$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft File: 5W2kwnXzzMktCGICoe2neD8MPQ0.mft (raw, json) Hash identifier: 7pbwmGTaT3ijFg6yayx91JZatu654Zn1ThVZ0v9hAec= Subject key identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A Authority key identifier: E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D Certificate issuer: /CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Certificate serial: 22CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft Manifest number: 22BE Signing time: Sun 20 Jul 2025 06:43:36 +0000 Manifest this update: Sun 20 Jul 2025 06:43:36 +0000 Manifest next update: Sun 20 Jul 2025 12:43:36 +0000 Files and hashes: 1: 0p4OnuorqVemfKiNz4jb1ANy_VQ.roa (hash: XoSGiFq8O6Q57IRgvp7PfupeNUc2/oaY3bSF8APHxvs=) 2: 5W2kwnXzzMktCGICoe2neD8MPQ0.crl (hash: sP5Ac5gDmbB5aB8nepp2vxQWQSx+b3Ma6m9lkHkbMrE=) 3: nupcYpRncbBv3-9dSwkTJgvZMyQ.roa (hash: 4MbXF1Yx0L8hJq971GxzZ01dBBGTfAi9S+9JFIVKcDg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:43:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8906 (0x22ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Validity Not Before: Jul 20 06:43:36 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0CCBB5AC4A4BDEAC4C767960951843F5247A1D7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ea:bf:55:b5:b2:2a:34:a3:a3:ce:e5:87:48: 68:50:c4:78:dd:a6:a2:af:92:c0:5f:7b:cf:2f:c8: cc:60:4b:df:f7:3d:d8:34:9d:a0:ff:6b:f5:ea:e0: e9:b9:61:d3:29:63:95:9c:fe:ae:d5:1c:af:5e:92: 5a:90:62:f7:01:56:0d:1a:76:da:ce:c0:30:a8:fa: d3:4a:ca:2d:3a:3e:3b:97:80:03:58:33:2c:67:5b: 37:ac:97:0a:2e:fa:7a:07:d1:78:ef:5e:a0:e3:5b: 4d:cf:f6:6b:14:06:6f:56:00:5e:31:59:73:09:0b: ca:af:d1:f7:a5:31:86:20:c8:48:f4:93:a3:25:3a: 15:b1:cb:21:e8:43:23:24:ca:f8:5d:c2:7d:f3:b7: bc:96:ac:08:32:11:e6:bd:b8:80:37:f8:5e:ea:52: 5e:ad:14:78:d4:13:4a:d2:98:06:2c:ca:7b:99:ec: 7e:a8:e1:55:66:9c:a7:27:be:75:aa:43:e1:62:7a: 85:0c:e5:a5:de:b9:5e:94:9f:8d:5d:89:cf:57:21: 41:ff:9b:2c:0e:a0:5c:1d:de:17:ff:98:d0:39:e9: a4:b5:1b:ac:25:ff:96:fe:12:1a:72:0d:86:5e:44: 0a:4a:41:7e:0a:39:67:d7:8f:07:9f:96:96:e7:1f: 16:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A X509v3 Authority Key Identifier: keyid:E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:27:88:c1:74:a3:a8:0c:f3:5c:8a:6d:99:a5:1c:e9:7a:da: 4f:48:e5:c5:ef:7b:56:23:4c:c1:bf:30:8b:60:58:b8:89:f6: 9b:53:66:6e:92:27:5d:7f:d7:ea:33:78:ec:c9:b4:54:69:0a: 9f:62:5a:26:c9:19:4a:2a:5a:71:21:0a:0c:4a:e4:6e:b0:64: ac:78:ed:3b:bd:b6:18:99:3f:21:e2:18:9a:14:1d:66:fa:91: 39:12:38:c4:c8:91:a8:9f:3d:a1:6c:f9:20:22:2a:e1:8e:85: d8:ef:a6:b5:94:a4:cc:c5:01:8c:49:85:be:9e:a0:b9:bb:0c: 08:7c:ff:62:75:3f:8d:24:4c:71:a9:3b:11:00:1f:bf:01:bb: 82:70:88:db:42:76:e5:5b:54:d6:da:f7:de:c7:7d:48:7b:27: b0:f2:49:7c:70:2d:82:0e:02:52:68:4a:92:f2:c7:e8:0a:fb: 99:52:2d:ec:01:44:a9:02:d1:33:11:84:29:b3:51:42:0a:b2: a0:3c:e0:69:ee:9f:0e:2f:80:d2:ec:f3:c9:3f:28:28:85:92: a9:2a:22:30:f2:02:e0:54:89:2c:93:6d:97:3c:4f:02:96:00: 9a:92:76:f1:43:2a:0e:88:88:42:62:10:bb:67:75:db:a7:b8: 79:b9:af:1e -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICIsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTU2 REE0QzI3NUYzQ0NDOTJEMDg2MjAyQTFFREE3NzgzRjBDM0QwRDAeFw0yNTA3MjAw NjQzMzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBDQ0JCNUFDNEE0QkRF QUM0Qzc2Nzk2MDk1MTg0M0Y1MjQ3QTFEN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF6r9VtbIqNKOjzuWHSGhQxHjdpqKvksBfe88vyMxgS9/3Pdg0 naD/a/Xq4Om5YdMpY5Wc/q7VHK9eklqQYvcBVg0adtrOwDCo+tNKyi06PjuXgANY MyxnWzeslwou+noH0XjvXqDjW03P9msUBm9WAF4xWXMJC8qv0felMYYgyEj0k6Ml OhWxyyHoQyMkyvhdwn3zt7yWrAgyEea9uIA3+F7qUl6tFHjUE0rSmAYsynuZ7H6o 4VVmnKcnvnWqQ+FieoUM5aXeuV6Un41dic9XIUH/mywOoFwd3hf/mNA56aS1G6wl /5b+EhpyDYZeRApKQX4KOWfXjweflpbnHxY7AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDMu1rEpL3qxMdnlglRhD9SR6HXowHwYDVR0jBBgwFoAU5W2kwnXzzMktCGIC oe2neD8MPQ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIx LzVXMmt3blh6ek1rdENHSUNvZTJuZUQ4TVBRMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNVcya3duWHp6TWt0Q0dJQ29lMm5lRDhNUFEwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIxLzVXMmt3blh6ek1rdENH SUNvZTJuZUQ4TVBRMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQC5J4jBdKOoDPNcim2ZpRzpetpPSOXF73tWI0zBvzCLYFi4ifabU2Zukiddf9fq M3jsybRUaQqfYlomyRlKKlpxIQoMSuRusGSseO07vbYYmT8h4hiaFB1m+pE5EjjE yJGonz2hbPkgIirhjoXY76a1lKTMxQGMSYW+nqC5uwwIfP9idT+NJExxqTsRAB+/ AbuCcIjbQnblW1TW2vfex31Ieyew8kl8cC2CDgJSaEqS8sfoCvuZUi3sAUSpAtEz EYQps1FCCrKgPOBp7p8OL4DS7PPJPygohZKpKiIw8gLgVIksk22XPE8ClgCaknbx QyoOiIhCYhC7Z3Xbp7h5ua8e -----END CERTIFICATE-----Generated at Sun Jul 20 12:43:19 2025 by rpki-client