$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft File: OstT3inBC2LxfO9hjR44QUU6wOg.mft (raw, json) Hash identifier: JYFzW/wCQ+5l68F8uvmCHadZcGutHLy0c1ScIdwFK9g= Subject key identifier: 53:9F:71:D4:C3:E8:20:FA:15:5B:BC:F7:9E:4B:1A:D9:CD:F7:B5:7D Authority key identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 Certificate issuer: /CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8 Certificate serial: 0AB7 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft Manifest number: 0AB7 Signing time: Sun 07 Sep 2025 15:04:02 +0000 Manifest this update: Sun 07 Sep 2025 15:04:02 +0000 Manifest next update: Sun 07 Sep 2025 21:04:02 +0000 Files and hashes: 1: OstT3inBC2LxfO9hjR44QUU6wOg.crl (hash: aRz+peNm49Hq1xiIMQwlnTwZocCK0TDnS3R/O1AsqmE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 21:04:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2743 (0xab7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8 Validity Not Before: Sep 7 15:04:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=539F71D4C3E820FA155BBCF79E4B1AD9CDF7B57D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:07:66:9e:d2:03:96:b0:e1:9a:f2:2f:ab:f3: 99:3b:83:7a:68:7b:7b:18:38:84:7d:82:50:32:22: 71:c8:6b:e3:4c:2f:2a:ba:cf:cf:86:24:84:a0:7d: dc:fb:dc:33:2a:f4:d7:d5:7e:39:ea:8b:b7:75:64: ff:d6:98:c4:c5:a2:1f:7d:f7:d1:21:b4:c2:8a:d5: 55:80:8d:b5:f3:08:4f:10:ef:41:e5:26:0d:00:68: 89:e0:28:2e:52:43:a3:c8:e4:6b:80:f8:94:8a:92: 57:c3:d9:18:8f:9b:75:d0:b9:52:67:fa:fe:66:7a: 47:1d:bf:cc:11:a5:b5:0b:ab:f5:e8:f5:2a:e9:10: 17:e0:37:09:1c:10:18:d6:ed:62:86:c3:98:46:d1: 13:11:03:f1:3e:c1:2b:74:e9:c1:8f:42:a7:25:23: ea:42:1f:8c:ab:59:9d:b0:7b:f1:d2:1d:fb:5e:2b: 85:87:c1:49:1a:33:37:c3:4c:26:ee:1d:9a:57:50: d1:12:04:c8:7a:57:c3:17:60:72:bc:2c:ac:80:5b: 52:1c:1d:3e:c2:5e:19:75:0f:a5:b2:b4:51:93:e9: a2:0a:f8:ee:e6:0b:ae:b9:4a:83:4b:52:09:6e:9c: 41:b0:43:94:3d:7e:9d:74:ef:e2:43:d5:e2:b0:9c: 6f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:9F:71:D4:C3:E8:20:FA:15:5B:BC:F7:9E:4B:1A:D9:CD:F7:B5:7D X509v3 Authority Key Identifier: keyid:3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:7e:9a:71:56:b2:98:cf:c8:4b:2d:c0:11:3b:a4:b2:05:27: 59:b7:94:6c:2c:26:99:e8:70:2c:c9:f6:89:82:e3:30:d1:97: 1e:55:ad:fa:1a:c0:7b:a4:f4:32:b8:72:24:bc:19:a5:f9:77: 52:02:e7:59:cf:cc:18:27:2d:03:55:7a:2d:7c:dc:54:db:4f: b3:f8:33:1e:bf:3a:56:83:d0:c8:13:e4:34:4e:1e:49:3d:1f: 99:8e:93:cc:28:15:8c:d1:82:a8:5e:12:bb:4b:a1:f8:e6:a8: 4b:7c:2a:3d:0b:09:01:9e:68:33:d5:21:f8:be:8f:c0:28:26: a0:23:44:92:6f:32:87:c9:8f:1a:15:50:f7:4b:85:39:8d:6e: a2:7d:07:d8:0c:67:dc:b0:e1:77:48:a5:22:a3:7b:24:42:22: dd:0e:da:28:21:4e:c3:e6:f7:f0:c3:85:41:0d:55:5d:42:f1: 29:a5:e4:4b:16:37:8c:f7:c9:72:4f:21:f1:be:f2:7e:38:e1: d3:99:91:89:fa:9d:46:a4:09:ba:a4:95:c3:30:e0:74:09:fc: c2:b9:5d:bb:d4:2c:a2:29:36:a9:80:6c:7b:80:e1:aa:ce:19: 8e:4c:ca:68:d0:ef:18:14:f3:a1:47:b8:2d:b5:4c:9e:5d:b1: 8b:f1:b5:02 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD QjUzREUyOUMxMEI2MkYxN0NFRjYxOEQxRTM4NDE0NTNBQzBFODAeFw0yNTA5MDcx NTA0MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUzOUY3MUQ0QzNFODIw RkExNTVCQkNGNzlFNEIxQUQ5Q0RGN0I1N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEB2ae0gOWsOGa8i+r85k7g3poe3sYOIR9glAyInHIa+NMLyq6 z8+GJISgfdz73DMq9NfVfjnqi7d1ZP/WmMTFoh9999EhtMKK1VWAjbXzCE8Q70Hl Jg0AaIngKC5SQ6PI5GuA+JSKklfD2RiPm3XQuVJn+v5mekcdv8wRpbULq/Xo9Srp EBfgNwkcEBjW7WKGw5hG0RMRA/E+wSt06cGPQqclI+pCH4yrWZ2we/HSHfteK4WH wUkaMzfDTCbuHZpXUNESBMh6V8MXYHK8LKyAW1IcHT7CXhl1D6WytFGT6aIK+O7m C665SoNLUglunEGwQ5Q9fp107+JD1eKwnG/zAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUU59x1MPoIPoVW7z3nksa2c33tX0wHwYDVR0jBBgwFoAUOstT3inBC2LxfO9h jR44QUU6wOgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Ny9Pc3RUM2luQkMyTHhmTzloalI0NFFVVTZ3T2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zdFQzaW5CQzJMeGZPOWhqUjQ0UVVVNndPZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjcvT3N0VDNpbkJDMkx4 Zk85aGpSNDRRVVU2d09nLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADF+mnFWspjPyEstwBE7pLIFJ1m3lGwsJpnocCzJ9omC4zDRlx5VrfoawHuk 9DK4ciS8GaX5d1IC51nPzBgnLQNVei183FTbT7P4Mx6/OlaD0MgT5DROHkk9H5mO k8woFYzRgqheErtLofjmqEt8Kj0LCQGeaDPVIfi+j8AoJqAjRJJvMofJjxoVUPdL hTmNbqJ9B9gMZ9yw4XdIpSKjeyRCIt0O2ighTsPm9/DDhUENVV1C8Sml5EsWN4z3 yXJPIfG+8n444dOZkYn6nUakCbqklcMw4HQJ/MK5XbvULKIpNqmAbHuA4arOGY5M ymjQ7xgU86FHuC21TJ5dsYvxtQI= -----END CERTIFICATE-----Generated at Sun Sep 7 20:09:42 2025 by rpki-client