$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft File: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft (raw, json) Hash identifier: TKoLzdymTDjpebjVsZrwgNhT7oc/LcIxcJPxbD2HQv0= Subject key identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B Authority key identifier: D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 Certificate issuer: /CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Certificate serial: 1E71 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft Manifest number: 1E71 Signing time: Tue 03 Jun 2025 21:10:44 +0000 Manifest this update: Tue 03 Jun 2025 21:10:44 +0000 Manifest next update: Wed 04 Jun 2025 03:10:44 +0000 Files and hashes: 1: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl (hash: +B93bqI65dFQi08PPeCnhGfriSWfpXFPVzl17FdUH3o=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:10:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7793 (0x1e71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Validity Not Before: Jun 3 21:10:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=EFD8DB33953BC6DC717CA67C36A64A67C36B413B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:06:0e:21:8b:b1:ce:87:e9:a7:e0:0d:cc:26: f1:4a:9d:72:f5:5f:40:55:76:44:50:ef:18:3a:d7: e8:33:70:6e:66:d7:a2:05:08:1e:ff:cc:84:d9:6b: 39:20:82:05:c0:24:24:81:33:20:09:20:01:1b:26: b4:8e:5f:ef:34:78:cf:86:a9:9e:1b:c0:93:6a:32: 1d:77:fc:28:e3:5e:b9:d0:ed:f9:1a:9e:45:cd:08: 3b:db:ed:22:0f:00:34:5f:67:03:21:3b:82:b8:47: 7c:e7:77:03:2a:0e:ab:a1:05:d5:c6:53:1b:a3:ba: 1c:30:42:5c:89:b3:08:ad:0e:05:72:13:a8:02:f3: 04:aa:99:8a:61:1d:41:89:f1:60:98:15:92:9e:5d: 7c:6d:10:ab:82:48:33:03:a6:a6:01:a4:f5:82:2b: 47:ae:83:43:33:2e:55:c8:a5:e8:a6:84:c7:3d:0b: 29:1b:0b:28:c7:4e:e0:06:02:2b:8a:b3:57:be:b3: 3e:c3:a9:17:8e:23:a2:6e:b1:6f:5b:56:e6:75:0a: ac:8f:9d:68:33:0f:91:6c:b0:7e:27:8f:ba:2d:b7: b7:0c:58:18:19:81:b3:eb:9f:f2:74:9e:ae:d0:87: c6:4c:bb:ab:5c:ac:6e:00:aa:ea:b5:a1:3d:ac:6a: 4b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B X509v3 Authority Key Identifier: keyid:D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:7b:96:b3:ff:ef:9e:25:2b:e1:34:4b:bc:b6:eb:59:63:eb: 82:cf:0a:7e:c2:51:e1:b7:b2:ad:56:c3:33:d0:d1:48:5e:75: 8b:f5:21:0e:57:1f:07:84:15:53:bf:db:f3:f7:c9:5d:41:df: af:8b:e0:78:9d:51:ef:65:a7:11:8a:ac:bb:c0:ca:c2:97:9b: 4f:4a:15:f9:e7:82:3e:1a:b5:bb:9e:72:f9:ca:47:e4:0b:e6: c1:12:f9:2f:c9:72:60:69:36:8e:af:68:dc:da:35:c0:55:32: d5:e2:1e:e4:22:54:06:98:ed:8d:dc:21:a3:14:8a:75:b2:5c: 42:e8:eb:0a:9f:4e:8c:a1:13:3c:45:e9:c1:be:01:80:d5:80: e9:a8:65:ef:5e:34:2c:37:3a:b2:45:c3:ed:73:26:36:75:e3: 23:0a:16:1c:95:65:b1:4f:da:b6:88:5a:59:d9:95:bf:54:43: 9a:76:fb:01:e0:14:71:ee:b8:6b:87:67:7a:63:b1:af:59:87: d5:81:57:85:a7:97:30:c9:e1:1e:08:ca:a3:63:0f:de:d7:ec: 95:dd:85:4f:bf:38:11:62:d5:71:fc:d3:96:6f:13:2c:27:3c: 3c:8b:d4:73:de:5a:97:44:d5:49:8a:b4:be:25:1f:09:f0:c1: 85:a2:2a:b4 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICHnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDMy NEJCM0ZFNUMxNUEyRTA0MkE2MzJFNUEyMzU5RDA0OEYwNEM0MjAeFw0yNTA2MDMy MTEwNDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVGRDhEQjMzOTUzQkM2 REM3MTdDQTY3QzM2QTY0QTY3QzM2QjQxM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBBg4hi7HOh+mn4A3MJvFKnXL1X0BVdkRQ7xg61+gzcG5m16IF CB7/zITZazkgggXAJCSBMyAJIAEbJrSOX+80eM+GqZ4bwJNqMh13/CjjXrnQ7fka nkXNCDvb7SIPADRfZwMhO4K4R3zndwMqDquhBdXGUxujuhwwQlyJswitDgVyE6gC 8wSqmYphHUGJ8WCYFZKeXXxtEKuCSDMDpqYBpPWCK0eug0MzLlXIpeimhMc9Cykb CyjHTuAGAiuKs1e+sz7DqReOI6JusW9bVuZ1CqyPnWgzD5FssH4nj7ott7cMWBgZ gbPrn/J0nq7Qh8ZMu6tcrG4Aquq1oT2sakuTAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU79jbM5U7xtxxfKZ8NqZKZ8NrQTswHwYDVR0jBBgwFoAU0yS7P+XBWi4EKmMu WiNZ0EjwTEIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1 LzB5UzdQLVhCV2k0RUttTXVXaU5aMEVqd1RFSS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMHlTN1AtWEJXaTRFS21NdVdpTlowRWp3VEVJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1LzB5UzdQLVhCV2k0RUtt TXVXaU5aMEVqd1RFSS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAHe5az/++eJSvhNEu8tutZY+uCzwp+wlHht7KtVsMz0NFIXnWL9SEOVx8HhBVT v9vz98ldQd+vi+B4nVHvZacRiqy7wMrCl5tPShX554I+GrW7nnL5ykfkC+bBEvkv yXJgaTaOr2jc2jXAVTLV4h7kIlQGmO2N3CGjFIp1slxC6OsKn06MoRM8RenBvgGA 1YDpqGXvXjQsNzqyRcPtcyY2deMjChYclWWxT9q2iFpZ2ZW/VEOadvsB4BRx7rhr h2d6Y7GvWYfVgVeFp5cwyeEeCMqjYw/e1+yV3YVPvzgRYtVx/NOWbxMsJzw8i9Rz 3lqXRNVJirS+JR8J8MGFoiq0 -----END CERTIFICATE-----Generated at Wed Jun 4 00:21:22 2025 by rpki-client