$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft File: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft (raw, json) Hash identifier: 5mL6bPlJIWgIm77DShtxFkF4eRPn1mrH/8+/RSwzg7Q= Subject key identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B Authority key identifier: D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 Certificate issuer: /CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Certificate serial: 1AC4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft Manifest number: 1AC4 Signing time: Mon 25 Nov 2024 21:23:34 +0000 Manifest this update: Mon 25 Nov 2024 21:23:34 +0000 Manifest next update: Tue 26 Nov 2024 03:23:34 +0000 Files and hashes: 1: 0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl (hash: FvI0CjUl7XEdxYJhAX4qbGCjAP9znHkqFl/PIW7W2Cg=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 03:23:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6852 (0x1ac4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D324BB3FE5C15A2E042A632E5A2359D048F04C42 Validity Not Before: Nov 25 21:23:34 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EFD8DB33953BC6DC717CA67C36A64A67C36B413B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:06:0e:21:8b:b1:ce:87:e9:a7:e0:0d:cc:26: f1:4a:9d:72:f5:5f:40:55:76:44:50:ef:18:3a:d7: e8:33:70:6e:66:d7:a2:05:08:1e:ff:cc:84:d9:6b: 39:20:82:05:c0:24:24:81:33:20:09:20:01:1b:26: b4:8e:5f:ef:34:78:cf:86:a9:9e:1b:c0:93:6a:32: 1d:77:fc:28:e3:5e:b9:d0:ed:f9:1a:9e:45:cd:08: 3b:db:ed:22:0f:00:34:5f:67:03:21:3b:82:b8:47: 7c:e7:77:03:2a:0e:ab:a1:05:d5:c6:53:1b:a3:ba: 1c:30:42:5c:89:b3:08:ad:0e:05:72:13:a8:02:f3: 04:aa:99:8a:61:1d:41:89:f1:60:98:15:92:9e:5d: 7c:6d:10:ab:82:48:33:03:a6:a6:01:a4:f5:82:2b: 47:ae:83:43:33:2e:55:c8:a5:e8:a6:84:c7:3d:0b: 29:1b:0b:28:c7:4e:e0:06:02:2b:8a:b3:57:be:b3: 3e:c3:a9:17:8e:23:a2:6e:b1:6f:5b:56:e6:75:0a: ac:8f:9d:68:33:0f:91:6c:b0:7e:27:8f:ba:2d:b7: b7:0c:58:18:19:81:b3:eb:9f:f2:74:9e:ae:d0:87: c6:4c:bb:ab:5c:ac:6e:00:aa:ea:b5:a1:3d:ac:6a: 4b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:D8:DB:33:95:3B:C6:DC:71:7C:A6:7C:36:A6:4A:67:C3:6B:41:3B X509v3 Authority Key Identifier: keyid:D3:24:BB:3F:E5:C1:5A:2E:04:2A:63:2E:5A:23:59:D0:48:F0:4C:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/645/0yS7P-XBWi4EKmMuWiNZ0EjwTEI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:1a:72:92:3b:32:9c:24:4f:04:0b:4d:76:f2:2d:40:88:4c: a5:e7:12:8d:02:97:92:a1:ca:95:9d:ce:fe:23:ad:6b:9b:c9: 4d:5a:5a:7b:87:0a:88:f5:b7:1f:64:fc:60:3a:8b:f9:fa:7e: 60:a9:05:a9:be:a0:2d:0c:2c:ca:27:8b:41:a4:2f:3e:f8:75: b5:2e:af:dd:e2:64:49:78:5f:69:73:03:d2:75:e0:a5:83:a0: 68:22:ce:a0:51:85:6b:4c:53:6f:d0:73:27:07:9a:d9:24:fb: b0:7c:61:20:e0:90:6e:12:af:59:9f:45:ae:0c:db:7d:30:80: 6f:bd:a2:da:53:83:d1:e6:c6:88:d5:d7:fb:26:05:22:e4:d5: 72:f5:22:82:d8:40:13:59:02:c7:f5:81:40:de:e3:93:39:62: 8a:a3:3c:2f:bf:f9:99:a8:5e:28:31:eb:18:62:92:2e:c8:23: d4:7c:77:96:54:d1:ec:24:df:92:53:8b:11:d9:4d:eb:fa:12: 5a:37:7f:06:f8:a4:e8:fd:01:c7:59:f2:64:ec:fd:d8:34:e2: c8:1e:ac:84:dc:36:40:11:b0:68:9a:af:d1:5e:6d:a9:03:e6: 5d:2b:cb:9b:d4:ec:79:75:56:9e:fc:ed:f0:c5:ae:be:f1:68: 87:6f:4c:e2 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDMy NEJCM0ZFNUMxNUEyRTA0MkE2MzJFNUEyMzU5RDA0OEYwNEM0MjAeFw0yNDExMjUy MTIzMzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVGRDhEQjMzOTUzQkM2 REM3MTdDQTY3QzM2QTY0QTY3QzM2QjQxM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBBg4hi7HOh+mn4A3MJvFKnXL1X0BVdkRQ7xg61+gzcG5m16IF CB7/zITZazkgggXAJCSBMyAJIAEbJrSOX+80eM+GqZ4bwJNqMh13/CjjXrnQ7fka nkXNCDvb7SIPADRfZwMhO4K4R3zndwMqDquhBdXGUxujuhwwQlyJswitDgVyE6gC 8wSqmYphHUGJ8WCYFZKeXXxtEKuCSDMDpqYBpPWCK0eug0MzLlXIpeimhMc9Cykb CyjHTuAGAiuKs1e+sz7DqReOI6JusW9bVuZ1CqyPnWgzD5FssH4nj7ott7cMWBgZ gbPrn/J0nq7Qh8ZMu6tcrG4Aquq1oT2sakuTAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU79jbM5U7xtxxfKZ8NqZKZ8NrQTswHwYDVR0jBBgwFoAU0yS7P+XBWi4EKmMu WiNZ0EjwTEIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1 LzB5UzdQLVhCV2k0RUttTXVXaU5aMEVqd1RFSS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMHlTN1AtWEJXaTRFS21NdVdpTlowRWp3VEVJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjQ1LzB5UzdQLVhCV2k0RUtt TXVXaU5aMEVqd1RFSS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAzGnKSOzKcJE8EC0128i1AiEyl5xKNApeSocqVnc7+I61rm8lNWlp7hwqI9bcf ZPxgOov5+n5gqQWpvqAtDCzKJ4tBpC8++HW1Lq/d4mRJeF9pcwPSdeClg6BoIs6g UYVrTFNv0HMnB5rZJPuwfGEg4JBuEq9Zn0WuDNt9MIBvvaLaU4PR5saI1df7JgUi 5NVy9SKC2EATWQLH9YFA3uOTOWKKozwvv/mZqF4oMesYYpIuyCPUfHeWVNHsJN+S U4sR2U3r+hJaN38G+KTo/QHHWfJk7P3YNOLIHqyE3DZAEbBomq/RXm2pA+ZdK8ub 1Ox5dVae/O3wxa6+8WiHb0zi -----END CERTIFICATE-----Generated at Tue Nov 26 03:02:32 2024 by rpki-client on console-ams.rpki-client.org