$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft File: OLYZ9BoGgZD-7QQul78QRCJYnkE.mft (raw, json) Hash identifier: fbJ2fRhK38MBUjqhiKE3d6per4a+SwfOoxGT1DKNvKI= Subject key identifier: 79:5B:12:F4:8C:5A:66:12:2D:A2:1C:C6:79:9E:22:6B:D9:9D:7B:6F Authority key identifier: 38:B6:19:F4:1A:06:81:90:FE:ED:04:2E:97:BF:10:44:22:58:9E:41 Certificate issuer: /CN=38B619F41A068190FEED042E97BF104422589E41 Certificate serial: 0976 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft Manifest number: 0976 Signing time: Mon 08 Sep 2025 01:03:04 +0000 Manifest this update: Mon 08 Sep 2025 01:03:04 +0000 Manifest next update: Mon 08 Sep 2025 07:03:04 +0000 Files and hashes: 1: OLYZ9BoGgZD-7QQul78QRCJYnkE.crl (hash: qbjLh78gTDELmne9grcRbFPgopqZL3QJNjley4Ywcq4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 07:03:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2422 (0x976) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38B619F41A068190FEED042E97BF104422589E41 Validity Not Before: Sep 8 01:03:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=795B12F48C5A66122DA21CC6799E226BD99D7B6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:31:a1:70:f2:c2:e8:60:d9:f8:60:61:8c:fd: 09:ca:51:3a:d4:1d:00:9b:34:cc:42:ae:a0:59:dd: 40:63:ea:9f:e8:62:43:e8:68:88:5e:59:10:59:8c: a1:70:97:ef:1e:59:b7:0e:53:b6:61:f3:d2:c5:a2: 37:26:ec:43:c3:a2:c6:ce:10:50:49:f1:fd:a0:72: 1b:b7:3c:d8:12:97:fc:de:82:28:93:d7:1d:21:cb: f1:ad:44:d0:04:65:89:c1:84:17:28:76:fd:14:13: c9:aa:03:56:ad:8b:85:e8:19:5a:c4:e4:0c:3b:2c: 07:c5:20:78:0b:7d:58:fe:72:4a:37:56:80:37:63: c3:d1:9c:eb:9b:e9:49:84:bf:9a:65:fb:3c:6a:37: 93:f5:68:62:03:50:8b:f1:0d:83:6f:24:35:2e:4f: 0c:25:8b:a7:9d:4e:52:28:60:b1:d9:9d:f6:11:55: b5:97:69:15:cc:1c:4f:86:6e:06:c5:1f:43:59:95: 15:16:d3:f2:65:8b:9a:f0:ee:c9:25:84:61:43:34: e3:0b:6e:43:a0:82:0f:e2:92:5e:e5:fd:a9:28:4a: da:e0:af:4d:ff:70:5e:8c:39:53:6f:37:65:60:ad: 24:c3:04:74:55:1f:9e:34:1c:ad:3a:7f:96:6b:a3: 5f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:5B:12:F4:8C:5A:66:12:2D:A2:1C:C6:79:9E:22:6B:D9:9D:7B:6F X509v3 Authority Key Identifier: keyid:38:B6:19:F4:1A:06:81:90:FE:ED:04:2E:97:BF:10:44:22:58:9E:41 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:c2:05:ed:c3:c4:5a:60:3a:9c:d5:2f:20:7c:cb:5b:4a:d5: 5e:6e:23:d0:4b:99:e6:39:65:66:87:8a:5c:96:d1:c2:4a:d5: 12:53:8d:e0:d0:ac:5e:5c:ae:34:2c:39:4e:a4:0d:64:40:98: 26:5b:6a:c1:85:02:f4:96:d0:73:8c:89:a7:b4:5a:c3:ce:af: db:65:43:b8:ff:f5:78:51:b9:2c:24:d9:fb:db:ab:d9:2a:8b: 97:54:19:94:95:f5:c6:a9:56:7a:23:1f:4a:33:17:61:9e:cb: d6:4f:9b:ca:86:16:4d:68:43:93:a9:6f:a6:7d:ab:c7:67:05: 1e:3c:72:10:01:18:9e:d5:43:85:89:4f:74:5a:c0:d7:6d:4d: b6:b6:45:4f:fc:93:38:58:d8:34:b6:dd:c4:d0:51:7a:09:10: 79:65:95:14:45:c7:f1:24:5c:60:33:c2:14:7c:94:24:58:5e: 11:96:dd:58:eb:ce:6b:8b:f9:9b:bf:6a:28:da:0e:f0:23:14: 3c:b2:c7:fd:59:99:a6:20:48:ee:d6:c5:c8:c3:bd:62:0c:40: 4e:b7:04:b8:4f:86:e5:8b:2f:b8:f6:8f:8f:75:70:df:97:e4: f8:0b:07:d0:fb:63:44:03:cf:68:74:1f:de:9f:42:08:21:49: d8:fb:f4:af -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzhC NjE5RjQxQTA2ODE5MEZFRUQwNDJFOTdCRjEwNDQyMjU4OUU0MTAeFw0yNTA5MDgw MTAzMDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc5NUIxMkY0OEM1QTY2 MTIyREEyMUNDNjc5OUUyMjZCRDk5RDdCNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8MaFw8sLoYNn4YGGM/QnKUTrUHQCbNMxCrqBZ3UBj6p/oYkPo aIheWRBZjKFwl+8eWbcOU7Zh89LFojcm7EPDosbOEFBJ8f2gchu3PNgSl/zegiiT 1x0hy/GtRNAEZYnBhBcodv0UE8mqA1ati4XoGVrE5Aw7LAfFIHgLfVj+cko3VoA3 Y8PRnOub6UmEv5pl+zxqN5P1aGIDUIvxDYNvJDUuTwwli6edTlIoYLHZnfYRVbWX aRXMHE+GbgbFH0NZlRUW0/Jli5rw7sklhGFDNOMLbkOggg/ikl7l/akoStrgr03/ cF6MOVNvN2VgrSTDBHRVH540HK06f5Zro187AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUeVsS9IxaZhItohzGeZ4ia9mde28wHwYDVR0jBBgwFoAUOLYZ9BoGgZD+7QQu l78QRCJYnkEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 NS9PTFlaOUJvR2daRC03UVF1bDc4UVJDSllua0UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09MWVo5Qm9HZ1pELTdRUXVsNzhRUkNKWW5rRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjUvT0xZWjlCb0dnWkQt N1FRdWw3OFFSQ0pZbmtFLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGHCBe3DxFpgOpzVLyB8y1tK1V5uI9BLmeY5ZWaHilyW0cJK1RJTjeDQrF5c rjQsOU6kDWRAmCZbasGFAvSW0HOMiae0WsPOr9tlQ7j/9XhRuSwk2fvbq9kqi5dU GZSV9capVnojH0ozF2Gey9ZPm8qGFk1oQ5Opb6Z9q8dnBR48chABGJ7VQ4WJT3Ra wNdtTba2RU/8kzhY2DS23cTQUXoJEHlllRRFx/EkXGAzwhR8lCRYXhGW3VjrzmuL +Zu/aijaDvAjFDyyx/1ZmaYgSO7WxcjDvWIMQE63BLhPhuWLL7j2j491cN+X5PgL B9D7Y0QDz2h0H96fQgghSdj79K8= -----END CERTIFICATE-----Generated at Mon Sep 8 06:17:13 2025 by rpki-client