$ rpki-client -vvf rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft File: D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft (raw, json) Hash identifier: anfNb4dlGPfaKs2BNXHOmFm7OeCPRZhCnwQ6MYdyl5k= Subject key identifier: 91:C3:81:95:F7:C7:C1:95:A6:CD:A2:07:44:AB:D9:8F:22:86:26:A3 Authority key identifier: D1:24:86:07:B0:DD:D0:A2:16:E8:D7:FA:C5:E2:C2:E7:77:0A:11:39 Certificate issuer: /CN=A91E5D610000/serialNumber=D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139 Certificate serial: 312D0D297101632F493E718D868964F44EFB120B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0SSGB7Dd0KIW6Nf6xeLC53cKETk.cer Subject info access: rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft Manifest number: 41 Signing time: Fri 25 Apr 2025 14:25:53 +0000 Manifest this update: Fri 25 Apr 2025 14:20:53 +0000 Manifest next update: Sat 26 Apr 2025 16:10:53 +0000 Files and hashes: 1: 3130332e3136352e3131302e302f32342d3234203d3e2034353338.roa (hash: JFCS9e0aLryMYeNDBnDNiNrsCRSXbd1lFhCNwVkVDrU=) 2: 3130332e3136352e3131312e302f32342d3234203d3e2034353338.roa (hash: PNHsRydJIcZcSuQ0M2TmRWfZvicOhf+CKjeYcEuSD58=) 3: D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.crl (hash: zYTgRvvbZtVnFdRTb4gV6j1JOfaxK/D/eW4JgnFnKQU=) 4: A828E0147CD8DE9E7A474DCDF06AD96FB37738EE.cer (hash: f7exy09Qe6ik4aLqqKmpADRHOOTa550ov7CNAjQ9pWo=) Validation: OK Signature path: rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.crl rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0SSGB7Dd0KIW6Nf6xeLC53cKETk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:10:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:2d:0d:29:71:01:63:2f:49:3e:71:8d:86:89:64:f4:4e:fb:12:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610000, serialNumber=D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139 Validity Not Before: Apr 25 14:20:53 2025 GMT Not After : Apr 26 16:10:53 2025 GMT Subject: CN=91C38195F7C7C195A6CDA20744ABD98F228626A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ed:cb:bb:ba:d1:c8:71:0a:71:23:d3:fd:01: b9:fd:37:ea:8b:e1:6c:53:8f:10:a4:94:2e:97:d6: bd:3c:83:1c:1f:ff:53:93:8f:1e:4a:12:5c:80:ee: ea:af:38:90:4e:20:45:38:84:c4:f0:bb:c6:dc:a5: b3:9e:cb:4e:96:82:fe:b3:3c:d9:7e:63:4e:e2:ab: 84:ed:22:2e:d2:6e:32:78:be:3d:61:24:81:d3:bb: 2d:ca:77:4b:4b:a8:f2:b6:86:af:00:df:18:07:04: 2c:1e:62:83:66:8a:75:3f:c4:0c:cf:38:c6:3c:60: e8:2e:d9:c7:64:e5:e2:cc:ad:5b:63:3e:a0:5b:f5: e3:a8:96:bb:41:08:fb:53:38:71:d1:45:30:c4:db: fa:5e:26:19:e8:87:97:2b:08:98:ec:c2:bd:e7:40: fe:89:26:0f:b1:05:af:97:8f:ca:40:29:5d:4e:d2: 03:ce:df:45:7f:4a:db:37:92:9c:0d:6c:53:48:5d: 79:bf:c3:34:fb:af:1f:7d:2c:48:37:93:44:e7:f0: 4e:ad:94:b2:ad:e8:a2:57:fa:f9:a8:dd:a1:d0:69: b9:d0:89:99:e8:95:46:7b:df:3b:dc:f2:82:c9:01: b4:20:f2:98:69:59:7a:60:9b:7f:f6:75:10:33:f8: e4:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:C3:81:95:F7:C7:C1:95:A6:CD:A2:07:44:AB:D9:8F:22:86:26:A3 X509v3 Authority Key Identifier: keyid:D1:24:86:07:B0:DD:D0:A2:16:E8:D7:FA:C5:E2:C2:E7:77:0A:11:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0SSGB7Dd0KIW6Nf6xeLC53cKETk.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.edu.cn/repo/cernet/1/D1248607B0DDD0A216E8D7FAC5E2C2E7770A1139.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:8e:a5:42:16:9d:97:60:39:b7:63:26:91:20:db:81:88:89: f5:0d:75:40:d9:7c:cf:e9:61:14:4a:09:91:b1:36:d4:af:45: 76:1f:6e:36:2e:fd:21:09:e8:c9:78:ea:86:91:ed:d2:3f:69: ec:c4:91:8a:38:31:ed:e0:85:0b:a8:62:17:ec:bf:d4:96:b4: a7:a0:f5:0a:22:10:e9:02:27:1a:55:e0:3a:55:9d:14:2c:e9: 35:c4:1d:a0:c4:d7:e6:a9:05:37:d0:c7:09:dd:e4:43:15:82: ab:c7:e5:30:ca:c1:49:e5:c2:83:c3:f4:c3:ee:06:f7:14:66: b7:be:85:fc:b9:7c:90:d6:fb:9a:bf:9d:2b:5a:6a:c5:76:ed: d0:68:8e:fc:12:91:39:8a:8e:83:4a:5d:bb:b1:a7:2c:c8:75: b5:0a:44:bd:df:e9:7a:d7:22:c2:b9:7f:27:5f:9a:7e:c1:17: b0:8d:ee:0c:22:15:85:e0:27:de:80:9f:73:4a:48:28:7b:39: e9:1e:47:69:21:26:67:80:3f:90:96:be:3c:ee:25:2b:e5:af: 4c:17:68:05:0f:ed:be:d0:d2:9d:97:79:a1:0f:86:48:e5:95: 9b:62:fb:e6:97:ae:9b:4d:f1:82:18:26:48:1a:0f:50:24:a6: 04:58:e0:15 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIUMS0NKXEBYy9JPnGNholk9E77EgswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAwMTEwLwYDVQQFEyhEMTI0ODYwN0Iw REREMEEyMTZFOEQ3RkFDNUUyQzJFNzc3MEExMTM5MB4XDTI1MDQyNTE0MjA1M1oX DTI1MDQyNjE2MTA1M1owMzExMC8GA1UEAxMoOTFDMzgxOTVGN0M3QzE5NUE2Q0RB MjA3NDRBQkQ5OEYyMjg2MjZBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbty7u60chxCnEj0/0Buf036ovhbFOPEKSULpfWvTyDHB//U5OPHkoSXIDu 6q84kE4gRTiExPC7xtyls57LTpaC/rM82X5jTuKrhO0iLtJuMni+PWEkgdO7Lcp3 S0uo8raGrwDfGAcELB5ig2aKdT/EDM84xjxg6C7Zx2Tl4sytW2M+oFv146iWu0EI +1M4cdFFMMTb+l4mGeiHlysImOzCvedA/okmD7EFr5ePykApXU7SA87fRX9K2zeS nA1sU0hdeb/DNPuvH30sSDeTROfwTq2Usq3oolf6+ajdodBpudCJmeiVRnvfO9zy gskBtCDymGlZemCbf/Z1EDP45PUCAwEAAaOCAgMwggH/MB0GA1UdDgQWBBSRw4GV 98fBlabNogdEq9mPIoYmozAfBgNVHSMEGDAWgBTRJIYHsN3Qohbo1/rF4sLndwoR OTAOBgNVHQ8BAf8EBAMCB4AwZgYDVR0fBF8wXTBboFmgV4ZVcnN5bmM6Ly9ycGtp LmNlcm5ldC5lZHUuY24vcmVwby9jZXJuZXQvMS9EMTI0ODYwN0IwREREMEEyMTZF OEQ3RkFDNUUyQzJFNzc3MEExMTM5LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1 ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8wU1NHQjdEZDBLSVc2TmY2eGVMQzUz Y0tFVGsuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9y cGtpLmNlcm5ldC5lZHUuY24vcmVwby9jZXJuZXQvMS9EMTI0ODYwN0IwREREMEEy MTZFOEQ3RkFDNUUyQzJFNzc3MEExMTM5Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYB BQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp46lQhadl2A5t2Mm kSDbgYiJ9Q11QNl8z+lhFEoJkbE21K9Fdh9uNi79IQnoyXjqhpHt0j9p7MSRijgx 7eCFC6hiF+y/1Ja0p6D1CiIQ6QInGlXgOlWdFCzpNcQdoMTX5qkFN9DHCd3kQxWC q8flMMrBSeXCg8P0w+4G9xRmt76F/Ll8kNb7mr+dK1pqxXbt0GiO/BKROYqOg0pd u7GnLMh1tQpEvd/petciwrl/J1+afsEXsI3uDCIVheAn3oCfc0pIKHs56R5HaSEm Z4A/kJa+PO4lK+WvTBdoBQ/tvtDSnZd5oQ+GSOWVm2L75peum03xghgmSBoPUCSm BFjgFQ== -----END CERTIFICATE-----Generated at Sat Apr 26 06:01:44 2025 by rpki-client