZ +g24EH4YbwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi9rSGZuc0s5WUQzai1BUWFaLWcyNEVINFlid2MuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tIZm5zSzlZRDNqLUFRYVotZzI0RUg0WWJ3Yy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIva0hmbnNLOVlEM2ot QVFhWi1nMjRFSDRZYndjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABKSF6vhWHJvR7SNgep0eeZxuRDGNbBeM9hkBc4jqYBuqNqL08vMPBy6gryi Rr1/R9lzvQ/+65zJP62xt54ke+eEGFk5MuaXh3l4SFAunJnvWLBwwXwnRX0vPVZ6 yu+tm7f1zgzZPEaR47O31Sw8LdbIyX3z3/71vqHGQESO04MUDm2yUBNX+3gEW2PH Dvmf3EJyBiz53XEJrLh9CCw/L5HFpx1u8gdjRiqN0LSvM+anBH6rIVxW9gECbdJ0 NbyJ0u93Vhe5tgAd4mRI6JZzdf8oUv9gYO9ggXT8sMza7BjGob6T2+kT5eVSYVWv MbwAjDlVyh8hLlGM+UwLs163LPU= -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:04 2025 by rpki-client