$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft File: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft (raw, json) Hash identifier: 6xXlkf8BAGecwZre4ZMzqVWWhQpDOaJTynrql3vhvac= Subject key identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 Authority key identifier: 0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 Certificate issuer: /CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Certificate serial: 18B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft Manifest number: 18B1 Signing time: Fri 22 Nov 2024 15:25:52 +0000 Manifest this update: Fri 22 Nov 2024 15:25:52 +0000 Manifest next update: Fri 22 Nov 2024 21:25:52 +0000 Files and hashes: 1: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl (hash: TI86mv08vC9iywTymn6TOfEcQJ/5q8ozxayjRVf2Mh8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6321 (0x18b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Validity Not Before: Nov 22 15:25:52 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5C648233F6748FCBACF142D46BE96E4F03962A68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fe:be:28:bc:e8:92:51:ab:b2:1b:df:f9:86: 30:13:3c:b6:06:e1:aa:a8:65:99:2d:88:d4:d5:a3: 2c:7b:4d:1d:c6:03:6e:7b:0a:f9:be:24:d6:f4:e1: 6e:b9:73:f2:b9:37:30:dd:bc:a8:a5:ab:65:f0:72: ce:42:40:b2:e4:57:09:70:ba:f6:02:ea:c4:5b:d3: 78:b0:f9:45:c2:43:eb:e5:6f:6f:ac:b9:71:a8:5f: 86:fb:bc:5a:40:fc:e7:34:21:96:7f:e9:53:a3:49: 69:21:42:4d:0e:f2:ec:b0:48:6c:4f:93:67:97:fc: 45:86:cd:e4:3b:13:a9:a7:46:9a:32:8c:44:3f:84: 21:18:21:86:30:e6:71:31:cc:47:0d:d7:8b:7c:a8: 9e:7d:70:74:56:4b:6c:92:9d:51:24:b9:7f:61:7f: 28:b6:69:8b:fe:29:be:33:2f:2a:87:b1:e5:76:a7: 8f:a3:72:7f:6d:e1:bf:8d:71:1b:dd:91:73:92:16: 3b:17:a6:7c:eb:47:39:aa:2b:65:0f:d0:94:82:33: 90:37:f4:32:d0:8c:72:86:17:12:4b:74:82:9b:32: 07:93:12:3b:c7:c5:84:c2:2f:71:47:aa:af:cc:4d: 17:7d:17:2f:12:e8:cb:84:ed:de:fd:d4:e1:03:45: 7b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 X509v3 Authority Key Identifier: keyid:0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:d1:d6:c6:e6:c0:20:3d:6e:ca:bc:7e:f1:e5:84:32:17:99: ce:e1:96:0b:86:90:a8:e0:ff:42:9b:85:b7:2f:d4:93:b8:02: 65:80:17:5b:c4:87:37:c6:d7:a4:92:1a:30:ad:2b:14:dd:7c: c9:c4:8d:af:80:4c:e4:a3:76:ea:a3:b9:3d:19:46:c2:2e:df: 9f:b8:f6:5d:f8:4c:00:fe:82:85:2d:4b:85:ea:75:44:c8:a3: 33:70:b5:ad:3f:85:32:ac:b0:0f:e9:43:36:17:8e:17:2b:8a: 45:22:0c:a1:8b:ee:d3:09:e1:09:9d:e0:cf:d6:f4:46:7d:7e: f3:f0:9d:9c:11:13:16:e1:7c:93:de:09:25:a8:be:1b:22:25: c1:04:88:54:22:9c:73:07:02:6f:3c:a7:ce:f0:d4:2f:8a:af: d5:b6:a6:78:cf:40:a3:fa:78:1b:29:48:5b:5d:46:20:fd:c3: 21:59:91:23:56:a3:18:c5:9e:b7:e3:55:ad:01:9c:59:30:30: 3e:61:cc:b8:a0:58:87:4e:90:eb:cf:a7:23:15:af:00:7f:7b: 0a:69:31:1e:28:6e:40:84:1a:a6:e7:df:49:54:37:22:71:48: 00:b1:77:d3:cb:1b:93:47:bd:94:fa:52:13:62:8d:10:bb:e9: 39:91:74:56 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ0 QTNCNjIxNDA3OENBNDhFNjZGM0I4QzU0RjFDNUZEQkM5REU3NDAeFw0yNDExMjIx NTI1NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVDNjQ4MjMzRjY3NDhG Q0JBQ0YxNDJENDZCRTk2RTRGMDM5NjJBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe/r4ovOiSUauyG9/5hjATPLYG4aqoZZktiNTVoyx7TR3GA257 Cvm+JNb04W65c/K5NzDdvKilq2Xwcs5CQLLkVwlwuvYC6sRb03iw+UXCQ+vlb2+s uXGoX4b7vFpA/Oc0IZZ/6VOjSWkhQk0O8uywSGxPk2eX/EWGzeQ7E6mnRpoyjEQ/ hCEYIYYw5nExzEcN14t8qJ59cHRWS2ySnVEkuX9hfyi2aYv+Kb4zLyqHseV2p4+j cn9t4b+NcRvdkXOSFjsXpnzrRzmqK2UP0JSCM5A39DLQjHKGFxJLdIKbMgeTEjvH xYTCL3FHqq/MTRd9Fy8S6MuE7d791OEDRXvdAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUXGSCM/Z0j8us8ULUa+luTwOWKmgwHwYDVR0jBBgwFoAUDUo7YhQHjKSOZvO4 xU8cX9vJ3nQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1 L0RVbzdZaFFIaktTT1p2TzR4VThjWDl2SjNuUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRFVvN1loUUhqS1NPWnZPNHhVOGNYOXZKM25RLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0RVbzdZaFFIaktTT1p2 TzR4VThjWDl2SjNuUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAk0dbG5sAgPW7KvH7x5YQyF5nO4ZYLhpCo4P9Cm4W3L9STuAJlgBdbxIc3xtek khowrSsU3XzJxI2vgEzko3bqo7k9GUbCLt+fuPZd+EwA/oKFLUuF6nVEyKMzcLWt P4UyrLAP6UM2F44XK4pFIgyhi+7TCeEJneDP1vRGfX7z8J2cERMW4XyT3gklqL4b IiXBBIhUIpxzBwJvPKfO8NQviq/VtqZ4z0Cj+ngbKUhbXUYg/cMhWZEjVqMYxZ63 41WtAZxZMDA+Ycy4oFiHTpDrz6cjFa8Af3sKaTEeKG5AhBqm599JVDcicUgAsXfT yxuTR72U+lITYo0Qu+k5kXRW -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:48 2024 by rpki-client on console-ams.rpki-client.org