$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft File: kOpMYj8LihBi2qgOqaj0R49Z3oU.mft (raw, json) Hash identifier: mvAJZCXYIyBbh3oYSa6BLseSZPjo571loxTVUfoGRHw= Subject key identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 Authority key identifier: 90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 Certificate issuer: /CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Certificate serial: 047F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft Manifest number: 047F Signing time: Fri 22 Nov 2024 15:23:19 +0000 Manifest this update: Fri 22 Nov 2024 15:23:19 +0000 Manifest next update: Fri 22 Nov 2024 21:23:19 +0000 Files and hashes: 1: kOpMYj8LihBi2qgOqaj0R49Z3oU.crl (hash: FdH+bshWt/QfcMqN0Xy8S6u/mcSsacNvQzLX6kfTkY8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1151 (0x47f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Validity Not Before: Nov 22 15:23:19 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=143EEEFE1208DBB67DA953F5542B951CDF560FF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:21:e8:f9:51:72:bd:f8:a3:49:d8:ab:7e:aa: a3:cc:28:a1:fb:5b:74:e3:a0:5f:7b:99:a5:f9:26: e8:12:6d:46:15:bc:ca:55:de:ff:37:96:fa:17:70: 9d:8f:52:40:b7:7c:97:d9:d6:e1:87:3e:3a:c1:fd: 21:66:93:03:c3:4e:0c:85:c6:28:8b:0d:e4:2e:71: f4:12:85:5c:63:2f:8c:28:d7:66:ad:e0:d5:48:fb: f2:c5:5c:67:42:f7:f8:30:33:74:99:56:39:80:a0: ed:66:5b:7c:88:85:fa:59:05:b1:21:67:0a:b6:1e: cc:2a:cd:79:f5:61:48:18:95:dd:61:50:ce:e6:d5: d8:87:91:08:36:9e:f3:9a:e7:a2:be:53:06:8e:45: 04:93:bb:04:07:75:58:39:7d:0a:ce:fd:52:42:c9: e6:66:19:ad:15:cb:11:ae:35:a6:de:87:44:48:82: e0:31:06:b7:98:b9:6b:e1:22:7b:07:82:22:96:41: ae:af:51:d0:51:c3:c9:02:79:e8:0d:0a:cd:98:ef: 66:fc:fd:a2:86:c0:a3:0b:35:84:4b:6b:7d:57:93: 14:bd:94:2b:a0:4b:48:0b:58:a2:1a:6e:f3:b4:e2: c0:97:59:25:20:02:bd:ed:c6:8c:b4:fa:63:53:03: 97:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 X509v3 Authority Key Identifier: keyid:90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:25:e3:3a:ed:b9:58:b9:a1:17:5b:41:ac:6f:96:af:0f:5c: af:ea:e7:ef:2c:ec:57:cf:b9:6e:92:41:88:0a:c7:89:9b:6b: 20:23:df:8f:1a:f8:cc:c2:71:4b:b1:88:34:41:61:95:be:02: 66:0e:ca:bd:28:4f:ee:4b:1d:4f:e3:cc:d4:d7:14:c1:74:f9: 92:ad:24:df:e5:92:17:c4:7c:fc:ee:d8:8f:c3:f1:aa:d5:f4: 98:59:d9:96:60:e3:0a:1f:d0:83:91:d0:16:d6:e7:a6:4f:73: ff:c3:a0:d2:77:c2:1d:6a:03:79:b8:85:cf:f2:7a:ad:5b:42: 85:03:60:8e:a8:5e:9d:b2:25:61:b6:dc:8f:97:44:a0:4c:5d: 5f:b2:1f:b3:5d:35:c7:88:19:05:c4:1c:52:2f:c9:7b:c2:d9: d6:93:51:83:df:21:0a:15:f0:31:02:a7:27:82:98:07:59:cb: eb:f0:36:e2:7e:00:75:7a:ab:0f:18:e4:a0:44:d0:f2:c6:16: 6b:5e:9e:dd:8f:d4:7f:2c:7b:bf:a3:26:83:0b:70:b3:5c:02: 7c:13:4d:3b:26:f9:82:9a:95:11:35:f3:34:3b:be:28:6b:5f: 9e:31:69:7d:0c:87:fa:d6:da:d1:57:95:b8:3a:e9:e8:3e:cf: 2c:8b:63:c6 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBH8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBF QTRDNjIzRjBCOEExMDYyREFBODBFQTlBOEY0NDc4RjU5REU4NTAeFw0yNDExMjIx NTIzMTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE0M0VFRUZFMTIwOERC QjY3REE5NTNGNTU0MkI5NTFDREY1NjBGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDIej5UXK9+KNJ2Kt+qqPMKKH7W3TjoF97maX5JugSbUYVvMpV 3v83lvoXcJ2PUkC3fJfZ1uGHPjrB/SFmkwPDTgyFxiiLDeQucfQShVxjL4wo12at 4NVI+/LFXGdC9/gwM3SZVjmAoO1mW3yIhfpZBbEhZwq2HswqzXn1YUgYld1hUM7m 1diHkQg2nvOa56K+UwaORQSTuwQHdVg5fQrO/VJCyeZmGa0VyxGuNabeh0RIguAx BreYuWvhInsHgiKWQa6vUdBRw8kCeegNCs2Y72b8/aKGwKMLNYRLa31XkxS9lCug S0gLWKIabvO04sCXWSUgAr3txoy0+mNTA5djAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUFD7u/hII27Z9qVP1VCuVHN9WD/AwHwYDVR0jBBgwFoAUkOpMYj8LihBi2qgO qaj0R49Z3oUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 NS9rT3BNWWo4TGloQmkycWdPcWFqMFI0OVozb1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tPcE1ZajhMaWhCaTJxZ09xYWowUjQ5WjNvVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzUva09wTVlqOExpaEJp MnFnT3FhajBSNDlaM29VLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFQl4zrtuVi5oRdbQaxvlq8PXK/q5+8s7FfPuW6SQYgKx4mbayAj348a+MzC cUuxiDRBYZW+AmYOyr0oT+5LHU/jzNTXFMF0+ZKtJN/lkhfEfPzu2I/D8arV9JhZ 2ZZg4wof0IOR0BbW56ZPc//DoNJ3wh1qA3m4hc/yeq1bQoUDYI6oXp2yJWG23I+X RKBMXV+yH7NdNceIGQXEHFIvyXvC2daTUYPfIQoV8DECpyeCmAdZy+vwNuJ+AHV6 qw8Y5KBE0PLGFmtent2P1H8se7+jJoMLcLNcAnwTTTsm+YKalRE18zQ7vihrX54x aX0Mh/rW2tFXlbg66eg+zyyLY8Y= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:46 2024 by rpki-client on console-ams.rpki-client.org