$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft File: KnEap9xgBJsLDYhIl-AVsRcfN7k.mft (raw, json) Hash identifier: atUo0px82jB5RYKdenXqFQsL5fbcQoeNgG0MZNwm9AE= Subject key identifier: FF:A4:BA:66:D2:94:5D:86:DB:E7:BB:E8:FF:38:6F:D9:B3:2A:52:ED Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 20BB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft Manifest number: 204B Signing time: Fri 25 Jul 2025 05:10:34 +0000 Manifest this update: Fri 25 Jul 2025 05:10:34 +0000 Manifest next update: Fri 25 Jul 2025 11:10:34 +0000 Files and hashes: 1: Cx_PMXrwCzMbeqeFlDPfklmRXzE.roa (hash: sfsnweCmG/jHm5nbrPsozdJRdYLLaS3/WMbJAlYUq4E=) 2: KnEap9xgBJsLDYhIl-AVsRcfN7k.crl (hash: g7qxZTEIti8tpEF5GmLGKV8iNPAiOSvo4k8Ez0Sz77o=) 3: LybZbI5zyJ39JstrkEFIrhtylh8.roa (hash: z+mmcbUMAd//4i4kPYabxYduaYkJ6sfVgx+jU46dJGg=) 4: M5WxiIlYCW6SZUTRDTbxa2LnzjU.roa (hash: m9tbtocpg4JKbwsMbWXBIPlz4frao3dfUdJHi7zrZgg=) 5: S4HbotJRQ5_GhRWt9jAb8IEQHDw.roa (hash: otv2lZAvLzrW3EDlzi9Lnv7aEft9dRekQtock8hNwT0=) 6: Yld0PLcu0kDFCM8FFa_e7PUkDBs.roa (hash: Weph8XosCTlgY4xUw8VOwWRpLaXRiZ0P1fwqSL0Cp+s=) 7: e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa (hash: NYEeAcBUsCB/ll8/IHHqbGto+nzHjpAiEbkf5GDxZjk=) 8: ekrQ2H8Y7kK2OjtlUfog_0LDO9E.roa (hash: UR8yfOSNtZ8AIr4CYZRJyls32R0dt4IjVnP4OTe1F1E=) 9: lU4MINnEocHPf7DsLjN6TqQBr9g.roa (hash: nWkWTYJDtFBZOZTTk+NylLr//gEQhbEtZuQsgeEL7No=) 10: mZ4wa3h5VnP3HhPa70W14S6h7_4.roa (hash: lcRoNbfxH5p4M1W+4xZaSBgfZt5WaNW+2CNCqFsymZU=) 11: qPTdKAqShrGpfL0vzX2Thwykdz4.roa (hash: G5XyzrC9DKKQXTNoqtUT55LljRWAhx2tEjRJFr4VKkg=) 12: rN5X1L8tl_GX_nzqwu1OyA5bT10.roa (hash: Gdm71Ynfr1CK1VYWBpYU6mNFZ9abPsblKlI3Q/vvryI=) 13: sMntCxUtK_jseejaS5-JuTzGRbo.roa (hash: W/RCOC1i921KNgUzkOxQpq7Cf8D/JtxRY4PxIMJC1do=) 14: uAf5pUFdtYtdOx45Hj4gHBGOKJE.roa (hash: 6JrQVp7ySTlmiK0e6//AOGp9uZShw5JAgDSFSxnbhKs=) 15: vxkYrgp7CFmcPITnZQ7G-ZRYsZ0.roa (hash: wbJjJh+2zu6VAgdzbvpTOYocrmVQMGQy2rapGPepPKw=) 16: yVZNZqdbW5_Cz0l5jiC27M47H_4.roa (hash: cMxeCjc8ROq48HrS48yFe56NPv4CmYX6+Y/k0JWTvj0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 11:10:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8379 (0x20bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Jul 25 05:10:34 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=FFA4BA66D2945D86DBE7BBE8FF386FD9B32A52ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:5c:59:98:50:2b:67:d0:e5:23:8b:30:5c:b4: 86:f5:ae:45:a0:e4:81:45:f3:d8:64:e9:d9:ce:e4: 23:3d:d4:25:d7:80:b5:7b:dd:14:5b:d0:e0:6a:a1: 16:ae:47:fe:8a:9e:96:38:c2:11:aa:9b:35:89:02: d4:43:bc:76:b7:ae:8d:d5:79:39:a7:6a:fd:11:5a: 7a:3c:55:52:a6:d7:7f:d5:ab:50:61:5b:b9:cf:65: b6:3a:19:e2:32:8c:49:04:fb:69:1e:1b:f0:c7:d1: 25:05:a1:47:01:1a:6f:24:ed:5b:38:2e:9a:8b:69: cc:ea:32:c7:9d:f7:96:0d:09:0f:31:9d:a3:67:4f: ed:d2:ae:b8:0f:d1:a2:c0:45:f5:47:d0:21:1a:10: 8f:16:d2:b3:f2:3e:ad:8b:22:8b:44:7f:eb:b7:c4: 9f:fe:81:ee:e1:59:d7:36:dc:5b:fe:fc:48:4c:5f: ca:48:f0:22:79:f0:ad:fd:e3:be:f0:84:5b:73:a1: fb:e6:a0:eb:db:27:4c:c9:c4:98:f8:e0:63:18:f9: 73:88:c4:93:f3:b6:eb:36:f3:48:ee:75:54:bb:f8: 51:2c:4e:4c:2d:f3:2c:e0:ce:2e:68:ce:56:cf:ed: c2:4a:1b:1c:b9:a7:a6:76:5b:d6:53:1c:30:b1:74: 73:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:A4:BA:66:D2:94:5D:86:DB:E7:BB:E8:FF:38:6F:D9:B3:2A:52:ED X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:77:d5:16:ef:3a:a6:21:1c:0b:5f:af:ae:9b:28:6c:76:07: c6:4d:bc:03:c7:8d:3d:f8:4e:03:de:81:d8:1c:88:ef:3f:99: fb:75:fb:61:15:56:0b:39:bf:ea:11:68:ad:b5:5a:d8:66:f7: 46:77:15:ca:09:38:62:f5:0d:d0:f0:ad:c8:c1:e8:1f:f3:02: 1f:25:08:c5:d3:b5:2e:df:f8:59:c4:6d:d9:47:3c:bf:14:2d: bd:a9:21:67:d1:c3:70:b8:65:1c:4a:33:43:47:f3:3e:21:d2: 21:c2:ed:3a:cb:8a:1b:de:2f:e9:7b:c6:4a:0b:5e:b7:46:0d: 5b:ee:08:2f:d7:e0:24:1e:5d:17:86:79:c0:52:c5:94:b4:3b: 00:31:7a:b2:13:d4:44:66:84:9c:37:bc:e0:9f:f7:be:5a:c7: ae:10:6f:96:98:b7:0c:53:ca:5e:2a:ae:49:a1:4d:35:fd:dd: 2e:d6:11:b0:fb:df:99:aa:68:9d:ef:d5:f3:53:97:d2:62:25: 10:31:33:4d:da:4f:fd:8d:5d:ef:15:f3:2e:4e:5e:51:93:23: c2:45:43:56:92:6f:0c:b0:44:53:b4:bc:5f:29:51:85:06:81: 43:ba:1c:69:f0:d5:0d:2c:26:1f:d0:d4:60:21:0d:d8:4f:7a: 2b:7f:73:55 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICILswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA3MjUw NTEwMzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZGQTRCQTY2RDI5NDVE ODZEQkU3QkJFOEZGMzg2RkQ5QjMyQTUyRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTXFmYUCtn0OUjizBctIb1rkWg5IFF89hk6dnO5CM91CXXgLV7 3RRb0OBqoRauR/6KnpY4whGqmzWJAtRDvHa3ro3VeTmnav0RWno8VVKm13/Vq1Bh W7nPZbY6GeIyjEkE+2keG/DH0SUFoUcBGm8k7Vs4LpqLaczqMsed95YNCQ8xnaNn T+3SrrgP0aLARfVH0CEaEI8W0rPyPq2LIotEf+u3xJ/+ge7hWdc23Fv+/EhMX8pI 8CJ58K39477whFtzofvmoOvbJ0zJxJj44GMY+XOIxJPztus280judVS7+FEsTkwt 8yzgzi5ozlbP7cJKGxy5p6Z2W9ZTHDCxdHNjAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU/6S6ZtKUXYbb57vo/zhv2bMqUu0wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0tuRWFwOXhnQkpzTERZ aElsLUFWc1JjZk43ay5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAwd9UW7zqmIRwLX6+umyhsdgfGTbwDx409+E4D3oHYHIjvP5n7dfthFVYLOb/q EWittVrYZvdGdxXKCThi9Q3Q8K3Iwegf8wIfJQjF07Uu3/hZxG3ZRzy/FC29qSFn 0cNwuGUcSjNDR/M+IdIhwu06y4ob3i/pe8ZKC163Rg1b7ggv1+AkHl0XhnnAUsWU tDsAMXqyE9REZoScN7zgn/e+WseuEG+WmLcMU8peKq5JoU01/d0u1hGw+9+Zqmid 79XzU5fSYiUQMTNN2k/9jV3vFfMuTl5RkyPCRUNWkm8MsERTtLxfKVGFBoFDuhxp 8NUNLCYf0NRgIQ3YT3orf3NV -----END CERTIFICATE-----Generated at Fri Jul 25 07:09:07 2025 by rpki-client