$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft File: D0BCGu_TepwoYqhQBOR57yH1tgg.mft (raw, json) Hash identifier: 4/4ApR+S7ya/0EHKnmp7gNHrP0gw9NoUkUQe9hhvZtA= Subject key identifier: D2:AA:2B:81:B1:CF:2E:13:B3:38:8C:73:65:92:AD:2D:54:0B:61:33 Authority key identifier: 0F:40:42:1A:EF:D3:7A:9C:28:62:A8:50:04:E4:79:EF:21:F5:B6:08 Certificate issuer: /CN=0F40421AEFD37A9C2862A85004E479EF21F5B608 Certificate serial: 1DBE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/D0BCGu_TepwoYqhQBOR57yH1tgg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft Manifest number: 1DBE Signing time: Sat 26 Apr 2025 11:08:19 +0000 Manifest this update: Sat 26 Apr 2025 11:08:19 +0000 Manifest next update: Sat 26 Apr 2025 17:08:19 +0000 Files and hashes: 1: D0BCGu_TepwoYqhQBOR57yH1tgg.crl (hash: mSnJDPVXdj9h1JQe1U1GXhzTY0KaqKbcEJikl5g+frI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/D0BCGu_TepwoYqhQBOR57yH1tgg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7614 (0x1dbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0F40421AEFD37A9C2862A85004E479EF21F5B608 Validity Not Before: Apr 26 11:08:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D2AA2B81B1CF2E13B3388C736592AD2D540B6133 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ff:49:6b:0a:0c:5a:00:44:15:cc:66:d8:93: d4:4c:39:17:54:a6:3a:37:3b:62:cd:d5:45:b1:d4: 57:2d:3b:e0:b2:b2:d4:fb:04:44:40:4b:6b:04:4c: 72:d0:14:1b:3b:79:ac:62:4b:7a:58:35:f6:46:6b: 5e:be:43:19:9b:6c:74:d5:00:86:21:f5:34:e4:34: 48:f8:bd:29:10:3f:51:10:67:71:08:fa:fb:bd:c6: 3e:dc:b5:1d:e6:6f:a0:a5:4f:35:be:d1:02:fe:17: c8:64:7e:0c:fe:59:77:ce:30:1c:eb:a9:09:25:1c: b7:ed:e9:5d:c0:10:02:a4:45:f7:b4:91:63:d4:34: 3c:53:47:39:58:3f:8e:14:bc:27:7c:8b:e5:56:12: 6a:a7:93:3d:9f:a3:bd:61:6b:ff:97:da:31:4a:5d: 25:c4:00:ec:f9:09:8f:4e:c6:e9:96:d8:51:21:59: ef:b2:45:c6:91:19:14:ab:04:32:bc:0c:6a:f5:73: 0a:69:04:61:46:b1:fb:fe:72:8c:15:50:fd:1e:67: 6b:b3:f7:ca:2b:73:6a:00:e1:cb:d6:a0:e0:cb:1a: 84:88:e1:11:11:63:2d:c0:10:56:64:d4:f3:5f:fd: 55:aa:92:2e:9b:3a:1b:df:65:58:df:81:02:8b:ad: c6:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:AA:2B:81:B1:CF:2E:13:B3:38:8C:73:65:92:AD:2D:54:0B:61:33 X509v3 Authority Key Identifier: keyid:0F:40:42:1A:EF:D3:7A:9C:28:62:A8:50:04:E4:79:EF:21:F5:B6:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/D0BCGu_TepwoYqhQBOR57yH1tgg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1089/D0BCGu_TepwoYqhQBOR57yH1tgg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:1f:f5:71:6d:4b:f7:a2:d2:0b:2b:d5:01:59:3e:3d:e3:f6: 91:6e:0d:f0:aa:62:c3:2d:c4:89:34:7c:90:ef:03:69:06:a3: 99:1d:ca:38:14:f8:1f:2e:d0:09:3c:d4:58:cf:31:c0:b4:cb: 91:66:98:08:c1:dd:c2:35:60:7e:e9:4a:31:49:0b:1c:ea:4c: 5c:0f:90:b3:ee:3f:3e:9d:a3:d4:b0:e3:4b:d3:bb:53:91:74: 15:74:71:59:1d:71:2a:71:34:03:c8:45:d1:f1:3e:db:de:5b: 93:cc:3d:ce:4e:f5:95:89:60:e3:e3:aa:22:3f:78:7a:45:ab: 67:70:f6:99:fc:f6:9b:16:46:5f:d9:96:7e:47:52:13:3d:99: a0:6d:3d:3e:11:c5:c3:7e:37:d5:cf:52:71:f2:b0:7f:86:a4: 1f:bf:90:e3:82:5e:78:dc:6c:9e:9f:83:d0:77:10:13:41:32: 20:89:e5:74:a5:74:91:ff:b6:84:7f:bb:29:58:b3:50:b4:cd: 65:c6:b4:ba:03:06:0a:bb:53:66:6c:26:fc:a6:8a:db:c5:6e: 6d:24:14:2b:f5:7a:19:09:20:5e:e6:ef:77:b5:88:b4:11:c7: 55:de:a7:84:2d:f4:9e:34:48:4e:b7:3f:70:88:f4:7f:18:66: 47:09:ae:5b -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEY0 MDQyMUFFRkQzN0E5QzI4NjJBODUwMDRFNDc5RUYyMUY1QjYwODAeFw0yNTA0MjYx MTA4MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQyQUEyQjgxQjFDRjJF MTNCMzM4OEM3MzY1OTJBRDJENTQwQjYxMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDT/0lrCgxaAEQVzGbYk9RMORdUpjo3O2LN1UWx1FctO+CystT7 BERAS2sETHLQFBs7eaxiS3pYNfZGa16+QxmbbHTVAIYh9TTkNEj4vSkQP1EQZ3EI +vu9xj7ctR3mb6ClTzW+0QL+F8hkfgz+WXfOMBzrqQklHLft6V3AEAKkRfe0kWPU NDxTRzlYP44UvCd8i+VWEmqnkz2fo71ha/+X2jFKXSXEAOz5CY9OxumW2FEhWe+y RcaRGRSrBDK8DGr1cwppBGFGsfv+cowVUP0eZ2uz98orc2oA4cvWoODLGoSI4RER Yy3AEFZk1PNf/VWqki6bOhvfZVjfgQKLrcZJAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU0qorgbHPLhOzOIxzZZKtLVQLYTMwHwYDVR0jBBgwFoAUD0BCGu/TepwoYqhQ BOR57yH1tggwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTA4 OS9EMEJDR3VfVGVwd29ZcWhRQk9SNTd5SDF0Z2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0QwQkNHdV9UZXB3b1lxaFFCT1I1N3lIMXRnZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwODkvRDBCQ0d1X1RlcHdv WXFoUUJPUjU3eUgxdGdnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAE0f9XFtS/ei0gsr1QFZPj3j9pFuDfCqYsMtxIk0fJDvA2kGo5kdyjgU+B8u 0Ak81FjPMcC0y5FmmAjB3cI1YH7pSjFJCxzqTFwPkLPuPz6do9Sw40vTu1ORdBV0 cVkdcSpxNAPIRdHxPtveW5PMPc5O9ZWJYOPjqiI/eHpFq2dw9pn89psWRl/Zln5H UhM9maBtPT4RxcN+N9XPUnHysH+GpB+/kOOCXnjcbJ6fg9B3EBNBMiCJ5XSldJH/ toR/uylYs1C0zWXGtLoDBgq7U2ZsJvymitvFbm0kFCv1ehkJIF7m73e1iLQRx1Xe p4Qt9J40SE63P3CI9H8YZkcJrls= -----END CERTIFICATE-----Generated at Sat Apr 26 15:27:31 2025 by rpki-client