$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.mft File: Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.mft (raw, json) Hash identifier: dlUj6j0F7iYB8zPWwbkR8JEdNSo2dhuwwtTbhN3kt3k= Subject key identifier: 6F:FA:CD:7C:0D:1C:23:69:3C:22:25:6D:B8:AF:B2:DE:DC:36:EB:75 Authority key identifier: 46:F8:34:3D:CD:AD:3A:AC:40:85:60:49:2C:21:B5:9D:76:2B:C4:56 Certificate issuer: /CN=46F8343DCDAD3AAC408560492C21B59D762BC456 Certificate serial: 1D65 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.mft Manifest number: 1D5A Signing time: Fri 04 Apr 2025 17:08:07 +0000 Manifest this update: Fri 04 Apr 2025 17:08:06 +0000 Manifest next update: Fri 04 Apr 2025 23:08:06 +0000 Files and hashes: 1: Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.crl (hash: 23R1VBGpnD3PpDSHK8ivXUERM40MLIjThgLi9mx4ub0=) 2: iek1MXEBlWdmapPhIY_db4hE_nw.roa (hash: T7/0qiWSi3qRHPuAOTmMfdsbThcG2N5WBZt8W2VUrcw=) 3: zfSe_iql4Q8Zvjm6B18MpmZPol4.roa (hash: bDo0RYNVzgOCrUT9k/28io0lTz3YF0dVaV4I+1scPtU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7525 (0x1d65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46F8343DCDAD3AAC408560492C21B59D762BC456 Validity Not Before: Apr 4 17:08:06 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6FFACD7C0D1C23693C22256DB8AFB2DEDC36EB75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:be:c1:71:53:38:1a:90:ab:b1:98:a8:98:08: db:a8:5e:4e:ce:f6:b4:9e:e7:e3:d4:c4:63:5a:51: 33:31:3b:9d:51:08:4f:7a:42:e1:b7:52:87:ed:b8: dd:6a:72:9b:fd:7c:4b:ff:8c:36:2f:ed:c8:11:31: d4:ec:18:05:eb:ed:03:6a:96:be:af:43:f4:b8:bf: 4e:d3:2b:1d:11:9b:66:2b:f0:2a:7a:7b:c9:a6:74: d8:10:30:5a:6a:83:92:0f:9e:3b:1d:04:bf:5e:23: 51:71:2d:36:ec:a8:bf:07:bb:21:92:5e:33:e8:e6: 7e:60:e6:33:15:74:73:10:6c:98:f4:51:4f:81:74: 8d:f7:41:97:39:5c:89:fc:a8:b9:1c:41:f2:7b:99: 13:e9:b8:44:54:e9:e8:99:58:3d:8a:4f:c2:c4:e6: 0e:c9:b4:a6:17:6f:47:18:5f:ed:ba:ce:35:d4:f2: 90:18:b2:12:eb:b9:aa:57:3b:8f:48:14:c8:1e:c8: b8:7f:0c:7f:17:bd:ec:58:4b:03:6b:52:18:04:52: a1:cd:41:cb:4b:9b:3b:fa:26:3c:45:d1:45:40:83: 23:50:b7:01:fa:d5:86:79:c7:da:a7:12:a9:59:c8: d2:09:fe:75:34:4f:41:5d:3e:31:0f:48:d6:39:75: 0e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:FA:CD:7C:0D:1C:23:69:3C:22:25:6D:B8:AF:B2:DE:DC:36:EB:75 X509v3 Authority Key Identifier: keyid:46:F8:34:3D:CD:AD:3A:AC:40:85:60:49:2C:21:B5:9D:76:2B:C4:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:0f:73:86:43:9a:af:96:56:f4:4d:86:d6:05:23:6a:90:b2: 81:64:0a:21:49:1f:4b:74:bd:94:7f:c8:fa:58:67:37:20:5d: 6a:6f:9b:e8:f0:7b:0d:fb:78:d5:a7:69:56:86:33:21:88:31: bd:38:36:54:c4:e4:56:be:74:ad:93:4d:f0:fc:e9:03:f5:3b: 59:10:69:0a:81:de:d9:87:2d:5f:7e:d4:d0:20:51:e9:40:fa: ba:22:ad:8e:b5:16:ab:c8:50:82:85:b0:be:2b:f1:6b:c1:e1: ca:0b:b0:ae:4d:94:5f:d9:34:2c:62:08:97:8b:fc:ad:bb:52: 42:bb:32:b6:81:dc:d9:f5:ab:ab:64:cc:08:c9:af:ab:68:66: 17:5f:2c:82:df:54:5b:be:45:06:a3:8f:ad:a8:1b:fc:5f:1c: f8:08:47:e2:42:e9:80:be:b3:26:3b:dd:f7:6a:48:a4:a2:43: 46:3e:2a:dc:a5:7b:1f:90:f2:74:1f:67:a1:b7:21:50:df:d3: 58:ab:fd:2e:9a:5e:2e:6a:4c:b6:82:8f:44:ce:49:d9:c3:1c: c2:4b:26:c8:a3:24:e3:bb:5a:f3:74:80:81:78:9f:56:71:d9: c1:ed:04:56:b7:7c:2d:95:87:98:ac:45:67:27:d6:f0:94:f3: 15:66:3b:5a -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICHWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDZG ODM0M0RDREFEM0FBQzQwODU2MDQ5MkMyMUI1OUQ3NjJCQzQ1NjAeFw0yNTA0MDQx NzA4MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZGRkFDRDdDMEQxQzIz NjkzQzIyMjU2REI4QUZCMkRFREMzNkVCNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPvsFxUzgakKuxmKiYCNuoXk7O9rSe5+PUxGNaUTMxO51RCE96 QuG3UoftuN1qcpv9fEv/jDYv7cgRMdTsGAXr7QNqlr6vQ/S4v07TKx0Rm2Yr8Cp6 e8mmdNgQMFpqg5IPnjsdBL9eI1FxLTbsqL8HuyGSXjPo5n5g5jMVdHMQbJj0UU+B dI33QZc5XIn8qLkcQfJ7mRPpuERU6eiZWD2KT8LE5g7JtKYXb0cYX+26zjXU8pAY shLruapXO49IFMgeyLh/DH8XvexYSwNrUhgEUqHNQctLmzv6JjxF0UVAgyNQtwH6 1YZ5x9qnEqlZyNIJ/nU0T0FdPjEPSNY5dQ41AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUb/rNfA0cI2k8IiVtuK+y3tw263UwHwYDVR0jBBgwFoAURvg0Pc2tOqxAhWBJ LCG1nXYrxFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L1J2ZzBQYzJ0T3F4QWhXQkpMQ0cxblhZcnhGWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUnZnMFBjMnRPcXhBaFdCSkxDRzFuWFlyeEZZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L1J2ZzBQYzJ0T3F4QWhX QkpMQ0cxblhZcnhGWS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCLD3OGQ5qvllb0TYbWBSNqkLKBZAohSR9LdL2Uf8j6WGc3IF1qb5vo8HsN+3jV p2lWhjMhiDG9ODZUxORWvnStk03w/OkD9TtZEGkKgd7Zhy1fftTQIFHpQPq6Iq2O tRaryFCChbC+K/FrweHKC7CuTZRf2TQsYgiXi/ytu1JCuzK2gdzZ9aurZMwIya+r aGYXXyyC31RbvkUGo4+tqBv8Xxz4CEfiQumAvrMmO933akikokNGPircpXsfkPJ0 H2ehtyFQ39NYq/0uml4uaky2go9EzknZwxzCSybIoyTju1rzdICBeJ9WcdnB7QRW t3wtlYeYrEVnJ9bwlPMVZjta -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:38 2025 by rpki-client