$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft File: 5W2kwnXzzMktCGICoe2neD8MPQ0.mft (raw, json) Hash identifier: x/E+eTzdkffymkyQxJkfHfJDpnEN5/Gp5fkc4anPLJo= Subject key identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A Authority key identifier: E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D Certificate issuer: /CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Certificate serial: 21E5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft Manifest number: 21D9 Signing time: Tue 03 Jun 2025 21:14:00 +0000 Manifest this update: Tue 03 Jun 2025 21:14:00 +0000 Manifest next update: Wed 04 Jun 2025 03:14:00 +0000 Files and hashes: 1: 0p4OnuorqVemfKiNz4jb1ANy_VQ.roa (hash: XoSGiFq8O6Q57IRgvp7PfupeNUc2/oaY3bSF8APHxvs=) 2: 5W2kwnXzzMktCGICoe2neD8MPQ0.crl (hash: nMzyrE9TCY1Z+fy3dGEakGdMzC9IWaK6UqgqXnGrAng=) 3: nupcYpRncbBv3-9dSwkTJgvZMyQ.roa (hash: 4MbXF1Yx0L8hJq971GxzZ01dBBGTfAi9S+9JFIVKcDg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8677 (0x21e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Validity Not Before: Jun 3 21:14:00 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0CCBB5AC4A4BDEAC4C767960951843F5247A1D7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ea:bf:55:b5:b2:2a:34:a3:a3:ce:e5:87:48: 68:50:c4:78:dd:a6:a2:af:92:c0:5f:7b:cf:2f:c8: cc:60:4b:df:f7:3d:d8:34:9d:a0:ff:6b:f5:ea:e0: e9:b9:61:d3:29:63:95:9c:fe:ae:d5:1c:af:5e:92: 5a:90:62:f7:01:56:0d:1a:76:da:ce:c0:30:a8:fa: d3:4a:ca:2d:3a:3e:3b:97:80:03:58:33:2c:67:5b: 37:ac:97:0a:2e:fa:7a:07:d1:78:ef:5e:a0:e3:5b: 4d:cf:f6:6b:14:06:6f:56:00:5e:31:59:73:09:0b: ca:af:d1:f7:a5:31:86:20:c8:48:f4:93:a3:25:3a: 15:b1:cb:21:e8:43:23:24:ca:f8:5d:c2:7d:f3:b7: bc:96:ac:08:32:11:e6:bd:b8:80:37:f8:5e:ea:52: 5e:ad:14:78:d4:13:4a:d2:98:06:2c:ca:7b:99:ec: 7e:a8:e1:55:66:9c:a7:27:be:75:aa:43:e1:62:7a: 85:0c:e5:a5:de:b9:5e:94:9f:8d:5d:89:cf:57:21: 41:ff:9b:2c:0e:a0:5c:1d:de:17:ff:98:d0:39:e9: a4:b5:1b:ac:25:ff:96:fe:12:1a:72:0d:86:5e:44: 0a:4a:41:7e:0a:39:67:d7:8f:07:9f:96:96:e7:1f: 16:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CB:B5:AC:4A:4B:DE:AC:4C:76:79:60:95:18:43:F5:24:7A:1D:7A X509v3 Authority Key Identifier: keyid:E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:98:5e:28:6c:47:59:e2:68:07:9d:43:72:d4:2a:99:f1:9a: 88:b5:8e:6f:04:13:fa:17:41:67:8d:fe:c5:86:16:90:c9:c7: 24:7c:1a:80:cc:06:d5:e5:7b:21:9e:38:03:8b:c7:b2:a2:7f: 1f:9e:cf:77:ed:c9:11:54:de:72:da:d8:6a:15:fc:9d:79:01: a6:7c:9d:4f:fd:8f:a5:ac:d1:3c:1f:25:47:2b:96:a2:42:82: 5f:aa:0a:90:14:2e:ac:54:ed:3e:51:a6:63:ae:22:0f:cc:23: 33:7e:4f:9f:ec:a2:46:ac:c4:51:7e:12:f6:25:f3:2f:10:58: be:61:c5:5e:7a:3a:a3:f6:68:ef:f9:5c:c7:d5:8a:56:47:d9: fb:ab:46:c6:56:d4:12:ec:d9:c8:c8:6b:1f:5c:06:d9:72:80: d0:5b:53:57:11:a3:bc:f5:31:6b:1f:dc:35:1b:46:1f:5e:53: 42:1d:4f:c6:17:be:fb:c4:2c:0d:46:39:2b:18:e2:75:a5:7a: d2:60:ae:fd:1f:f5:c2:80:7b:a4:e8:6c:c9:c5:0a:86:79:92: dc:01:7e:35:9f:b8:c0:26:9f:77:6e:65:82:a6:86:8d:47:f1: 11:ff:7b:aa:d1:56:c4:c9:c1:bc:99:01:0d:04:22:bc:19:d0: 45:b2:08:2e -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICIeUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTU2 REE0QzI3NUYzQ0NDOTJEMDg2MjAyQTFFREE3NzgzRjBDM0QwRDAeFw0yNTA2MDMy MTE0MDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBDQ0JCNUFDNEE0QkRF QUM0Qzc2Nzk2MDk1MTg0M0Y1MjQ3QTFEN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF6r9VtbIqNKOjzuWHSGhQxHjdpqKvksBfe88vyMxgS9/3Pdg0 naD/a/Xq4Om5YdMpY5Wc/q7VHK9eklqQYvcBVg0adtrOwDCo+tNKyi06PjuXgANY MyxnWzeslwou+noH0XjvXqDjW03P9msUBm9WAF4xWXMJC8qv0felMYYgyEj0k6Ml OhWxyyHoQyMkyvhdwn3zt7yWrAgyEea9uIA3+F7qUl6tFHjUE0rSmAYsynuZ7H6o 4VVmnKcnvnWqQ+FieoUM5aXeuV6Un41dic9XIUH/mywOoFwd3hf/mNA56aS1G6wl /5b+EhpyDYZeRApKQX4KOWfXjweflpbnHxY7AgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDMu1rEpL3qxMdnlglRhD9SR6HXowHwYDVR0jBBgwFoAU5W2kwnXzzMktCGIC oe2neD8MPQ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIx LzVXMmt3blh6ek1rdENHSUNvZTJuZUQ4TVBRMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNVcya3duWHp6TWt0Q0dJQ29lMm5lRDhNUFEwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIxLzVXMmt3blh6ek1rdENH SUNvZTJuZUQ4TVBRMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBzmF4obEdZ4mgHnUNy1CqZ8ZqItY5vBBP6F0Fnjf7FhhaQycckfBqAzAbV5Xsh njgDi8eyon8fns937ckRVN5y2thqFfydeQGmfJ1P/Y+lrNE8HyVHK5aiQoJfqgqQ FC6sVO0+UaZjriIPzCMzfk+f7KJGrMRRfhL2JfMvEFi+YcVeejqj9mjv+VzH1YpW R9n7q0bGVtQS7NnIyGsfXAbZcoDQW1NXEaO89TFrH9w1G0YfXlNCHU/GF777xCwN RjkrGOJ1pXrSYK79H/XCgHuk6GzJxQqGeZLcAX41n7jAJp93bmWCpoaNR/ER/3uq 0VbEycG8mQENBCK8GdBFsggu -----END CERTIFICATE-----Generated at Wed Jun 4 01:14:10 2025 by rpki-client