$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft File: KCAlirZf9h_V1m2Vlk9I76NdzIY.mft (raw, json) Hash identifier: upkwg4Nfu8dRiomyRj6gUK2SlCEZre0ofF3o9SWAtFg= Subject key identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Certificate serial: 1395 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft Manifest number: 1391 Signing time: Sat 26 Apr 2025 13:08:00 +0000 Manifest this update: Sat 26 Apr 2025 13:08:00 +0000 Manifest next update: Sat 26 Apr 2025 19:08:00 +0000 Files and hashes: 1: KCAlirZf9h_V1m2Vlk9I76NdzIY.crl (hash: urynf3ofjRx7iPfaUTvsSABIkCgN/nB8GLg1X0arZTM=) 2: WgrIRnAmsxWBO3TfjMU3y8eDt78.roa (hash: tiz5vTjFJ5BFKOBFmxtwDOUTL38Wd7N2mFJNr9UBYpk=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5013 (0x1395) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86 Validity Not Before: Apr 26 13:08:00 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F22C52B900B880022A9210A686FE1A8006C4DAEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:00:01:ef:f8:9d:ec:b2:12:09:20:58:1f:f3: bd:ff:df:54:3b:c9:ac:13:5f:ac:3e:9a:f0:59:2a: 74:83:21:ab:51:13:b2:13:63:81:d9:61:f8:5e:72: 60:1f:12:b1:10:b8:dc:7a:b2:56:21:d0:fb:d7:f2: aa:49:63:be:c8:7f:19:56:97:04:da:4e:53:1c:16: c3:31:42:cb:b6:b8:63:dc:61:e5:98:a1:85:70:f3: 67:09:3e:d7:5d:db:ba:22:5d:14:68:44:54:17:ce: af:66:c2:4f:e8:75:a9:e8:cc:15:f5:4e:86:ae:4d: bd:6c:c9:56:d8:e9:b3:55:b2:0b:eb:a7:5b:fb:a0: b1:ff:b0:ab:0f:f4:d2:07:47:cb:2c:90:1f:0e:ef: ef:7f:4a:20:a2:34:ae:d9:44:8f:d9:a7:52:23:ad: 22:31:a4:2d:eb:05:2e:7a:97:20:23:ab:b8:dc:74: 6e:b5:ef:14:54:01:f8:0d:d1:90:ef:1f:be:ed:99: aa:81:f8:f5:48:90:4c:c3:2c:07:cd:df:be:58:06: 0f:72:e1:81:bf:f1:58:33:a0:10:5c:bc:6c:0d:34: 36:2e:f3:d8:1a:b3:bd:d0:1b:c2:fa:72:fd:13:9f: ab:9b:01:90:e8:66:7d:12:2b:b9:80:20:93:cb:4f: 3f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB X509v3 Authority Key Identifier: keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:8a:92:f4:66:62:92:37:6b:2a:c3:30:5b:ee:40:08:b9:7b: 5b:fd:39:2f:96:4d:64:8f:bc:a6:ce:d5:f3:8f:60:b2:62:a3: 66:7a:cf:99:19:36:99:65:1a:93:89:29:99:78:bc:c8:ce:1e: 3e:86:03:66:d3:aa:90:5a:ab:eb:f7:8c:44:b7:a6:ff:e3:42: cf:0b:99:14:f5:b3:66:d4:1f:d1:70:80:61:fd:38:50:90:0a: 99:f8:a0:f2:3a:90:96:aa:f2:66:73:fc:ff:8c:5e:8c:29:ad: aa:2d:b6:99:c0:3e:6e:cc:ee:6c:88:6b:4c:0f:b9:bf:df:a5: d3:7d:0c:0e:2b:4b:b0:f4:b4:94:28:ad:08:03:78:0c:1a:85: 5e:80:a2:93:34:95:c1:b7:5a:6f:fd:5e:d5:e2:1f:e2:42:4b: d6:c1:51:25:e1:55:13:5d:8e:91:6d:58:f8:b1:33:e6:16:73: 9f:9e:39:54:f9:d2:5e:ad:18:0c:f4:83:49:66:c6:ec:bf:ec: 22:6b:6c:97:dc:25:85:ab:29:6b:de:d1:0e:8f:06:e9:82:8b: ea:d4:19:8d:5c:48:63:de:d0:b9:2e:69:ca:b6:2e:5c:b3:68: a6:1b:ca:75:e9:25:d6:b8:7c:b8:06:c3:f0:6c:f9:92:b9:d2: 64:4c:9d:eb -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICE5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNTA0MjYx MzA4MDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYyMkM1MkI5MDBCODgw MDIyQTkyMTBBNjg2RkUxQTgwMDZDNERBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYAAHv+J3sshIJIFgf873/31Q7yawTX6w+mvBZKnSDIatRE7IT Y4HZYfhecmAfErEQuNx6slYh0PvX8qpJY77IfxlWlwTaTlMcFsMxQsu2uGPcYeWY oYVw82cJPtdd27oiXRRoRFQXzq9mwk/odanozBX1ToauTb1syVbY6bNVsgvrp1v7 oLH/sKsP9NIHR8sskB8O7+9/SiCiNK7ZRI/Zp1IjrSIxpC3rBS56lyAjq7jcdG61 7xRUAfgN0ZDvH77tmaqB+PVIkEzDLAfN375YBg9y4YG/8VgzoBBcvGwNNDYu89ga s73QG8L6cv0Tn6ubAZDoZn0SK7mAIJPLTz83AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU8ixSuQC4gAIqkhCmhv4agAbE2uswHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvS0NBbGlyWmY5aF9W MW0yVmxrOUk3Nk5keklZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBACuKkvRmYpI3ayrDMFvuQAi5e1v9OS+WTWSPvKbO1fOPYLJio2Z6z5kZNpll GpOJKZl4vMjOHj6GA2bTqpBaq+v3jES3pv/jQs8LmRT1s2bUH9FwgGH9OFCQCpn4 oPI6kJaq8mZz/P+MXowpraottpnAPm7M7myIa0wPub/fpdN9DA4rS7D0tJQorQgD eAwahV6AopM0lcG3Wm/9XtXiH+JCS9bBUSXhVRNdjpFtWPixM+YWc5+eOVT50l6t GAz0g0lmxuy/7CJrbJfcJYWrKWve0Q6PBumCi+rUGY1cSGPe0Lkuacq2LlyzaKYb ynXpJda4fLgGw/Bs+ZK50mRMnes= -----END CERTIFICATE-----Generated at Sat Apr 26 15:12:54 2025 by rpki-client