$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft File: kOpMYj8LihBi2qgOqaj0R49Z3oU.mft (raw, json) Hash identifier: H8x/lXJ61Mc3Kb9HDtLIxsnuW+1kHEgTY6Dadi68Jcc= Subject key identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 Authority key identifier: 90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 Certificate issuer: /CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Certificate serial: 0A13 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft Manifest number: 0A13 Signing time: Mon 08 Sep 2025 04:07:00 +0000 Manifest this update: Mon 08 Sep 2025 04:07:00 +0000 Manifest next update: Mon 08 Sep 2025 10:07:00 +0000 Files and hashes: 1: kOpMYj8LihBi2qgOqaj0R49Z3oU.crl (hash: V5x2mg+AZcfeNMhv8hw/WtduHdv4wUsxrLA/yz/kj6A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 07:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2579 (0xa13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Validity Not Before: Sep 8 04:07:00 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=143EEEFE1208DBB67DA953F5542B951CDF560FF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:21:e8:f9:51:72:bd:f8:a3:49:d8:ab:7e:aa: a3:cc:28:a1:fb:5b:74:e3:a0:5f:7b:99:a5:f9:26: e8:12:6d:46:15:bc:ca:55:de:ff:37:96:fa:17:70: 9d:8f:52:40:b7:7c:97:d9:d6:e1:87:3e:3a:c1:fd: 21:66:93:03:c3:4e:0c:85:c6:28:8b:0d:e4:2e:71: f4:12:85:5c:63:2f:8c:28:d7:66:ad:e0:d5:48:fb: f2:c5:5c:67:42:f7:f8:30:33:74:99:56:39:80:a0: ed:66:5b:7c:88:85:fa:59:05:b1:21:67:0a:b6:1e: cc:2a:cd:79:f5:61:48:18:95:dd:61:50:ce:e6:d5: d8:87:91:08:36:9e:f3:9a:e7:a2:be:53:06:8e:45: 04:93:bb:04:07:75:58:39:7d:0a:ce:fd:52:42:c9: e6:66:19:ad:15:cb:11:ae:35:a6:de:87:44:48:82: e0:31:06:b7:98:b9:6b:e1:22:7b:07:82:22:96:41: ae:af:51:d0:51:c3:c9:02:79:e8:0d:0a:cd:98:ef: 66:fc:fd:a2:86:c0:a3:0b:35:84:4b:6b:7d:57:93: 14:bd:94:2b:a0:4b:48:0b:58:a2:1a:6e:f3:b4:e2: c0:97:59:25:20:02:bd:ed:c6:8c:b4:fa:63:53:03: 97:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 X509v3 Authority Key Identifier: keyid:90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:d0:21:35:e0:7f:68:49:12:56:7f:df:d8:ec:4b:03:ec:1c: 78:70:3c:3b:b5:16:8b:3b:bd:5d:4c:ca:2a:a5:8c:d1:35:5e: ae:2d:e1:1c:e3:b8:48:2c:22:4a:96:10:f1:55:bf:7a:43:1e: 36:49:8d:11:b7:16:fb:49:ad:97:de:21:10:90:04:ef:22:95: 8b:cb:04:24:e5:9f:68:c6:90:2c:c4:b5:67:6f:12:b8:c1:63: 4e:13:d7:f0:14:8c:36:bd:b7:44:d8:eb:5f:bd:59:ab:07:a3: ab:22:e1:1d:58:3c:e8:b3:6c:32:90:1f:b7:a8:c6:a6:51:e5: fd:86:41:be:f6:51:8a:ad:eb:26:e6:3c:84:1c:c9:74:e2:c9: 2d:31:28:48:de:70:62:db:fb:de:f2:ba:9c:0a:a5:ee:83:4a: c3:00:55:2a:70:f9:f0:22:25:65:2c:23:27:26:45:6a:a0:b3: ea:08:bb:53:df:c9:38:45:92:11:e0:05:e0:66:aa:56:f6:bb: 54:8e:47:ae:2a:e1:dc:f3:36:07:93:85:88:9f:92:c4:1d:bb: ba:58:03:12:c9:18:96:b1:7d:75:18:02:df:c3:0d:4e:b5:d2: a4:3e:7e:36:91:ce:af:00:9a:05:01:e2:98:21:6a:3f:e4:d7: 95:51:51:b0 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICChMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBF QTRDNjIzRjBCOEExMDYyREFBODBFQTlBOEY0NDc4RjU5REU4NTAeFw0yNTA5MDgw NDA3MDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE0M0VFRUZFMTIwOERC QjY3REE5NTNGNTU0MkI5NTFDREY1NjBGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDIej5UXK9+KNJ2Kt+qqPMKKH7W3TjoF97maX5JugSbUYVvMpV 3v83lvoXcJ2PUkC3fJfZ1uGHPjrB/SFmkwPDTgyFxiiLDeQucfQShVxjL4wo12at 4NVI+/LFXGdC9/gwM3SZVjmAoO1mW3yIhfpZBbEhZwq2HswqzXn1YUgYld1hUM7m 1diHkQg2nvOa56K+UwaORQSTuwQHdVg5fQrO/VJCyeZmGa0VyxGuNabeh0RIguAx BreYuWvhInsHgiKWQa6vUdBRw8kCeegNCs2Y72b8/aKGwKMLNYRLa31XkxS9lCug S0gLWKIabvO04sCXWSUgAr3txoy0+mNTA5djAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUFD7u/hII27Z9qVP1VCuVHN9WD/AwHwYDVR0jBBgwFoAUkOpMYj8LihBi2qgO qaj0R49Z3oUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 NS9rT3BNWWo4TGloQmkycWdPcWFqMFI0OVozb1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tPcE1ZajhMaWhCaTJxZ09xYWowUjQ5WjNvVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzUva09wTVlqOExpaEJp MnFnT3FhajBSNDlaM29VLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADfQITXgf2hJElZ/39jsSwPsHHhwPDu1Fos7vV1MyiqljNE1Xq4t4RzjuEgs IkqWEPFVv3pDHjZJjRG3FvtJrZfeIRCQBO8ilYvLBCTln2jGkCzEtWdvErjBY04T 1/AUjDa9t0TY61+9WasHo6si4R1YPOizbDKQH7eoxqZR5f2GQb72UYqt6ybmPIQc yXTiyS0xKEjecGLb+97yupwKpe6DSsMAVSpw+fAiJWUsIycmRWqgs+oIu1PfyThF khHgBeBmqlb2u1SOR64q4dzzNgeThYifksQdu7pYAxLJGJaxfXUYAt/DDU610qQ+ fjaRzq8AmgUB4pghaj/k15VRUbA= -----END CERTIFICATE-----Generated at Mon Sep 8 06:00:21 2025 by rpki-client