$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft File: OLYZ9BoGgZD-7QQul78QRCJYnkE.mft (raw, json) Hash identifier: cIgic+JPpmvRezeS3luQ/qI9wMHJYgEf9CcYzzhCTMc= Subject key identifier: 79:5B:12:F4:8C:5A:66:12:2D:A2:1C:C6:79:9E:22:6B:D9:9D:7B:6F Authority key identifier: 38:B6:19:F4:1A:06:81:90:FE:ED:04:2E:97:BF:10:44:22:58:9E:41 Certificate issuer: /CN=38B619F41A068190FEED042E97BF104422589E41 Certificate serial: 0670 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft Manifest number: 0670 Signing time: Fri 04 Apr 2025 14:05:29 +0000 Manifest this update: Fri 04 Apr 2025 14:05:29 +0000 Manifest next update: Fri 04 Apr 2025 20:05:29 +0000 Files and hashes: 1: OLYZ9BoGgZD-7QQul78QRCJYnkE.crl (hash: 6HpVvo6QoJcJ3AYIcCCq1GyJhEOn2D2r+Db10e4j5sU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1648 (0x670) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38B619F41A068190FEED042E97BF104422589E41 Validity Not Before: Apr 4 14:05:29 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=795B12F48C5A66122DA21CC6799E226BD99D7B6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:31:a1:70:f2:c2:e8:60:d9:f8:60:61:8c:fd: 09:ca:51:3a:d4:1d:00:9b:34:cc:42:ae:a0:59:dd: 40:63:ea:9f:e8:62:43:e8:68:88:5e:59:10:59:8c: a1:70:97:ef:1e:59:b7:0e:53:b6:61:f3:d2:c5:a2: 37:26:ec:43:c3:a2:c6:ce:10:50:49:f1:fd:a0:72: 1b:b7:3c:d8:12:97:fc:de:82:28:93:d7:1d:21:cb: f1:ad:44:d0:04:65:89:c1:84:17:28:76:fd:14:13: c9:aa:03:56:ad:8b:85:e8:19:5a:c4:e4:0c:3b:2c: 07:c5:20:78:0b:7d:58:fe:72:4a:37:56:80:37:63: c3:d1:9c:eb:9b:e9:49:84:bf:9a:65:fb:3c:6a:37: 93:f5:68:62:03:50:8b:f1:0d:83:6f:24:35:2e:4f: 0c:25:8b:a7:9d:4e:52:28:60:b1:d9:9d:f6:11:55: b5:97:69:15:cc:1c:4f:86:6e:06:c5:1f:43:59:95: 15:16:d3:f2:65:8b:9a:f0:ee:c9:25:84:61:43:34: e3:0b:6e:43:a0:82:0f:e2:92:5e:e5:fd:a9:28:4a: da:e0:af:4d:ff:70:5e:8c:39:53:6f:37:65:60:ad: 24:c3:04:74:55:1f:9e:34:1c:ad:3a:7f:96:6b:a3: 5f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:5B:12:F4:8C:5A:66:12:2D:A2:1C:C6:79:9E:22:6B:D9:9D:7B:6F X509v3 Authority Key Identifier: keyid:38:B6:19:F4:1A:06:81:90:FE:ED:04:2E:97:BF:10:44:22:58:9E:41 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:f3:4d:ab:4a:85:1b:7c:1b:bd:11:eb:90:88:62:e9:ae:93: d9:b2:ca:97:e0:ae:79:ac:d9:75:12:fb:89:16:d6:1f:a2:41: 1b:27:87:2a:eb:3e:d4:63:af:20:a8:6b:c4:e1:dc:55:db:63: 27:b1:2d:12:94:fe:6e:d8:eb:a5:fa:d0:bd:9c:9d:25:32:64: 04:1d:a4:89:c3:15:34:df:3e:bd:5c:04:c1:ba:75:57:ba:10: 60:36:2f:f4:a3:36:75:4d:40:a7:33:16:21:6d:02:5c:a4:77: 05:36:68:c4:22:73:b3:51:66:bc:fc:cf:70:06:27:eb:a5:82: d1:ed:68:6c:2f:8b:a3:7d:22:59:ac:9e:ce:84:5e:a5:b8:31: 82:16:b3:d9:df:ae:3e:8e:14:17:83:de:19:73:27:48:3c:fe: f0:b2:b6:5b:78:d3:f8:a6:13:a5:74:09:ec:09:31:ce:f5:66: 75:ac:63:fd:ee:b4:02:8d:f4:1b:6f:4f:ee:6a:83:30:ff:eb: 7a:bd:23:01:43:a5:3d:e9:7d:09:5a:ce:75:31:f1:5b:90:7e: 12:a5:29:c3:be:aa:92:9f:1a:a5:63:df:92:3a:01:85:8e:5a: 9c:9d:1e:88:d2:4a:4d:40:ab:ad:56:98:11:28:47:3a:2c:0a: 92:a5:40:c3 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzhC NjE5RjQxQTA2ODE5MEZFRUQwNDJFOTdCRjEwNDQyMjU4OUU0MTAeFw0yNTA0MDQx NDA1MjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc5NUIxMkY0OEM1QTY2 MTIyREEyMUNDNjc5OUUyMjZCRDk5RDdCNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8MaFw8sLoYNn4YGGM/QnKUTrUHQCbNMxCrqBZ3UBj6p/oYkPo aIheWRBZjKFwl+8eWbcOU7Zh89LFojcm7EPDosbOEFBJ8f2gchu3PNgSl/zegiiT 1x0hy/GtRNAEZYnBhBcodv0UE8mqA1ati4XoGVrE5Aw7LAfFIHgLfVj+cko3VoA3 Y8PRnOub6UmEv5pl+zxqN5P1aGIDUIvxDYNvJDUuTwwli6edTlIoYLHZnfYRVbWX aRXMHE+GbgbFH0NZlRUW0/Jli5rw7sklhGFDNOMLbkOggg/ikl7l/akoStrgr03/ cF6MOVNvN2VgrSTDBHRVH540HK06f5Zro187AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUeVsS9IxaZhItohzGeZ4ia9mde28wHwYDVR0jBBgwFoAUOLYZ9BoGgZD+7QQu l78QRCJYnkEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 NS9PTFlaOUJvR2daRC03UVF1bDc4UVJDSllua0UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09MWVo5Qm9HZ1pELTdRUXVsNzhRUkNKWW5rRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjUvT0xZWjlCb0dnWkQt N1FRdWw3OFFSQ0pZbmtFLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAK/zTatKhRt8G70R65CIYumuk9myypfgrnms2XUS+4kW1h+iQRsnhyrrPtRj ryCoa8Th3FXbYyexLRKU/m7Y66X60L2cnSUyZAQdpInDFTTfPr1cBMG6dVe6EGA2 L/SjNnVNQKczFiFtAlykdwU2aMQic7NRZrz8z3AGJ+ulgtHtaGwvi6N9Ilmsns6E XqW4MYIWs9nfrj6OFBeD3hlzJ0g8/vCytlt40/imE6V0CewJMc71ZnWsY/3utAKN 9BtvT+5qgzD/63q9IwFDpT3pfQlaznUx8VuQfhKlKcO+qpKfGqVj35I6AYWOWpyd HojSSk1Aq61WmBEoRzosCpKlQMM= -----END CERTIFICATE-----Generated at Fri Apr 4 18:47:14 2025 by rpki-client