$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft File: 2GueAukE5bR2WU2yt5eONcp8HW4.mft (raw, json) Hash identifier: FclYPilAcBT5rF4epLmzQmtzkXGZ+rIgaTjxn6hngFc= Subject key identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF Authority key identifier: D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E Certificate issuer: /CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Certificate serial: 04C9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft Manifest number: 04C9 Signing time: Mon 08 Sep 2025 04:06:46 +0000 Manifest this update: Mon 08 Sep 2025 04:06:45 +0000 Manifest next update: Mon 08 Sep 2025 10:06:45 +0000 Files and hashes: 1: 2GueAukE5bR2WU2yt5eONcp8HW4.crl (hash: 0UBKkfETH+d05H5X3j4j87KIEAmzBCeK4fwXpfp/jjI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 07:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1225 (0x4c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E Validity Not Before: Sep 8 04:06:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6361ACF5C706117405735DA1DBC145841FE7E8CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6d:e1:1e:1c:50:f8:51:6d:8b:dd:6b:57:64: 02:42:4e:11:f9:95:bd:ef:6b:7c:45:0b:94:45:98: 60:af:b4:58:f3:95:57:ec:e9:f3:ef:7f:be:ec:65: 09:bb:56:07:6b:63:d2:22:37:c8:7b:26:fc:6a:56: f2:14:58:79:6d:9a:7b:0a:32:a7:bb:e9:f9:d9:3d: 99:2c:c4:b5:5e:98:3b:8b:0d:42:9e:dd:2b:6e:ed: 1a:25:c8:6b:60:d4:dc:4a:9d:31:54:c8:a4:cf:e5: ba:a0:2c:59:d8:a8:fc:9c:f4:a6:62:61:cf:a1:0e: ab:d6:04:30:a4:6d:a5:68:1e:71:d2:69:1e:59:ec: 2e:28:43:1a:4a:63:af:b8:8d:52:3e:17:4c:30:13: 08:98:a7:0e:83:e9:8f:e5:b7:07:33:d9:d1:e3:93: 43:31:e1:96:6d:00:ba:7d:94:b7:58:48:30:ec:f3: 3b:7c:b1:9a:bf:d9:c3:ea:b2:3f:54:ba:c0:7c:12: 7b:2a:64:6e:fc:6c:17:9c:21:82:4a:1a:84:47:a7: fc:35:c5:77:df:81:e9:32:09:3d:c9:19:fd:9a:a2: 88:f3:b6:19:1b:4e:36:87:59:7f:f3:6a:ab:b4:62: 99:0c:ff:7a:6b:fc:bc:b9:06:81:c7:b1:35:fa:54: eb:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF X509v3 Authority Key Identifier: keyid:D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:ea:5a:d0:7a:11:1e:b3:ec:ca:ad:1b:e6:ea:65:9d:ed:34: e5:46:fb:62:a7:c2:f3:2d:45:3f:b7:21:c3:6a:6c:e2:f2:7a: 9b:19:cc:1a:4b:41:72:7b:8b:e4:6c:7a:e5:2b:82:d6:8b:d0: c2:87:82:d1:fc:24:c3:d6:25:df:94:94:da:56:75:ca:75:d9: f3:8b:f2:9d:2e:7c:35:2c:d6:07:6f:d2:cb:7c:fa:8f:ca:ee: 8e:79:bb:08:46:50:68:e3:76:7d:33:8c:36:ff:06:d9:13:a4: 08:ab:c2:7b:89:5d:e1:9f:32:06:3a:76:55:c9:5d:ef:50:4d: 12:65:20:53:b9:60:c3:a4:ea:0b:b9:72:34:b3:a4:84:47:f1: d1:68:df:1d:fd:32:ac:18:e8:1f:a5:85:d7:66:f9:27:dd:81: 32:78:5d:63:da:32:5b:9c:e0:e7:43:02:b9:19:9f:9a:ee:23: 76:d3:3d:fb:5f:35:7e:92:9c:74:af:4d:16:09:e7:4d:79:17: f7:c1:97:c5:04:78:66:71:74:da:3e:0c:e8:9a:51:d0:84:e2: b9:22:54:ab:8b:8a:e7:c8:1c:31:9c:21:c7:b8:f0:6a:8e:bb: 4f:06:12:6a:67:1e:04:f6:15:71:db:a7:0f:65:d7:91:ca:29: 3f:79:24:d9 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDg2 QjlFMDJFOTA0RTVCNDc2NTk0REIyQjc5NzhFMzVDQTdDMUQ2RTAeFw0yNTA5MDgw NDA2NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYzNjFBQ0Y1QzcwNjEx NzQwNTczNURBMURCQzE0NTg0MUZFN0U4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjbeEeHFD4UW2L3WtXZAJCThH5lb3va3xFC5RFmGCvtFjzlVfs 6fPvf77sZQm7VgdrY9IiN8h7JvxqVvIUWHltmnsKMqe76fnZPZksxLVemDuLDUKe 3Stu7RolyGtg1NxKnTFUyKTP5bqgLFnYqPyc9KZiYc+hDqvWBDCkbaVoHnHSaR5Z 7C4oQxpKY6+4jVI+F0wwEwiYpw6D6Y/ltwcz2dHjk0Mx4ZZtALp9lLdYSDDs8zt8 sZq/2cPqsj9UusB8EnsqZG78bBecIYJKGoRHp/w1xXffgekyCT3JGf2aoojzthkb TjaHWX/zaqu0YpkM/3pr/Ly5BoHHsTX6VOsvAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUY2Gs9ccGEXQFc12h28FFhB/n6M8wHwYDVR0jBBgwFoAU2GueAukE5bR2WU2y t5eONcp8HW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 Ni8yR3VlQXVrRTViUjJXVTJ5dDVlT05jcDhIVzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzJHdWVBdWtFNWJSMldVMnl0NWVPTmNwOEhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDYvMkd1ZUF1a0U1YlIy V1UyeXQ1ZU9OY3A4SFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAGTqWtB6ER6z7MqtG+bqZZ3tNOVG+2KnwvMtRT+3IcNqbOLyepsZzBpLQXJ7 i+RseuUrgtaL0MKHgtH8JMPWJd+UlNpWdcp12fOL8p0ufDUs1gdv0st8+o/K7o55 uwhGUGjjdn0zjDb/BtkTpAirwnuJXeGfMgY6dlXJXe9QTRJlIFO5YMOk6gu5cjSz pIRH8dFo3x39MqwY6B+lhddm+SfdgTJ4XWPaMluc4OdDArkZn5ruI3bTPftfNX6S nHSvTRYJ5015F/fBl8UEeGZxdNo+DOiaUdCE4rkiVKuLiufIHDGcIce48GqOu08G EmpnHgT2FXHbpw9l15HKKT95JNk= -----END CERTIFICATE-----Generated at Mon Sep 8 06:17:32 2025 by rpki-client