$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft File: 2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json) Hash identifier: b33Cc6GX/fvkDarpKjD6g14GgU52EiFGuqqraIrWArQ= Subject key identifier: A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 163A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft Manifest number: 162A Signing time: Sun 20 Jul 2025 16:40:37 +0000 Manifest this update: Sun 20 Jul 2025 16:40:37 +0000 Manifest next update: Sun 20 Jul 2025 22:40:37 +0000 Files and hashes: 1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: mzMs7aaMHG+MZXden2yXfPQBHgefg7MDXyPtipYnsPM=) 2: KbrSp-JA2XF2Ql8hSCrC1CbLt6g.roa (hash: Np74l2zvMHdN3u9vLx3Kbuovv22rSj7qXcnMGAme8L4=) 3: OlrGKbm_5LqtcCt6zE3f2bsHpHo.roa (hash: 0InvCCX8dmQtbbbD1TB9/AY+GZmHtnh1y6/8B8fnNSM=) 4: Qk4wxenHbplbAEPyAo17a6StqGs.roa (hash: UXr3zkn63bsVxvqJjGYar8uul+wIFQszrhfjj7veZwA=) 5: dlLTumfb3n-CxqJRR4-AnMwkLTU.roa (hash: SrHv5LPqu/BzOXfzAj3B6C6PsXwXQaCztouku4z+U28=) 6: jW98C7HTYm_wXjqS5OtJTAjhJTY.roa (hash: G5J6kc8fmz2XUL1SW2rQqA/EVmUIlUSPvlgZKJ3/e3E=) 7: s_2Y_yMkepo3c3mKpue0BpcLOEI.roa (hash: CCdEmfYF1+caZyf7dDJqMzhEvKYXNEI1lkVqcwoxt4U=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 22:40:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5690 (0x163a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Jul 20 16:40:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df: 75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4: 33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a: 7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f: 18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8: fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57: 0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d: 37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31: 53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff: 03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8: 7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c: d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d: 05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b: 57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c: 73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb: bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d: 9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d: a7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:92:c6:98:e8:3b:9f:e4:b8:3e:62:05:5e:a8:06:d0:06:ae: 9b:90:2d:b7:a6:c1:a5:9b:ac:9e:18:6e:2e:f3:a3:c6:1b:05: 0c:f4:f0:1f:23:2f:7f:4c:77:af:8b:8a:c9:4c:75:31:85:8b: aa:d0:90:44:3d:4e:80:61:1e:c2:46:59:23:7a:12:7c:17:07: f5:02:8b:41:e6:a8:3d:89:ed:87:2a:85:eb:4b:9b:bc:2f:af: b3:c1:e3:64:df:9c:6a:62:a5:a1:87:72:2a:b2:aa:59:1d:98: f8:29:a3:65:58:b0:ed:c3:89:8b:cd:e3:a7:24:a4:60:8b:b6: 04:86:f8:bf:d7:33:6d:18:70:f0:ef:1b:55:14:01:6d:e5:e0: 41:06:76:ff:cc:49:4e:07:82:82:31:0a:ab:33:ce:4b:73:da: 37:f0:cf:87:e8:d6:2b:c5:cf:3e:21:20:e1:dc:d1:b0:1c:38: 04:d3:63:ca:7a:22:91:49:36:9d:ed:15:52:6c:06:78:48:bd: 9e:c2:ce:76:94:7a:e8:52:21:cb:9a:f1:e6:39:66:8a:87:d9: 12:2c:e3:37:44:4c:e1:a2:4a:bb:46:39:20:da:c2:aa:5f:1a: df:76:6b:24:dc:e1:d8:80:01:07:0a:fa:a0:e0:dc:e7:94:fd: 54:53:de:b3 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA3MjAx NjQwMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1 QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v /wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAQksaY6Duf5Lg+YgVeqAbQBq6bkC23psGlm6yeGG4u86PGGwUM9PAfIy9/THev i4rJTHUxhYuq0JBEPU6AYR7CRlkjehJ8Fwf1AotB5qg9ie2HKoXrS5u8L6+zweNk 35xqYqWhh3IqsqpZHZj4KaNlWLDtw4mLzeOnJKRgi7YEhvi/1zNtGHDw7xtVFAFt 5eBBBnb/zElOB4KCMQqrM85Lc9o38M+H6NYrxc8+ISDh3NGwHDgE02PKeiKRSTad 7RVSbAZ4SL2ews52lHroUiHLmvHmOWaKh9kSLOM3REzhokq7Rjkg2sKqXxrfdmsk 3OHYgAEHCvqg4NznlP1UU96z -----END CERTIFICATE-----Generated at Sun Jul 20 21:21:00 2025 by rpki-client