$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft File: KCAlirZf9h_V1m2Vlk9I76NdzIY.mft (raw, json) Hash identifier: Y/04ohIoUaP41xfUba/gDCB2koHoyShSwBA8ispE6V8= Subject key identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Certificate serial: 15A3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft Manifest number: 159F Signing time: Mon 11 Aug 2025 04:03:47 +0000 Manifest this update: Mon 11 Aug 2025 04:03:47 +0000 Manifest next update: Mon 11 Aug 2025 10:03:47 +0000 Files and hashes: 1: KCAlirZf9h_V1m2Vlk9I76NdzIY.crl (hash: CPblUc5oAKsJLmzSoqonCpo2aUG3twNm8jJLqGlPuc0=) 2: WgrIRnAmsxWBO3TfjMU3y8eDt78.roa (hash: tiz5vTjFJ5BFKOBFmxtwDOUTL38Wd7N2mFJNr9UBYpk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 10:03:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5539 (0x15a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Validity Not Before: Aug 11 04:03:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F22C52B900B880022A9210A686FE1A8006C4DAEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:00:01:ef:f8:9d:ec:b2:12:09:20:58:1f:f3: bd:ff:df:54:3b:c9:ac:13:5f:ac:3e:9a:f0:59:2a: 74:83:21:ab:51:13:b2:13:63:81:d9:61:f8:5e:72: 60:1f:12:b1:10:b8:dc:7a:b2:56:21:d0:fb:d7:f2: aa:49:63:be:c8:7f:19:56:97:04:da:4e:53:1c:16: c3:31:42:cb:b6:b8:63:dc:61:e5:98:a1:85:70:f3: 67:09:3e:d7:5d:db:ba:22:5d:14:68:44:54:17:ce: af:66:c2:4f:e8:75:a9:e8:cc:15:f5:4e:86:ae:4d: bd:6c:c9:56:d8:e9:b3:55:b2:0b:eb:a7:5b:fb:a0: b1:ff:b0:ab:0f:f4:d2:07:47:cb:2c:90:1f:0e:ef: ef:7f:4a:20:a2:34:ae:d9:44:8f:d9:a7:52:23:ad: 22:31:a4:2d:eb:05:2e:7a:97:20:23:ab:b8:dc:74: 6e:b5:ef:14:54:01:f8:0d:d1:90:ef:1f:be:ed:99: aa:81:f8:f5:48:90:4c:c3:2c:07:cd:df:be:58:06: 0f:72:e1:81:bf:f1:58:33:a0:10:5c:bc:6c:0d:34: 36:2e:f3:d8:1a:b3:bd:d0:1b:c2:fa:72:fd:13:9f: ab:9b:01:90:e8:66:7d:12:2b:b9:80:20:93:cb:4f: 3f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB X509v3 Authority Key Identifier: keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:72:52:bb:e1:0a:46:56:0d:f1:5c:dc:a5:0a:78:fd:32:9c: 30:32:84:65:0d:01:ce:f3:27:55:4b:7b:ce:af:3d:88:12:65: 89:7e:df:04:f8:b4:ea:0b:45:0f:c7:1c:d8:fa:6c:6c:10:9b: 53:7f:78:f8:24:1f:3f:10:74:32:51:e6:bb:c8:4a:18:16:c9: fe:ad:80:a7:97:73:c2:04:9e:c5:c7:2b:5d:b0:9e:9e:4d:da: 78:10:c7:a4:d7:64:3b:ba:df:a4:2b:41:1a:2c:44:90:ec:7b: 8f:06:91:11:27:b2:fe:92:dd:94:79:f1:75:b3:b5:b3:31:85: 68:ff:7a:27:65:a4:f6:5a:72:3e:2e:9a:17:36:eb:22:22:8c: 2b:b1:24:78:eb:09:ab:ce:a7:51:5a:f6:02:7d:fe:9a:74:42: 2d:14:68:e0:bb:8f:fe:4c:df:c9:a7:a4:99:2e:11:8a:39:f3: 4e:00:dd:79:44:04:bf:b7:c6:4e:74:d6:26:1b:89:bd:eb:43: c8:05:48:f5:f3:15:ea:38:dc:02:d2:74:14:44:3f:d4:a6:ca: bf:e2:a1:24:a7:99:3d:55:f0:b7:70:ef:7e:53:2f:9e:2a:52: 58:7b:15:48:28:d5:0a:ec:75:78:7c:8f:7a:35:5b:e4:72:07: d9:93:f7:ed -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICFaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNTA4MTEw NDAzNDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYyMkM1MkI5MDBCODgw MDIyQTkyMTBBNjg2RkUxQTgwMDZDNERBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYAAHv+J3sshIJIFgf873/31Q7yawTX6w+mvBZKnSDIatRE7IT Y4HZYfhecmAfErEQuNx6slYh0PvX8qpJY77IfxlWlwTaTlMcFsMxQsu2uGPcYeWY oYVw82cJPtdd27oiXRRoRFQXzq9mwk/odanozBX1ToauTb1syVbY6bNVsgvrp1v7 oLH/sKsP9NIHR8sskB8O7+9/SiCiNK7ZRI/Zp1IjrSIxpC3rBS56lyAjq7jcdG61 7xRUAfgN0ZDvH77tmaqB+PVIkEzDLAfN375YBg9y4YG/8VgzoBBcvGwNNDYu89ga s73QG8L6cv0Tn6ubAZDoZn0SK7mAIJPLTz83AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU8ixSuQC4gAIqkhCmhv4agAbE2uswHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvS0NBbGlyWmY5aF9W MW0yVmxrOUk3Nk5keklZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAVyUrvhCkZWDfFc3KUKeP0ynDAyhGUNAc7zJ1VLe86vPYgSZYl+3wT4tOoL RQ/HHNj6bGwQm1N/ePgkHz8QdDJR5rvIShgWyf6tgKeXc8IEnsXHK12wnp5N2ngQ x6TXZDu636QrQRosRJDse48GkREnsv6S3ZR58XWztbMxhWj/eidlpPZacj4umhc2 6yIijCuxJHjrCavOp1Fa9gJ9/pp0Qi0UaOC7j/5M38mnpJkuEYo5804A3XlEBL+3 xk501iYbib3rQ8gFSPXzFeo43ALSdBREP9Smyr/ioSSnmT1V8Ldw735TL54qUlh7 FUgo1QrsdXh8j3o1W+RyB9mT9+0= -----END CERTIFICATE-----Generated at Mon Aug 11 07:42:38 2025 by rpki-client