$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft File: 2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json) Hash identifier: M8TOEcAVk+RYuEOg9k2zTQ5zCJEhsbYVskhFbfGKYEo= Subject key identifier: A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 1466 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft Manifest number: 1456 Signing time: Wed 16 Apr 2025 19:08:27 +0000 Manifest this update: Wed 16 Apr 2025 19:08:27 +0000 Manifest next update: Thu 17 Apr 2025 01:08:27 +0000 Files and hashes: 1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: H8bAq6AZqfAcbNhJk3xWeJqNOJLLBkNR56jIa1uWFUE=) 2: KbrSp-JA2XF2Ql8hSCrC1CbLt6g.roa (hash: Np74l2zvMHdN3u9vLx3Kbuovv22rSj7qXcnMGAme8L4=) 3: OlrGKbm_5LqtcCt6zE3f2bsHpHo.roa (hash: 0InvCCX8dmQtbbbD1TB9/AY+GZmHtnh1y6/8B8fnNSM=) 4: Qk4wxenHbplbAEPyAo17a6StqGs.roa (hash: UXr3zkn63bsVxvqJjGYar8uul+wIFQszrhfjj7veZwA=) 5: dlLTumfb3n-CxqJRR4-AnMwkLTU.roa (hash: SrHv5LPqu/BzOXfzAj3B6C6PsXwXQaCztouku4z+U28=) 6: jW98C7HTYm_wXjqS5OtJTAjhJTY.roa (hash: G5J6kc8fmz2XUL1SW2rQqA/EVmUIlUSPvlgZKJ3/e3E=) 7: s_2Y_yMkepo3c3mKpue0BpcLOEI.roa (hash: CCdEmfYF1+caZyf7dDJqMzhEvKYXNEI1lkVqcwoxt4U=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 01:08:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5222 (0x1466) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Apr 16 19:08:27 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df: 75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4: 33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a: 7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f: 18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8: fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57: 0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d: 37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31: 53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff: 03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8: 7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c: d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d: 05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b: 57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c: 73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb: bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d: 9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d: a7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:c2:98:29:f5:31:a7:28:4f:a4:5e:47:bd:ef:14:94:97:b4: 0e:e4:2d:cd:9f:a8:7f:3c:ab:15:19:be:6c:16:0d:22:84:b2: ba:5a:e7:c2:7b:02:7f:8e:fa:fe:06:42:ef:11:7a:ac:30:4a: ca:9f:11:e8:79:e2:51:59:1e:37:85:28:22:1c:8c:74:6c:3a: 6e:fd:81:7d:3b:f5:26:f2:55:17:b7:ea:62:78:47:63:b6:d3: 07:bd:bc:f5:e6:36:87:26:c3:4d:1b:e2:67:cc:39:07:9b:17: 2e:89:b0:35:b9:08:b1:29:4d:c4:09:05:d6:40:ce:a4:57:34: f8:c3:4f:99:49:c3:6b:af:7e:c1:ad:13:a0:75:0d:62:58:86: a8:05:65:bc:67:ea:03:5b:eb:12:bc:45:a9:ae:df:fd:f8:80: cf:be:90:51:02:49:c0:c0:d3:25:b1:fc:44:ac:4b:f9:93:a8: e8:c5:9a:c3:4c:de:97:91:37:5f:58:ef:1e:4b:de:cf:4d:73: 38:a1:2d:9d:6f:3f:76:19:20:b8:2c:ca:63:80:3b:d9:27:38: 93:cc:5e:58:33:d4:e7:77:c8:3f:cd:98:b2:a2:20:71:a4:a5: 57:40:34:ed:f6:73:fc:3f:50:f3:65:fc:1c:cb:cd:11:4b:a3: 9d:de:5e:0e -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA0MTYx OTA4MjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1 QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v /wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQCDwpgp9TGnKE+kXke97xSUl7QO5C3Nn6h/PKsVGb5sFg0ihLK6WufCewJ/jvr+ BkLvEXqsMErKnxHoeeJRWR43hSgiHIx0bDpu/YF9O/Um8lUXt+pieEdjttMHvbz1 5jaHJsNNG+JnzDkHmxcuibA1uQixKU3ECQXWQM6kVzT4w0+ZScNrr37BrROgdQ1i WIaoBWW8Z+oDW+sSvEWprt/9+IDPvpBRAknAwNMlsfxErEv5k6joxZrDTN6XkTdf WO8eS97PTXM4oS2dbz92GSC4LMpjgDvZJziTzF5YM9Tnd8g/zZiyoiBxpKVXQDTt 9nP8P1DzZfwcy80RS6Od3l4O -----END CERTIFICATE-----Generated at Thu Apr 17 00:36:17 2025 by rpki-client