$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft File: OrqLQlIyvliWg5beMqjrWgXuplg.mft (raw, json) Hash identifier: rBAuED7hDW5y3psWGgJCOmpyZqZADz3dmKvVF7lYYEg= Subject key identifier: EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58 Certificate issuer: /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658 Certificate serial: 1DBD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft Manifest number: 1DB3 Signing time: Sat 26 Apr 2025 13:08:09 +0000 Manifest this update: Sat 26 Apr 2025 13:08:09 +0000 Manifest next update: Sat 26 Apr 2025 19:08:09 +0000 Files and hashes: 1: 9BneQEOFwVmbNV9qi1-Mifgisio.roa (hash: j8Zpmg3gffAltASgieZws8QEaUrwW5YvuNKDhkgVhao=) 2: OrqLQlIyvliWg5beMqjrWgXuplg.crl (hash: P28s8cFrrpVjNHGowIS5gnXMSClRsJw+6vb7wCXH4TI=) 3: tRswCJdL2GSrkhJ4sEMCKesQ7Qc.roa (hash: G0Oe7HR1J3rXDzcBIqEhXwBkH9bfb0Jw85W7o7SLlc0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7613 (0x1dbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658 Validity Not Before: Apr 26 13:08:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=EE3D61325FA4158F6DD8753251AAA0A434319DAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4a:bf:c1:b3:f6:44:ba:99:72:56:cb:1f:b3: 33:33:73:4e:03:34:6d:68:51:d4:2e:d3:f3:99:db: a5:47:b5:52:24:59:1f:31:c9:99:f2:42:a3:78:6b: 29:d6:70:26:97:8c:3d:d1:bf:0c:04:01:6e:72:9f: 9b:41:14:eb:2d:bc:db:b6:ab:ed:2b:5f:1b:a6:f1: 56:0b:6e:15:69:89:4b:3e:1f:d3:ce:ae:90:48:ab: fd:07:de:04:40:7a:ef:52:20:c2:c1:bd:b8:2e:19: 11:71:82:24:72:ad:09:42:84:cf:0a:ac:7e:6a:f4: 93:5e:20:86:65:82:6a:7a:15:fd:29:8e:59:74:0d: 0f:73:3f:78:d7:3b:11:e6:7c:af:e1:75:1b:58:82: 89:37:b1:c9:6a:b8:11:00:35:25:51:ff:81:2d:9b: 80:d6:88:03:10:90:f7:49:06:81:1f:ca:b1:fc:4c: 29:f1:db:4c:ca:e2:47:0d:52:28:cb:a5:9c:a0:09: 2d:ea:c8:95:1a:a0:bd:2e:93:af:0c:f6:c2:d2:89: 66:bc:0a:82:9d:2b:6d:40:29:8c:68:8b:06:85:7f: b7:85:1e:05:92:30:d7:7c:86:66:cb:9a:41:a4:52: 7b:e7:f9:ab:be:06:f1:8a:48:85:23:b5:45:f7:6f: ea:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF X509v3 Authority Key Identifier: keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:53:fb:b9:15:3b:ee:40:ef:08:42:09:40:86:c2:66:60:ff: 69:fb:d8:e1:f6:ce:f0:07:15:44:53:7c:45:44:36:11:84:c2: ff:4f:7e:3c:53:95:c8:68:33:96:85:35:b7:91:02:e7:94:26: ed:d8:81:0c:47:87:50:07:42:7c:2a:7e:fe:26:4f:e0:64:00: 8e:41:aa:12:d9:68:4d:71:d5:8d:ef:64:9b:ac:7f:d0:c2:70: f5:b1:bf:d3:94:b3:19:e0:55:76:11:68:f0:23:1c:14:16:ec: 6b:73:1a:f8:ab:98:b8:a6:a9:c0:0a:0a:bc:59:34:d2:01:63: 3f:47:27:4a:e1:bb:c7:4d:c1:34:52:a3:e8:b8:c8:b1:f8:7d: 95:39:e4:3b:5a:a7:9c:ca:a6:49:4f:65:7d:2b:59:ad:d9:83: 28:f2:78:11:f3:eb:9b:a3:23:61:e7:fb:d5:2d:66:de:b6:65: 6e:0a:9f:22:aa:63:3a:c5:9f:4f:25:71:65:b1:37:50:82:da: bb:0a:65:c4:38:3e:fc:6e:06:a4:bc:3c:b1:1b:c7:fd:6b:f7: a0:55:a2:33:06:30:7e:9e:f8:ce:5e:72:cc:ff:8a:2d:a4:cc: 04:da:a7:8c:e5:b2:a8:37:b0:06:8a:6c:8c:82:3e:00:50:87: 8f:b4:47:c1 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yNTA0MjYx MzA4MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVFM0Q2MTMyNUZBNDE1 OEY2REQ4NzUzMjUxQUFBMEE0MzQzMTlEQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8Sr/Bs/ZEuplyVssfszMzc04DNG1oUdQu0/OZ26VHtVIkWR8x yZnyQqN4aynWcCaXjD3RvwwEAW5yn5tBFOstvNu2q+0rXxum8VYLbhVpiUs+H9PO rpBIq/0H3gRAeu9SIMLBvbguGRFxgiRyrQlChM8KrH5q9JNeIIZlgmp6Ff0pjll0 DQ9zP3jXOxHmfK/hdRtYgok3sclquBEANSVR/4Etm4DWiAMQkPdJBoEfyrH8TCnx 20zK4kcNUijLpZygCS3qyJUaoL0uk68M9sLSiWa8CoKdK21AKYxoiwaFf7eFHgWS MNd8hmbLmkGkUnvn+au+BvGKSIUjtUX3b+o3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU7j1hMl+kFY9t2HUyUaqgpDQxna8wHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvT3JxTFFsSXl2bGlX ZzViZU1xanJXZ1h1cGxnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBALZT+7kVO+5A7whCCUCGwmZg/2n72OH2zvAHFURTfEVENhGEwv9PfjxTlcho M5aFNbeRAueUJu3YgQxHh1AHQnwqfv4mT+BkAI5BqhLZaE1x1Y3vZJusf9DCcPWx v9OUsxngVXYRaPAjHBQW7GtzGvirmLimqcAKCrxZNNIBYz9HJ0rhu8dNwTRSo+i4 yLH4fZU55Dtap5zKpklPZX0rWa3ZgyjyeBHz65ujI2Hn+9UtZt62ZW4KnyKqYzrF n08lcWWxN1CC2rsKZcQ4PvxuBqS8PLEbx/1r96BVojMGMH6e+M5ecsz/ii2kzATa p4zlsqg3sAaKbIyCPgBQh4+0R8E= -----END CERTIFICATE-----Generated at Sat Apr 26 15:13:11 2025 by rpki-client