$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft File: zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft (raw, json) Hash identifier: SYRt8FRCuoeK+Ct52P0p+uQUnCnNtwIb4DdAyor2aIc= Subject key identifier: 32:60:A4:7F:05:31:7A:0E:5D:CA:C6:FD:9B:82:46:AE:0C:C9:8E:B6 Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D Certificate serial: 114C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft Manifest number: 1147 Signing time: Sun 19 May 2024 09:25:33 +0000 Manifest this update: Sun 19 May 2024 09:25:33 +0000 Manifest next update: Sun 19 May 2024 15:25:33 +0000 Files and hashes: 1: 9jGT2d7EzAXpdAngni132uGATjU.roa (hash: pt81msDdgZE+XkdqAvFtIlTwtRSIAN/Ljhrd6mp3VEQ=) 2: N1dupYuWa4aI3SEYctGFZgXpWT4.roa (hash: BKzyhbGxW5GCzlbytkLbvUZ4L5u4bcw3HnWu9dLaEmI=) 3: zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl (hash: mEp6r977bH87IH+tQ7cPZFm6LbfF5tBdSLsbuaDTQH0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 15:25:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4428 (0x114c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D Validity Not Before: May 19 09:25:33 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3260A47F05317A0E5DCAC6FD9B8246AE0CC98EB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d0:16:1d:f1:24:d5:4f:31:8e:f6:7f:b2:0a: 0f:6a:55:ce:e2:ef:43:77:69:91:f8:8b:ba:64:ee: 6d:13:b0:e7:93:c7:74:0d:f4:f1:71:1a:3d:e5:a5: ed:c7:68:4f:ae:56:da:ea:2d:7e:d0:4d:9f:df:9d: 66:c6:1e:3c:ac:6f:db:d7:37:c1:f0:fa:bc:a4:c8: 06:81:2c:b6:57:52:91:23:64:28:9c:16:2a:bc:24: 76:c5:f4:0e:2c:6c:a3:86:16:d4:92:d0:a3:97:aa: 94:c8:0b:63:bd:3d:16:90:4d:95:47:3a:d2:c2:1e: b7:08:6e:fc:cc:6a:3f:d0:1b:29:06:6d:ea:c3:86: 11:ae:18:33:d8:2c:e8:85:80:c1:9c:06:84:86:f7: a4:0a:6c:33:34:8a:31:f2:00:9c:36:83:1a:93:0d: fb:96:60:d0:6a:de:ce:17:77:91:ac:84:67:67:98: 7b:e3:dd:41:37:fb:f8:13:b0:5a:4e:aa:3c:e1:a5: 85:66:5b:71:c6:c9:7f:05:ee:54:da:97:e2:58:e8: 50:eb:c4:8c:be:28:dd:c3:5a:a3:91:5d:24:99:45: 41:ef:0a:92:84:30:bc:7c:7b:67:0e:e6:06:ba:16: 53:2e:31:76:cb:54:43:69:8e:2d:e4:b1:31:02:16: b6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:60:A4:7F:05:31:7A:0E:5D:CA:C6:FD:9B:82:46:AE:0C:C9:8E:B6 X509v3 Authority Key Identifier: keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:97:0a:c3:a8:c2:fb:b3:f3:35:1a:27:41:e0:43:4a:cb:d3: 93:4b:21:63:b5:f6:f4:75:c6:89:f5:2f:3b:0d:d9:15:c6:38: ca:1b:5b:68:89:b3:89:5f:55:9d:fb:c2:94:f7:7f:f2:e1:42: f7:cf:05:fb:5f:a5:71:6b:e6:6e:16:30:d5:21:2d:69:ee:eb: 02:44:d0:22:e7:10:54:73:4a:13:af:7f:80:c4:75:32:89:77: c0:44:09:5a:5f:44:58:bf:f6:b2:0d:36:4d:2d:98:71:73:7d: 28:54:39:d5:a5:09:eb:07:43:af:aa:7b:42:1e:8f:26:16:8c: 4d:5d:d8:af:1b:e3:9d:c7:08:fc:16:59:b2:54:d5:ab:db:a2: 1e:d4:e7:51:23:1e:32:45:30:18:46:d5:16:bf:f4:7c:82:02: 0a:ae:02:f1:33:b6:3e:a0:e8:19:83:03:13:ac:89:56:3b:a5: 41:b3:84:b6:86:24:b9:5d:7c:7d:09:4e:ae:0e:a2:da:63:34: eb:5b:eb:96:26:60:f5:88:b9:70:b9:a4:ef:52:f0:07:36:31: 6d:36:0a:84:cd:61:80:28:56:73:c5:98:cb:64:16:7a:6d:83: d3:7d:ec:93:28:84:2a:63:dc:4b:02:47:d8:aa:c7:ec:7a:2b: 8c:7c:03:0b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICEUwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4 Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNDA1MTkw OTI1MzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyNjBBNDdGMDUzMTdB MEU1RENBQzZGRDlCODI0NkFFMENDOThFQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW0BYd8STVTzGO9n+yCg9qVc7i70N3aZH4i7pk7m0TsOeTx3QN 9PFxGj3lpe3HaE+uVtrqLX7QTZ/fnWbGHjysb9vXN8Hw+rykyAaBLLZXUpEjZCic Fiq8JHbF9A4sbKOGFtSS0KOXqpTIC2O9PRaQTZVHOtLCHrcIbvzMaj/QGykGberD hhGuGDPYLOiFgMGcBoSG96QKbDM0ijHyAJw2gxqTDfuWYNBq3s4Xd5GshGdnmHvj 3UE3+/gTsFpOqjzhpYVmW3HGyX8F7lTal+JY6FDrxIy+KN3DWqORXSSZRUHvCpKE MLx8e2cO5ga6FlMuMXbLVENpji3ksTECFrbZAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUMmCkfwUxeg5dysb9m4JGrgzJjrYwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3 L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3L3pJejNKdkl5TXBrUWgw VFdrd3Z2R05aM1JGMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQC2lwrDqML7s/M1GidB4ENKy9OTSyFjtfb0dcaJ9S87DdkVxjjKG1toibOJX1Wd +8KU93/y4UL3zwX7X6Vxa+ZuFjDVIS1p7usCRNAi5xBUc0oTr3+AxHUyiXfARAla X0RYv/ayDTZNLZhxc30oVDnVpQnrB0OvqntCHo8mFoxNXdivG+Odxwj8FlmyVNWr 26Ie1OdRIx4yRTAYRtUWv/R8ggIKrgLxM7Y+oOgZgwMTrIlWO6VBs4S2hiS5XXx9 CU6uDqLaYzTrW+uWJmD1iLlwuaTvUvAHNjFtNgqEzWGAKFZzxZjLZBZ6bYPTfeyT KIQqY9xLAkfYqsfseiuMfAML -----END CERTIFICATE-----Generated at Sun May 19 10:14:56 2024 by rpki-client on console-fra.rpki-client.org