$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft File: zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft (raw, json) Hash identifier: YymhzOcKBEz/s7nXUg/L2WLWcUK7eRj4UKeJPeVf6ok= Subject key identifier: 32:60:A4:7F:05:31:7A:0E:5D:CA:C6:FD:9B:82:46:AE:0C:C9:8E:B6 Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D Certificate serial: 14EB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft Manifest number: 14E4 Signing time: Fri 22 Nov 2024 15:23:03 +0000 Manifest this update: Fri 22 Nov 2024 15:23:03 +0000 Manifest next update: Fri 22 Nov 2024 21:23:03 +0000 Files and hashes: 1: 2ULSEoLp8a96LQmAA7rmnL8hYtA.roa (hash: 15ASpOMClfjZIzHR5T/oeV+I4b5dDp0wOAdcDdu+JKM=) 2: N1dupYuWa4aI3SEYctGFZgXpWT4.roa (hash: BKzyhbGxW5GCzlbytkLbvUZ4L5u4bcw3HnWu9dLaEmI=) 3: zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl (hash: MiOgQ2421O76R1W46ZMmHRJzpKQJvF1KR9NCix7uXaQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5355 (0x14eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D Validity Not Before: Nov 22 15:23:03 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3260A47F05317A0E5DCAC6FD9B8246AE0CC98EB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d0:16:1d:f1:24:d5:4f:31:8e:f6:7f:b2:0a: 0f:6a:55:ce:e2:ef:43:77:69:91:f8:8b:ba:64:ee: 6d:13:b0:e7:93:c7:74:0d:f4:f1:71:1a:3d:e5:a5: ed:c7:68:4f:ae:56:da:ea:2d:7e:d0:4d:9f:df:9d: 66:c6:1e:3c:ac:6f:db:d7:37:c1:f0:fa:bc:a4:c8: 06:81:2c:b6:57:52:91:23:64:28:9c:16:2a:bc:24: 76:c5:f4:0e:2c:6c:a3:86:16:d4:92:d0:a3:97:aa: 94:c8:0b:63:bd:3d:16:90:4d:95:47:3a:d2:c2:1e: b7:08:6e:fc:cc:6a:3f:d0:1b:29:06:6d:ea:c3:86: 11:ae:18:33:d8:2c:e8:85:80:c1:9c:06:84:86:f7: a4:0a:6c:33:34:8a:31:f2:00:9c:36:83:1a:93:0d: fb:96:60:d0:6a:de:ce:17:77:91:ac:84:67:67:98: 7b:e3:dd:41:37:fb:f8:13:b0:5a:4e:aa:3c:e1:a5: 85:66:5b:71:c6:c9:7f:05:ee:54:da:97:e2:58:e8: 50:eb:c4:8c:be:28:dd:c3:5a:a3:91:5d:24:99:45: 41:ef:0a:92:84:30:bc:7c:7b:67:0e:e6:06:ba:16: 53:2e:31:76:cb:54:43:69:8e:2d:e4:b1:31:02:16: b6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:60:A4:7F:05:31:7A:0E:5D:CA:C6:FD:9B:82:46:AE:0C:C9:8E:B6 X509v3 Authority Key Identifier: keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:61:2e:fa:ed:27:c9:c1:20:1f:79:f6:3e:91:38:45:21:0b: 58:51:cd:3b:76:75:f5:0f:4f:93:f2:ab:bf:f0:7b:f9:2f:44: 71:f1:e8:ea:26:be:fb:ce:fc:d1:ab:0e:89:15:97:e6:d9:9e: d6:b8:3c:92:03:a7:0c:79:7d:8a:29:7b:47:c3:80:2d:c4:ea: 72:51:16:6b:01:2d:ca:a6:a1:2a:fa:ef:4a:f4:5b:f0:10:e7: ab:9a:f3:7f:5a:11:f3:dc:f7:1b:38:f4:f5:04:6c:94:08:9f: f6:dc:eb:6c:04:0b:05:c8:25:06:dc:cf:69:96:05:6f:b8:f1: 3c:2e:37:c4:f6:2c:bb:aa:b8:a7:b5:9b:cf:f6:80:77:06:50: e2:41:0f:34:5e:71:b0:d8:68:7a:e1:38:f0:6e:7b:e7:3e:f9: 98:c7:15:1a:7a:c7:52:40:6a:67:12:e2:45:d7:4b:53:80:8b: 5d:a6:6b:e6:eb:e6:be:63:bd:31:c4:7f:50:66:f6:d9:fb:74: 3a:19:da:10:d1:27:73:a5:68:8d:9e:06:ad:bc:68:45:11:37: e6:07:a3:c0:dc:a9:f4:c7:9e:a9:13:6c:de:7b:f0:b8:0a:d1: 67:a9:ff:06:66:3c:29:30:7e:f9:1a:4f:1d:e7:9b:e0:d5:4f: 01:28:10:6e -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4 Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNDExMjIx NTIzMDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMyNjBBNDdGMDUzMTdB MEU1RENBQzZGRDlCODI0NkFFMENDOThFQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW0BYd8STVTzGO9n+yCg9qVc7i70N3aZH4i7pk7m0TsOeTx3QN 9PFxGj3lpe3HaE+uVtrqLX7QTZ/fnWbGHjysb9vXN8Hw+rykyAaBLLZXUpEjZCic Fiq8JHbF9A4sbKOGFtSS0KOXqpTIC2O9PRaQTZVHOtLCHrcIbvzMaj/QGykGberD hhGuGDPYLOiFgMGcBoSG96QKbDM0ijHyAJw2gxqTDfuWYNBq3s4Xd5GshGdnmHvj 3UE3+/gTsFpOqjzhpYVmW3HGyX8F7lTal+JY6FDrxIy+KN3DWqORXSSZRUHvCpKE MLx8e2cO5ga6FlMuMXbLVENpji3ksTECFrbZAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUMmCkfwUxeg5dysb9m4JGrgzJjrYwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3 L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3L3pJejNKdkl5TXBrUWgw VFdrd3Z2R05aM1JGMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQByYS767SfJwSAfefY+kThFIQtYUc07dnX1D0+T8qu/8Hv5L0Rx8ejqJr77zvzR qw6JFZfm2Z7WuDySA6cMeX2KKXtHw4AtxOpyURZrAS3KpqEq+u9K9FvwEOermvN/ WhHz3PcbOPT1BGyUCJ/23OtsBAsFyCUG3M9plgVvuPE8LjfE9iy7qrintZvP9oB3 BlDiQQ80XnGw2Gh64TjwbnvnPvmYxxUaesdSQGpnEuJF10tTgItdpmvm6+a+Y70x xH9QZvbZ+3Q6GdoQ0SdzpWiNngatvGhFETfmB6PA3Kn0x56pE2zee/C4CtFnqf8G ZjwpMH75Gk8d55vg1U8BKBBu -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:48 2024 by rpki-client on console-ams.rpki-client.org