$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft File: s7pq7zuPouXZteQ0OOACDUJqHso.mft (raw, json) Hash identifier: dTTETO1rF1PTFFChfn7TiIUQjjnkc7Z2dxJ9akOICpc= Subject key identifier: C7:40:47:DB:46:31:A4:74:E1:19:9E:E6:1A:2B:3A:FC:7A:1A:B9:54 Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 13A1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft Manifest number: 1396 Signing time: Fri 22 Nov 2024 15:22:57 +0000 Manifest this update: Fri 22 Nov 2024 15:22:57 +0000 Manifest next update: Fri 22 Nov 2024 21:22:57 +0000 Files and hashes: 1: 1gT41DGJmmD9as8xESyxXtkidlU.roa (hash: vCEOGTEWEczBNbcj2tYnyF6hlDHUrfCU8W57l6790Eo=) 2: CEWlQB182Cj1CYIKJnoKpWOw0i8.roa (hash: dgjrXmilf3psodlcmPxIsSyaM6VRXPow4qNaPRDNto8=) 3: YQ8z-1HgtWEFoyRJpJ46GD_J4lM.roa (hash: jRgUAjoE4Y4j5J2Ph4tHI0aHDcIk2EeYRLpJ7hnID9k=) 4: gve-peAKsnEc4a0C8YGI15DHmA8.roa (hash: pxTHzT6NxEYAVf4prCPacHdJeOj7a7zoc6dd2nLcdc0=) 5: nvj_INJ54hJgH4E-An-J0VnBIMg.roa (hash: ULVidiUskbXmIiAiQBX87usjTV4nQs4/nVsaKM8ga3o=) 6: s7pq7zuPouXZteQ0OOACDUJqHso.crl (hash: tzwstw51tXbIb2M+lMJr+JpPNkcpS7og+m36wH4K94s=) 7: v8oGHaQC-2SPL61Ew29_UWSFTOg.roa (hash: kcT+IcPq5hj6tVvBJsnmqWUnCHnXXENV0X4uz5E63Qo=) 8: vfzO_1V4XddfY1ZPCse26_iJhbs.roa (hash: zOymB3ObrhpG9U3MdmX7lJn/wFpmAlkb7Cum/aojrsQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5025 (0x13a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Nov 22 15:22:57 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C74047DB4631A474E1199EE61A2B3AFC7A1AB954 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4e:b3:10:31:ca:b7:57:21:7d:b3:22:cc:ab: 67:13:04:00:35:46:88:7b:b5:52:d0:0d:61:b1:09: f9:24:ce:3c:72:16:fe:d8:3d:4f:94:c7:94:47:c1: 58:bc:0a:cb:f8:68:bb:fd:2a:78:61:3e:da:11:1c: fa:5c:bb:21:ab:6d:d3:1c:57:a0:2f:ba:aa:a8:bf: 19:1b:6c:cc:2d:6e:b2:af:17:92:11:a1:00:86:99: 12:8d:77:06:24:cd:a8:0d:ea:82:71:66:5b:7b:e2: c7:34:44:1e:aa:59:6b:97:30:c5:f8:06:d3:a1:34: 90:4b:f4:f8:0e:a5:c2:e7:78:88:45:fd:aa:d2:d9: 46:93:1d:52:a2:15:b5:c8:f6:a8:75:e4:ee:23:18: 59:82:17:87:60:3f:63:1d:89:20:9a:7e:74:b8:a0: 04:13:9a:0c:b0:b4:a8:d8:d8:a0:4e:25:b2:9c:fb: 37:c4:23:43:07:a9:3e:24:7d:14:c5:af:07:33:84: d1:dd:af:e2:72:fb:41:a0:a8:6a:b0:9a:80:b1:48: 1d:f4:71:6c:94:fb:7d:36:c4:c0:5e:1b:ee:bd:fc: 7a:03:dc:e4:5d:96:82:5c:2d:13:80:9d:ff:f3:85: 8b:04:d7:f0:0d:31:6b:e2:86:15:46:0b:dc:e4:ea: ae:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:40:47:DB:46:31:A4:74:E1:19:9E:E6:1A:2B:3A:FC:7A:1A:B9:54 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:48:86:83:ef:37:6d:8c:0a:b7:b2:d8:57:e7:71:35:22:cf: ef:e9:04:9c:34:d6:76:ca:fd:80:d7:12:2e:ee:45:b6:0b:20: 97:9d:30:e6:76:39:c6:78:5c:e9:94:8a:ab:41:00:46:40:71: da:67:76:6c:1a:e7:42:f5:ad:0a:8d:18:ad:8b:e9:a8:40:31: bc:07:65:f3:09:ae:a3:6c:1e:55:3f:5c:97:c7:d0:dd:c6:8d: 27:ae:f5:a2:a8:9a:07:37:e5:fc:b7:c1:e2:4e:a7:3f:e1:b7: 45:40:41:60:cc:ec:d0:19:5a:d8:16:8d:a7:40:86:1f:3e:83: 73:87:2f:4f:a7:54:ee:c4:a6:3e:7b:2e:13:a5:2f:64:78:4a: 87:75:a0:e2:f3:98:47:7f:a7:eb:e4:94:14:29:58:55:f3:0d: 45:13:09:5a:1e:02:56:71:2e:53:51:a4:14:1a:20:6d:37:71: 7e:bf:9c:d2:88:fb:c4:5e:4a:d9:8c:05:42:fa:46:a3:fc:73: 0a:cb:96:45:43:9f:2a:a9:30:6f:c2:78:2d:10:ac:9a:0b:48: 5c:86:01:66:d2:9c:68:a4:2f:37:b9:09:f3:22:d8:f2:e5:4a: c2:e2:08:85:06:6f:e2:11:d4:f3:02:62:c5:87:55:c3:61:d4: 23:e8:3e:eb -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICE6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDExMjIx NTIyNTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM3NDA0N0RCNDYzMUE0 NzRFMTE5OUVFNjFBMkIzQUZDN0ExQUI5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDATrMQMcq3VyF9syLMq2cTBAA1Roh7tVLQDWGxCfkkzjxyFv7Y PU+Ux5RHwVi8Csv4aLv9KnhhPtoRHPpcuyGrbdMcV6AvuqqovxkbbMwtbrKvF5IR oQCGmRKNdwYkzagN6oJxZlt74sc0RB6qWWuXMMX4BtOhNJBL9PgOpcLneIhF/arS 2UaTHVKiFbXI9qh15O4jGFmCF4dgP2MdiSCafnS4oAQTmgywtKjY2KBOJbKc+zfE I0MHqT4kfRTFrwczhNHdr+Jy+0GgqGqwmoCxSB30cWyU+302xMBeG+69/HoD3ORd loJcLROAnf/zhYsE1/ANMWvihhVGC9zk6q5fAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUx0BH20YxpHThGZ7mGis6/HoauVQwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3M3cHE3enVQb3VYWnRl UTBPT0FDRFVKcUhzby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQABSIaD7zdtjAq3sthX53E1Is/v6QScNNZ2yv2A1xIu7kW2CyCXnTDmdjnGeFzp lIqrQQBGQHHaZ3ZsGudC9a0KjRiti+moQDG8B2XzCa6jbB5VP1yXx9Ddxo0nrvWi qJoHN+X8t8HiTqc/4bdFQEFgzOzQGVrYFo2nQIYfPoNzhy9Pp1TuxKY+ey4TpS9k eEqHdaDi85hHf6fr5JQUKVhV8w1FEwlaHgJWcS5TUaQUGiBtN3F+v5zSiPvEXkrZ jAVC+kaj/HMKy5ZFQ58qqTBvwngtEKyaC0hchgFm0pxopC83uQnzItjy5UrC4giF Bm/iEdTzAmLFh1XDYdQj6D7r -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org