$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft File: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft (raw, json) Hash identifier: wqoPS/Ft6rhWjBK2MhxYVCs+21xRNzLBuOJ4WpXC2NQ= Subject key identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B Authority key identifier: D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 Certificate issuer: /CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Certificate serial: 1F57 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft Manifest number: 1F57 Signing time: Sun 20 Jul 2025 07:41:07 +0000 Manifest this update: Sun 20 Jul 2025 07:41:07 +0000 Manifest next update: Sun 20 Jul 2025 13:41:07 +0000 Files and hashes: 1: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl (hash: cwHXf/zcrKKL1PVfprUfF49XcKUJBluA3UiSnpkwohY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8023 (0x1f57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Validity Not Before: Jul 20 07:41:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=EFD8DB33953BC6DC717CA67C36A64A67C36B413B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:06:0e:21:8b:b1:ce:87:e9:a7:e0:0d:cc:26: f1:4a:9d:72:f5:5f:40:55:76:44:50:ef:18:3a:d7: e8:33:70:6e:66:d7:a2:05:08:1e:ff:cc:84:d9:6b: 39:20:82:05:c0:24:24:81:33:20:09:20:01:1b:26: b4:8e:5f:ef:34:78:cf:86:a9:9e:1b:c0:93:6a:32: 1d:77:fc:28:e3:5e:b9:d0:ed:f9:1a:9e:45:cd:08: 3b:db:ed:22:0f:00:34:5f:67:03:21:3b:82:b8:47: 7c:e7:77:03:2a:0e:ab:a1:05:d5:c6:53:1b:a3:ba: 1c:30:42:5c:89:b3:08:ad:0e:05:72:13:a8:02:f3: 04:aa:99:8a:61:1d:41:89:f1:60:98:15:92:9e:5d: 7c:6d:10:ab:82:48:33:03:a6:a6:01:a4:f5:82:2b: 47:ae:83:43:33:2e:55:c8:a5:e8:a6:84:c7:3d:0b: 29:1b:0b:28:c7:4e:e0:06:02:2b:8a:b3:57:be:b3: 3e:c3:a9:17:8e:23:a2:6e:b1:6f:5b:56:e6:75:0a: ac:8f:9d:68:33:0f:91:6c:b0:7e:27:8f:ba:2d:b7: b7:0c:58:18:19:81:b3:eb:9f:f2:74:9e:ae:d0:87: c6:4c:bb:ab:5c:ac:6e:00:aa:ea:b5:a1:3d:ac:6a: 4b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B X509v3 Authority Key Identifier: keyid:D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:a1:e9:28:59:c6:a7:05:7a:aa:0d:4b:3f:4c:d3:8f:5c:1c: bf:9b:66:e9:07:d1:e6:3a:d2:e3:ac:73:58:ee:65:f5:52:ad: 39:fc:28:a2:3f:3b:e8:8a:2c:9b:a6:83:90:15:28:38:85:3c: c6:17:29:3f:e4:60:1e:54:75:66:10:d7:d2:ea:d8:3b:a6:1c: 7e:12:2f:fc:96:69:27:05:bc:e8:b5:e6:f3:b4:44:4b:7d:6e: f4:b3:b2:b9:3f:10:e5:47:36:6a:aa:6f:af:41:33:d5:dc:ee: fe:2c:51:22:f2:c0:40:91:56:bf:3a:d4:6c:cd:d5:85:22:94: 24:82:80:e8:a8:19:68:4e:ae:13:a8:59:e0:f7:b5:4e:98:15: 65:c1:32:85:6b:74:e5:a6:37:b5:26:fd:3c:d6:ad:62:ce:d4: 0a:5d:d4:88:71:35:ce:85:5d:9a:3b:fc:ea:c1:9d:61:c9:93: 4f:d4:14:e5:6f:02:a0:a8:e4:ff:5c:2a:99:82:28:35:7d:d7: bd:a7:cb:c6:5a:44:f7:76:cf:b3:8e:2a:22:2d:05:3a:fb:9e: 09:98:c7:91:db:ed:21:d6:34:e0:69:b1:fc:e6:fc:3e:da:a6: d7:07:2b:4f:e3:32:8c:1f:f1:fa:28:6c:e8:e4:83:37:c6:0c: 09:ca:1f:a9 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICH1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDMy NEJCM0ZFNUMxNUEyRTA0MkE2MzJFNUEyMzU5RDA0OEYwNEM0MjAeFw0yNTA3MjAw NzQxMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVGRDhEQjMzOTUzQkM2 REM3MTdDQTY3QzM2QTY0QTY3QzM2QjQxM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBBg4hi7HOh+mn4A3MJvFKnXL1X0BVdkRQ7xg61+gzcG5m16IF CB7/zITZazkgggXAJCSBMyAJIAEbJrSOX+80eM+GqZ4bwJNqMh13/CjjXrnQ7fka nkXNCDvb7SIPADRfZwMhO4K4R3zndwMqDquhBdXGUxujuhwwQlyJswitDgVyE6gC 8wSqmYphHUGJ8WCYFZKeXXxtEKuCSDMDpqYBpPWCK0eug0MzLlXIpeimhMc9Cykb CyjHTuAGAiuKs1e+sz7DqReOI6JusW9bVuZ1CqyPnWgzD5FssH4nj7ott7cMWBgZ gbPrn/J0nq7Qh8ZMu6tcrG4Aquq1oT2sakuTAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU79jbM5U7xtxxfKZ8NqZKZ8NrQTswHwYDVR0jBBgwFoAU0yS7P+XBWi4EKmMu WiNZ0EjwTEIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1 LzB5UzdQLVhCV2k0RUttTXVXaU5aMEVqd1RFSS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMHlTN1AtWEJXaTRFS21NdVdpTlowRWp3VEVJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1LzB5UzdQLVhCV2k0RUtt TXVXaU5aMEVqd1RFSS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCcoekoWcanBXqqDUs/TNOPXBy/m2bpB9HmOtLjrHNY7mX1Uq05/CiiPzvoiiyb poOQFSg4hTzGFyk/5GAeVHVmENfS6tg7phx+Ei/8lmknBbzotebztERLfW70s7K5 PxDlRzZqqm+vQTPV3O7+LFEi8sBAkVa/OtRszdWFIpQkgoDoqBloTq4TqFng97VO mBVlwTKFa3Tlpje1Jv081q1iztQKXdSIcTXOhV2aO/zqwZ1hyZNP1BTlbwKgqOT/ XCqZgig1fde9p8vGWkT3ds+zjioiLQU6+54JmMeR2+0h1jTgabH85vw+2qbXBytP 4zKMH/H6KGzo5IM3xgwJyh+p -----END CERTIFICATE-----Generated at Sun Jul 20 12:36:16 2025 by rpki-client