Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3353/MhLECXbovqr84IRHL8u8MS-Szow.mft
File: MhLECXbovqr84IRHL8u8MS-Szow.mft (raw, json)
Hash identifier: +f8ljXDhmMdmLfwzrRO/JM2Kucm7ZohPATNx2lT2ft8=
Subject key identifier: 8F:4E:72:36:9C:B7:C3:91:35:92:C8:ED:1B:D1:83:39:AB:1E:9A:A1
Authority key identifier: 32:12:C4:09:76:E8:BE:AA:FC:E0:84:47:2F:CB:BC:31:2F:92:CE:8C
Certificate issuer: /CN=3212C40976E8BEAAFCE084472FCBBC312F92CE8C
Certificate serial: 010A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MhLECXbovqr84IRHL8u8MS-Szow.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3353/MhLECXbovqr84IRHL8u8MS-Szow.mft
Manifest number: 010A
Signing time: Mon 14 Apr 2025 17:36:11 +0000
Manifest this update: Mon 14 Apr 2025 17:36:11 +0000
Manifest next update: Mon 14 Apr 2025 23:36:11 +0000
Files and hashes: 1: MhLECXbovqr84IRHL8u8MS-Szow.crl (hash: PJfLbRmvYnAJ+riSoa5YZXPdhrGahX4hD8Cub2SjfwI=)
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3353/MhLECXbovqr84IRHL8u8MS-Szow.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3353/MhLECXbovqr84IRHL8u8MS-Szow.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MhLECXbovqr84IRHL8u8MS-Szow.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 23:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266 (0x10a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3212C40976E8BEAAFCE084472FCBBC312F92CE8C
Validity
Not Before: Apr 14 17:36:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8F4E72369CB7C3913592C8ED1BD18339AB1E9AA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:17:73:c0:0a:10:46:57:fc:81:4a:e0:16:96:
31:df:e3:b6:c6:55:c2:5b:37:e9:32:93:3c:d6:08:
4b:ad:c3:79:e9:c9:ca:d1:66:48:f0:81:07:20:30:
9a:21:e2:86:e4:b3:6c:94:7a:f7:66:52:19:6e:54:
a5:56:6c:4a:33:eb:bf:c7:b1:b3:1a:4e:45:3f:09:
67:cf:88:10:38:9e:1b:dd:33:b6:40:d3:d5:57:e0:
ab:a1:56:98:80:67:1a:8d:79:2a:f2:37:a0:58:ce:
cf:6c:df:56:ac:ce:8f:66:3f:83:43:14:57:f5:3c:
49:58:7b:e1:5e:e0:96:92:3e:28:28:b1:d8:27:7a:
6c:98:45:ba:fd:d3:2d:8a:4b:25:74:83:ea:ad:7d:
c9:7c:54:8a:0c:ac:9d:85:8f:26:a6:95:06:4d:0a:
b7:91:7d:8e:e8:40:48:ab:f1:f4:67:25:9f:33:5f:
d0:88:92:1d:d2:f7:52:f6:3b:a9:bb:d4:9d:8e:15:
ef:33:78:3f:91:12:1a:19:32:ca:01:da:b1:e3:15:
ec:94:f1:ce:a4:93:4b:3a:02:05:ef:34:e5:a3:9b:
82:22:32:60:50:c0:b5:46:87:fe:ee:2a:b9:14:fb:
7d:89:98:11:31:c8:4d:08:e5:32:d2:37:93:72:d2:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4E:72:36:9C:B7:C3:91:35:92:C8:ED:1B:D1:83:39:AB:1E:9A:A1
X509v3 Authority Key Identifier:
keyid:32:12:C4:09:76:E8:BE:AA:FC:E0:84:47:2F:CB:BC:31:2F:92:CE:8C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3353/MhLECXbovqr84IRHL8u8MS-Szow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MhLECXbovqr84IRHL8u8MS-Szow.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3353/MhLECXbovqr84IRHL8u8MS-Szow.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4d:79:88:a5:0e:3a:37:9e:1f:af:dc:20:35:39:bf:06:23:3f:
21:59:ed:6e:ce:85:47:6a:ad:f6:0b:b5:0c:8f:85:ce:4a:03:
05:1c:a5:ce:6b:8d:8a:62:e0:d4:79:31:db:4d:b5:7d:5f:96:
70:00:6f:10:d7:3a:fe:f9:a2:df:e3:c6:a6:02:4a:e8:ed:e5:
8e:56:c8:81:56:04:84:08:7f:3d:4d:02:f7:9b:c7:62:da:0f:
08:9a:26:dc:31:e7:38:f9:f2:e7:94:d2:45:5f:29:7a:aa:a2:
dd:f1:7b:ea:29:83:7e:fb:64:6c:19:0d:81:75:8a:6d:9d:cf:
f0:24:97:9b:5b:94:4f:b1:15:4e:42:9f:3a:08:ce:5f:c2:5c:
d1:4f:42:bc:e8:b1:35:c1:9a:5f:76:82:20:b7:cc:09:33:12:
a9:3b:cf:19:36:e6:92:eb:99:a8:17:43:f5:03:e4:31:0e:89:
17:f1:82:dc:8d:8e:86:e1:53:af:36:76:6c:51:09:04:d4:76:
a8:9d:1c:ee:26:1d:65:65:5f:a1:0c:88:e7:8f:eb:04:a9:92:
5b:b1:fc:c7:01:1d:54:da:4c:c9:41:9c:64:b3:05:05:0c:aa:
68:80:ff:32:00:ad:63:bb:83:89:81:43:6e:92:42:05:9c:c4:
80:c9:f5:a9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICAQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzIx
MkM0MDk3NkU4QkVBQUZDRTA4NDQ3MkZDQkJDMzEyRjkyQ0U4QzAeFw0yNTA0MTQx
NzM2MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhGNEU3MjM2OUNCN0Mz
OTEzNTkyQzhFRDFCRDE4MzM5QUIxRTlBQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrF3PAChBGV/yBSuAWljHf47bGVcJbN+kykzzWCEutw3npycrR
ZkjwgQcgMJoh4obks2yUevdmUhluVKVWbEoz67/HsbMaTkU/CWfPiBA4nhvdM7ZA
09VX4KuhVpiAZxqNeSryN6BYzs9s31aszo9mP4NDFFf1PElYe+Fe4JaSPigosdgn
emyYRbr90y2KSyV0g+qtfcl8VIoMrJ2FjyamlQZNCreRfY7oQEir8fRnJZ8zX9CI
kh3S91L2O6m71J2OFe8zeD+REhoZMsoB2rHjFeyU8c6kk0s6AgXvNOWjm4IiMmBQ
wLVGh/7uKrkU+32JmBExyE0I5TLSN5Ny0rXvAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUj05yNpy3w5E1ksjtG9GDOasemqEwHwYDVR0jBBgwFoAUMhLECXbovqr84IRH
L8u8MS+SzowwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1
My9NaExFQ1hib3Zxcjg0SVJITDh1OE1TLVN6b3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL01oTEVDWGJvdnFyODRJUkhMOHU4TVMtU3pvdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTMvTWhMRUNYYm92cXI4
NElSSEw4dThNUy1Tem93Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAE15iKUOOjeeH6/cIDU5vwYjPyFZ7W7OhUdqrfYLtQyPhc5KAwUcpc5rjYpi
4NR5MdtNtX1flnAAbxDXOv75ot/jxqYCSujt5Y5WyIFWBIQIfz1NAvebx2LaDwia
Jtwx5zj58ueU0kVfKXqqot3xe+opg377ZGwZDYF1im2dz/Akl5tblE+xFU5CnzoI
zl/CXNFPQrzosTXBml92giC3zAkzEqk7zxk25pLrmagXQ/UD5DEOiRfxgtyNjobh
U682dmxRCQTUdqidHO4mHWVlX6EMiOeP6wSpklux/McBHVTaTMlBnGSzBQUMqmiA
/zIArWO7g4mBQ26SQgWcxIDJ9ak=
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:35:28 2025 by rpki-client