$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft File: th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft (raw, json) Hash identifier: gvtoU6dLp6zQuXxrV+LyhzTe+oXXmS9BATpVyQzXYf4= Subject key identifier: 18:6E:78:B4:5B:3C:95:AF:28:F9:9F:C9:5D:6D:94:94:0A:37:55:1B Authority key identifier: B6:1E:91:38:CF:EB:7D:89:AB:8C:F5:42:76:ED:29:B3:D8:08:E0:BC Certificate issuer: /CN=B61E9138CFEB7D89AB8CF54276ED29B3D808E0BC Certificate serial: 0302 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft Manifest number: 0302 Signing time: Fri 06 Jun 2025 12:14:14 +0000 Manifest this update: Fri 06 Jun 2025 12:14:14 +0000 Manifest next update: Fri 06 Jun 2025 18:14:14 +0000 Files and hashes: 1: th6ROM_rfYmrjPVCdu0ps9gI4Lw.crl (hash: IV//3SNpM9JWX0h0bb94SYb+cutXIJjyOn7YB0NPYB0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:14:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 770 (0x302) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B61E9138CFEB7D89AB8CF54276ED29B3D808E0BC Validity Not Before: Jun 6 12:14:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=186E78B45B3C95AF28F99FC95D6D94940A37551B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:1b:c6:9f:2c:76:70:3d:16:0a:60:0c:28:9d: 0b:6e:02:15:0e:70:04:d0:29:47:03:3c:0b:c3:d4: 2e:d2:75:0e:ae:c0:63:70:93:c2:34:17:5a:cc:ce: 15:f6:7a:c8:84:9a:ac:9e:6b:a3:69:2c:43:28:77: d9:af:a0:84:40:eb:b2:39:05:b9:b8:ba:c6:a3:9d: 02:aa:02:c0:33:24:9c:05:b7:eb:04:7a:98:0e:0a: f3:2d:a9:c4:59:52:36:21:d2:c0:39:47:e2:13:81: 57:60:4f:a8:7b:6c:4e:f8:26:f8:15:f8:aa:b1:21: 91:c7:63:e8:23:65:39:20:4e:1a:ff:13:66:69:bf: f6:22:44:57:bf:17:8c:bd:e4:d1:51:45:63:7a:e3: 5c:cd:2f:bc:fa:33:3f:9b:12:3e:2c:80:d9:3d:64: 81:00:bc:71:04:f9:4c:3d:00:8f:dd:ee:5a:83:0a: 84:34:cd:b6:39:52:8e:bf:af:6a:c4:4a:86:24:17: fd:b6:cf:8a:46:d6:c9:1e:12:b4:95:2e:54:a3:10: 33:fa:36:8e:c2:4a:a8:d5:ac:0e:ef:73:3f:d1:1c: ed:44:b6:f5:80:fa:02:da:cf:06:f8:a4:cd:0f:3b: b1:27:10:ec:52:61:b6:bc:94:7a:f8:00:32:6f:fd: 37:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:6E:78:B4:5B:3C:95:AF:28:F9:9F:C9:5D:6D:94:94:0A:37:55:1B X509v3 Authority Key Identifier: keyid:B6:1E:91:38:CF:EB:7D:89:AB:8C:F5:42:76:ED:29:B3:D8:08:E0:BC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/th6ROM_rfYmrjPVCdu0ps9gI4Lw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3345/th6ROM_rfYmrjPVCdu0ps9gI4Lw.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:b6:45:79:98:48:1e:9d:f6:bd:a3:10:53:63:ac:1a:cc:ce: d5:39:21:d1:e4:11:d0:8e:9f:ac:5b:5f:d3:16:46:17:5b:26: 82:69:66:f4:b1:cd:23:76:c1:ba:9d:e4:27:86:ab:38:21:8a: cb:dc:eb:7b:70:b1:57:83:99:1d:1b:df:68:85:1f:98:76:2a: 51:36:e1:18:aa:a4:ad:03:38:7f:f7:9c:76:bb:99:83:25:81: d2:90:de:bc:37:30:f6:09:1c:a6:24:0d:e6:41:1c:17:62:2c: e0:3f:30:cf:a8:51:fb:70:84:28:cd:81:d0:63:b6:b9:11:9a: 5f:d4:0c:c0:5b:e3:57:b9:b1:3e:5d:81:dd:d5:b7:e4:a1:70: 82:03:24:66:a3:d6:54:95:54:63:5c:97:31:0d:fc:0e:a7:0f: f1:83:67:ef:34:fd:21:3c:2c:78:ba:e6:06:fd:b2:f2:da:07: c4:9c:36:d7:a9:5f:cd:c5:15:ea:a7:f5:92:f1:5e:47:13:47: d2:1d:73:c3:5e:7f:95:d8:d6:1a:33:05:1f:38:b6:f3:88:a6: fc:0a:b6:96:36:bf:91:db:1f:4b:1e:b6:b9:ac:9a:00:f0:48: ff:a0:dd:6c:61:9b:c4:30:ae:ab:00:bb:a1:42:43:cd:cb:63: 72:dc:73:94 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjYx RTkxMzhDRkVCN0Q4OUFCOENGNTQyNzZFRDI5QjNEODA4RTBCQzAeFw0yNTA2MDYx MjE0MTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE4NkU3OEI0NUIzQzk1 QUYyOEY5OUZDOTVENkQ5NDk0MEEzNzU1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1G8afLHZwPRYKYAwonQtuAhUOcATQKUcDPAvD1C7SdQ6uwGNw k8I0F1rMzhX2esiEmqyea6NpLEMod9mvoIRA67I5Bbm4usajnQKqAsAzJJwFt+sE epgOCvMtqcRZUjYh0sA5R+ITgVdgT6h7bE74JvgV+KqxIZHHY+gjZTkgThr/E2Zp v/YiRFe/F4y95NFRRWN641zNL7z6Mz+bEj4sgNk9ZIEAvHEE+Uw9AI/d7lqDCoQ0 zbY5Uo6/r2rESoYkF/22z4pG1skeErSVLlSjEDP6No7CSqjVrA7vcz/RHO1EtvWA +gLazwb4pM0PO7EnEOxSYba8lHr4ADJv/TchAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUGG54tFs8la8o+Z/JXW2UlAo3VRswHwYDVR0jBBgwFoAUth6ROM/rfYmrjPVC du0ps9gI4LwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 NS90aDZST01fcmZZbXJqUFZDZHUwcHM5Z0k0THcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3RoNlJPTV9yZlltcmpQVkNkdTBwczlnSTRMdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDUvdGg2Uk9NX3JmWW1y alBWQ2R1MHBzOWdJNEx3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGC2RXmYSB6d9r2jEFNjrBrMztU5IdHkEdCOn6xbX9MWRhdbJoJpZvSxzSN2 wbqd5CeGqzghisvc63twsVeDmR0b32iFH5h2KlE24RiqpK0DOH/3nHa7mYMlgdKQ 3rw3MPYJHKYkDeZBHBdiLOA/MM+oUftwhCjNgdBjtrkRml/UDMBb41e5sT5dgd3V t+ShcIIDJGaj1lSVVGNclzEN/A6nD/GDZ+80/SE8LHi65gb9svLaB8ScNtepX83F Feqn9ZLxXkcTR9Idc8Nef5XY1hozBR84tvOIpvwKtpY2v5HbH0setrmsmgDwSP+g 3Wxhm8QwrqsAu6FCQ83LY3Lcc5Q= -----END CERTIFICATE-----Generated at Fri Jun 6 17:21:45 2025 by rpki-client