$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft File: kOpMYj8LihBi2qgOqaj0R49Z3oU.mft (raw, json) Hash identifier: 438dM9welOf6M6FSd8rR3mKKfLY/g9GxAkcwj2MQ5lo= Subject key identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 Authority key identifier: 90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 Certificate issuer: /CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Certificate serial: 0711 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft Manifest number: 0711 Signing time: Fri 04 Apr 2025 14:10:41 +0000 Manifest this update: Fri 04 Apr 2025 14:10:40 +0000 Manifest next update: Fri 04 Apr 2025 20:10:40 +0000 Files and hashes: 1: kOpMYj8LihBi2qgOqaj0R49Z3oU.crl (hash: lzYyJFhWTh/YL5Gjm4w1mFN4JZoDBbM/ivvFTEGriPA=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1809 (0x711) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90EA4C623F0B8A1062DAA80EA9A8F4478F59DE85 Validity Not Before: Apr 4 14:10:40 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=143EEEFE1208DBB67DA953F5542B951CDF560FF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:21:e8:f9:51:72:bd:f8:a3:49:d8:ab:7e:aa: a3:cc:28:a1:fb:5b:74:e3:a0:5f:7b:99:a5:f9:26: e8:12:6d:46:15:bc:ca:55:de:ff:37:96:fa:17:70: 9d:8f:52:40:b7:7c:97:d9:d6:e1:87:3e:3a:c1:fd: 21:66:93:03:c3:4e:0c:85:c6:28:8b:0d:e4:2e:71: f4:12:85:5c:63:2f:8c:28:d7:66:ad:e0:d5:48:fb: f2:c5:5c:67:42:f7:f8:30:33:74:99:56:39:80:a0: ed:66:5b:7c:88:85:fa:59:05:b1:21:67:0a:b6:1e: cc:2a:cd:79:f5:61:48:18:95:dd:61:50:ce:e6:d5: d8:87:91:08:36:9e:f3:9a:e7:a2:be:53:06:8e:45: 04:93:bb:04:07:75:58:39:7d:0a:ce:fd:52:42:c9: e6:66:19:ad:15:cb:11:ae:35:a6:de:87:44:48:82: e0:31:06:b7:98:b9:6b:e1:22:7b:07:82:22:96:41: ae:af:51:d0:51:c3:c9:02:79:e8:0d:0a:cd:98:ef: 66:fc:fd:a2:86:c0:a3:0b:35:84:4b:6b:7d:57:93: 14:bd:94:2b:a0:4b:48:0b:58:a2:1a:6e:f3:b4:e2: c0:97:59:25:20:02:bd:ed:c6:8c:b4:fa:63:53:03: 97:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:3E:EE:FE:12:08:DB:B6:7D:A9:53:F5:54:2B:95:1C:DF:56:0F:F0 X509v3 Authority Key Identifier: keyid:90:EA:4C:62:3F:0B:8A:10:62:DA:A8:0E:A9:A8:F4:47:8F:59:DE:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kOpMYj8LihBi2qgOqaj0R49Z3oU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3275/kOpMYj8LihBi2qgOqaj0R49Z3oU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:95:34:0b:ac:c8:09:9a:4d:58:0c:a5:6c:a1:74:99:2c:df: 2b:53:a6:3d:d6:3c:6b:9d:fb:22:c4:f3:0d:f9:df:d5:2d:b5: bf:ed:6b:4c:a7:e2:83:82:b8:2e:d2:12:0c:92:5e:6a:38:cc: 33:0b:cc:da:59:d5:06:46:48:ba:9d:d5:63:9b:e0:eb:17:77: 05:ea:05:0d:dd:e7:70:0b:de:ac:7a:a9:fd:59:b5:5e:ba:75: dd:63:48:11:55:9b:c4:b8:cd:64:f8:bb:0b:0b:3b:c3:a8:fb: 46:db:bd:4a:f8:85:1a:6e:70:8f:c2:c2:d7:c4:05:b4:4d:a8: a3:0d:3c:5e:a3:55:7c:ba:b4:8c:88:a0:95:44:3a:30:1e:7d: c8:87:66:77:3a:74:6e:92:b8:19:2d:84:0c:60:32:07:7d:09: d5:c0:f9:a2:9a:c8:94:40:7d:d4:3a:ea:c9:ed:49:b0:ff:33: 01:ff:05:f5:7c:c4:39:59:26:73:fc:e5:71:53:32:2b:f4:d5: 0e:14:36:8b:0a:0c:38:d7:03:fe:d6:e7:ca:d8:5c:ed:cf:a8: 26:68:d3:dd:06:69:ee:95:cc:26:c0:2f:f4:3c:55:1f:6f:fa: 98:6a:a6:2a:79:ca:74:35:07:58:96:66:27:9a:eb:cb:c1:9e: f7:bc:bd:96 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBF QTRDNjIzRjBCOEExMDYyREFBODBFQTlBOEY0NDc4RjU5REU4NTAeFw0yNTA0MDQx NDEwNDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE0M0VFRUZFMTIwOERC QjY3REE5NTNGNTU0MkI5NTFDREY1NjBGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDIej5UXK9+KNJ2Kt+qqPMKKH7W3TjoF97maX5JugSbUYVvMpV 3v83lvoXcJ2PUkC3fJfZ1uGHPjrB/SFmkwPDTgyFxiiLDeQucfQShVxjL4wo12at 4NVI+/LFXGdC9/gwM3SZVjmAoO1mW3yIhfpZBbEhZwq2HswqzXn1YUgYld1hUM7m 1diHkQg2nvOa56K+UwaORQSTuwQHdVg5fQrO/VJCyeZmGa0VyxGuNabeh0RIguAx BreYuWvhInsHgiKWQa6vUdBRw8kCeegNCs2Y72b8/aKGwKMLNYRLa31XkxS9lCug S0gLWKIabvO04sCXWSUgAr3txoy0+mNTA5djAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUFD7u/hII27Z9qVP1VCuVHN9WD/AwHwYDVR0jBBgwFoAUkOpMYj8LihBi2qgO qaj0R49Z3oUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 NS9rT3BNWWo4TGloQmkycWdPcWFqMFI0OVozb1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tPcE1ZajhMaWhCaTJxZ09xYWowUjQ5WjNvVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzUva09wTVlqOExpaEJp MnFnT3FhajBSNDlaM29VLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHaVNAusyAmaTVgMpWyhdJks3ytTpj3WPGud+yLE8w3539Uttb/ta0yn4oOC uC7SEgySXmo4zDMLzNpZ1QZGSLqd1WOb4OsXdwXqBQ3d53AL3qx6qf1ZtV66dd1j SBFVm8S4zWT4uwsLO8Oo+0bbvUr4hRpucI/CwtfEBbRNqKMNPF6jVXy6tIyIoJVE OjAefciHZnc6dG6SuBkthAxgMgd9CdXA+aKayJRAfdQ66sntSbD/MwH/BfV8xDlZ JnP85XFTMiv01Q4UNosKDDjXA/7W58rYXO3PqCZo090Gae6VzCbAL/Q8VR9v+phq pip5ynQ1B1iWZiea68vBnve8vZY= -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:10 2025 by rpki-client