$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft File: 5W2kwnXzzMktCGICoe2neD8MPQ0.mft (raw, json) Hash identifier: ZHB7cwiNkEaDtI1z6S12MppImkWAC/uh4G1p1Lpahz8= Subject key identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A Authority key identifier: E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D Certificate issuer: /CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Certificate serial: 1E26 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft Manifest number: 1E1C Signing time: Fri 22 Nov 2024 10:25:50 +0000 Manifest this update: Fri 22 Nov 2024 10:25:50 +0000 Manifest next update: Fri 22 Nov 2024 16:25:50 +0000 Files and hashes: 1: 1D59rPB2sVkzIVnsOIYWiCZYYD8.roa (hash: +2vtvk4t+lS1Lpp6or5p7mVpj2/aZ1jENHWh7Vc8zwI=) 2: 5W2kwnXzzMktCGICoe2neD8MPQ0.crl (hash: 6uM2KVcnDACFDl4vtIxLplZgHXNBRa/dzS53lOdHhQM=) 3: N0y7O7iTG774vGCJOkCrG07dnWQ.roa (hash: 7MMVR7ufVoDl78ie+i3EZijT5/akkNinA5jWDlnKHVk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 16:25:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7718 (0x1e26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Validity Not Before: Nov 22 10:25:50 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0CCBB5AC4A4BDEAC4C767960951843F5247A1D7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ea:bf:55:b5:b2:2a:34:a3:a3:ce:e5:87:48: 68:50:c4:78:dd:a6:a2:af:92:c0:5f:7b:cf:2f:c8: cc:60:4b:df:f7:3d:d8:34:9d:a0:ff:6b:f5:ea:e0: e9:b9:61:d3:29:63:95:9c:fe:ae:d5:1c:af:5e:92: 5a:90:62:f7:01:56:0d:1a:76:da:ce:c0:30:a8:fa: d3:4a:ca:2d:3a:3e:3b:97:80:03:58:33:2c:67:5b: 37:ac:97:0a:2e:fa:7a:07:d1:78:ef:5e:a0:e3:5b: 4d:cf:f6:6b:14:06:6f:56:00:5e:31:59:73:09:0b: ca:af:d1:f7:a5:31:86:20:c8:48:f4:93:a3:25:3a: 15:b1:cb:21:e8:43:23:24:ca:f8:5d:c2:7d:f3:b7: bc:96:ac:08:32:11:e6:bd:b8:80:37:f8:5e:ea:52: 5e:ad:14:78:d4:13:4a:d2:98:06:2c:ca:7b:99:ec: 7e:a8:e1:55:66:9c:a7:27:be:75:aa:43:e1:62:7a: 85:0c:e5:a5:de:b9:5e:94:9f:8d:5d:89:cf:57:21: 41:ff:9b:2c:0e:a0:5c:1d:de:17:ff:98:d0:39:e9: a4:b5:1b:ac:25:ff:96:fe:12:1a:72:0d:86:5e:44: 0a:4a:41:7e:0a:39:67:d7:8f:07:9f:96:96:e7:1f: 16:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A X509v3 Authority Key Identifier: keyid:E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:9a:47:2b:a1:d7:42:85:3f:f0:72:87:60:62:e0:84:70:e5: 0d:08:a5:46:ea:bd:e6:76:fd:d1:7b:e7:05:20:da:a4:c7:48: 20:ed:24:e3:b4:35:ee:76:f4:2f:06:42:ac:3c:cd:00:ab:e5: 33:e9:be:3f:a7:ae:44:06:bb:63:95:d7:d2:d1:2d:34:ff:04: 3b:5d:06:b3:0f:be:ab:1c:78:5b:be:41:e0:ad:52:3a:6a:af: ca:05:42:76:78:18:30:ce:f5:04:4b:4c:a5:74:39:d6:2a:d4: d0:d2:86:0e:f8:2e:e9:18:ad:fe:c0:33:83:c5:e4:82:71:a4: 87:2f:cb:c5:d9:b7:47:bd:3b:bd:0f:4b:4f:32:a2:b7:9b:ff: 8e:e6:c3:a6:18:c4:63:5f:8b:01:f6:42:96:bf:44:54:92:3b: c9:20:1e:5d:3d:cc:bd:60:10:d0:1b:26:bc:58:7f:f1:c4:44: c4:8d:cb:bd:79:c1:1b:e4:61:22:2c:a5:2e:73:ac:ad:04:61: 99:a4:43:b6:f4:81:e2:c0:aa:f4:84:ea:bb:9b:15:b6:83:c3: 67:87:d4:ec:8b:74:af:49:d6:23:58:a2:82:2f:ec:76:a6:9b: 44:ac:ce:44:a9:95:14:b4:29:7f:3e:43:cf:7b:cc:4b:6b:5c: e0:1e:78:a7 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICHiYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTU2 REE0QzI3NUYzQ0NDOTJEMDg2MjAyQTFFREE3NzgzRjBDM0QwRDAeFw0yNDExMjIx MDI1NTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBDQ0JCNUFDNEE0QkRF QUM0Qzc2Nzk2MDk1MTg0M0Y1MjQ3QTFEN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF6r9VtbIqNKOjzuWHSGhQxHjdpqKvksBfe88vyMxgS9/3Pdg0 naD/a/Xq4Om5YdMpY5Wc/q7VHK9eklqQYvcBVg0adtrOwDCo+tNKyi06PjuXgANY MyxnWzeslwou+noH0XjvXqDjW03P9msUBm9WAF4xWXMJC8qv0felMYYgyEj0k6Ml OhWxyyHoQyMkyvhdwn3zt7yWrAgyEea9uIA3+F7qUl6tFHjUE0rSmAYsynuZ7H6o 4VVmnKcnvnWqQ+FieoUM5aXeuV6Un41dic9XIUH/mywOoFwd3hf/mNA56aS1G6wl /5b+EhpyDYZeRApKQX4KOWfXjweflpbnHxY7AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDMu1rEpL3qxMdnlglRhD9SR6HXowHwYDVR0jBBgwFoAU5W2kwnXzzMktCGIC oe2neD8MPQ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIx LzVXMmt3blh6ek1rdENHSUNvZTJuZUQ4TVBRMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNVcya3duWHp6TWt0Q0dJQ29lMm5lRDhNUFEwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIxLzVXMmt3blh6ek1rdENH SUNvZTJuZUQ4TVBRMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBBmkcroddChT/wcodgYuCEcOUNCKVG6r3mdv3Re+cFINqkx0gg7STjtDXudvQv BkKsPM0Aq+Uz6b4/p65EBrtjldfS0S00/wQ7XQazD76rHHhbvkHgrVI6aq/KBUJ2 eBgwzvUES0yldDnWKtTQ0oYO+C7pGK3+wDODxeSCcaSHL8vF2bdHvTu9D0tPMqK3 m/+O5sOmGMRjX4sB9kKWv0RUkjvJIB5dPcy9YBDQGya8WH/xxETEjcu9ecEb5GEi LKUuc6ytBGGZpEO29IHiwKr0hOq7mxW2g8Nnh9Tsi3SvSdYjWKKCL+x2pptErM5E qZUUtCl/PkPPe8xLa1zgHnin -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:41 2024 by rpki-client on console-fra.rpki-client.org