$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft File: 2GueAukE5bR2WU2yt5eONcp8HW4.mft (raw, json) Hash identifier: NRh9bjM+xAQhLzObWZPd7hUUnXQeerRspoOawiti1FU= Subject key identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF Authority key identifier: D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E Certificate issuer: /CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Certificate serial: F9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft Manifest number: F9 Signing time: Fri 21 Feb 2025 23:27:48 +0000 Manifest this update: Fri 21 Feb 2025 23:27:48 +0000 Manifest next update: Sat 22 Feb 2025 05:27:48 +0000 Files and hashes: 1: 2GueAukE5bR2WU2yt5eONcp8HW4.crl (hash: ohNR7lP2i2B6BByz6z7EnCcQdEOj2PoEi3+tIxdgB3g=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 05:27:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 249 (0xf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Validity Not Before: Feb 21 23:27:48 2025 GMT Not After : Jan 3 02:04:14 2026 GMT Subject: CN=6361ACF5C706117405735DA1DBC145841FE7E8CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6d:e1:1e:1c:50:f8:51:6d:8b:dd:6b:57:64: 02:42:4e:11:f9:95:bd:ef:6b:7c:45:0b:94:45:98: 60:af:b4:58:f3:95:57:ec:e9:f3:ef:7f:be:ec:65: 09:bb:56:07:6b:63:d2:22:37:c8:7b:26:fc:6a:56: f2:14:58:79:6d:9a:7b:0a:32:a7:bb:e9:f9:d9:3d: 99:2c:c4:b5:5e:98:3b:8b:0d:42:9e:dd:2b:6e:ed: 1a:25:c8:6b:60:d4:dc:4a:9d:31:54:c8:a4:cf:e5: ba:a0:2c:59:d8:a8:fc:9c:f4:a6:62:61:cf:a1:0e: ab:d6:04:30:a4:6d:a5:68:1e:71:d2:69:1e:59:ec: 2e:28:43:1a:4a:63:af:b8:8d:52:3e:17:4c:30:13: 08:98:a7:0e:83:e9:8f:e5:b7:07:33:d9:d1:e3:93: 43:31:e1:96:6d:00:ba:7d:94:b7:58:48:30:ec:f3: 3b:7c:b1:9a:bf:d9:c3:ea:b2:3f:54:ba:c0:7c:12: 7b:2a:64:6e:fc:6c:17:9c:21:82:4a:1a:84:47:a7: fc:35:c5:77:df:81:e9:32:09:3d:c9:19:fd:9a:a2: 88:f3:b6:19:1b:4e:36:87:59:7f:f3:6a:ab:b4:62: 99:0c:ff:7a:6b:fc:bc:b9:06:81:c7:b1:35:fa:54: eb:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF X509v3 Authority Key Identifier: keyid:D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:9b:7f:72:e7:b6:3e:f3:f9:25:0c:23:87:ef:9a:42:af:fb: 8f:43:d0:a2:ea:db:fc:16:db:f7:5f:26:4c:ea:a9:ca:6d:28: 78:71:a2:41:0a:64:89:d3:2c:29:71:4c:21:1d:c2:4d:da:5d: 43:8a:f5:7b:71:d6:b5:f7:54:62:18:40:4a:2b:ed:05:58:3b: ce:88:27:0b:c9:77:07:e7:23:ce:f3:2d:32:81:f9:28:82:f0: a3:06:bb:77:81:d3:1f:27:d3:5a:2c:5d:e5:49:ee:be:8d:55: 4b:2b:42:cd:ce:c8:79:2f:fa:08:a1:a9:44:92:af:bf:73:40: 69:f2:24:11:7b:18:e8:c7:33:b2:a9:cf:ea:78:5a:9d:75:65: 24:77:ce:69:bf:e6:74:65:79:d5:b0:ce:e0:91:42:50:36:f9: af:d6:cd:2b:85:a5:91:05:42:eb:95:44:2f:ca:56:44:9b:5f: 80:ad:4e:05:f0:df:02:4c:91:3d:a0:df:fb:bf:0e:c1:7f:20: 45:07:36:18:89:ec:7c:eb:98:ac:67:5f:55:d9:a5:c1:89:9f: 16:64:be:89:f6:f6:6d:13:50:f0:a6:b8:88:ea:c5:28:47:5e: 72:bd:5a:5a:e6:73:8c:41:ab:ca:36:ce:3a:2a:86:ec:be:06: 7e:59:0a:1d -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDg2 QjlFMDJFOTA0RTVCNDc2NTk0REIyQjc5NzhFMzVDQTdDMUQ2RTAeFw0yNTAyMjEy MzI3NDhaFw0yNjAxMDMwMjA0MTRaMDMxMTAvBgNVBAMTKDYzNjFBQ0Y1QzcwNjEx NzQwNTczNURBMURCQzE0NTg0MUZFN0U4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjbeEeHFD4UW2L3WtXZAJCThH5lb3va3xFC5RFmGCvtFjzlVfs 6fPvf77sZQm7VgdrY9IiN8h7JvxqVvIUWHltmnsKMqe76fnZPZksxLVemDuLDUKe 3Stu7RolyGtg1NxKnTFUyKTP5bqgLFnYqPyc9KZiYc+hDqvWBDCkbaVoHnHSaR5Z 7C4oQxpKY6+4jVI+F0wwEwiYpw6D6Y/ltwcz2dHjk0Mx4ZZtALp9lLdYSDDs8zt8 sZq/2cPqsj9UusB8EnsqZG78bBecIYJKGoRHp/w1xXffgekyCT3JGf2aoojzthkb TjaHWX/zaqu0YpkM/3pr/Ly5BoHHsTX6VOsvAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUY2Gs9ccGEXQFc12h28FFhB/n6M8wHwYDVR0jBBgwFoAU2GueAukE5bR2WU2y t5eONcp8HW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 Ni8yR3VlQXVrRTViUjJXVTJ5dDVlT05jcDhIVzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzJHdWVBdWtFNWJSMldVMnl0NWVPTmNwOEhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDYvMkd1ZUF1a0U1YlIy V1UyeXQ1ZU9OY3A4SFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEqbf3Lntj7z+SUMI4fvmkKv+49D0KLq2/wW2/dfJkzqqcptKHhxokEKZInT LClxTCEdwk3aXUOK9Xtx1rX3VGIYQEor7QVYO86IJwvJdwfnI87zLTKB+SiC8KMG u3eB0x8n01osXeVJ7r6NVUsrQs3OyHkv+gihqUSSr79zQGnyJBF7GOjHM7Kpz+p4 Wp11ZSR3zmm/5nRledWwzuCRQlA2+a/WzSuFpZEFQuuVRC/KVkSbX4CtTgXw3wJM kT2g3/u/DsF/IEUHNhiJ7HzrmKxnX1XZpcGJnxZkvon29m0TUPCmuIjqxShHXnK9 Wlrmc4xBq8o2zjoqhuy+Bn5ZCh0= -----END CERTIFICATE-----Generated at Sat Feb 22 04:07:18 2025 by rpki-client