$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft File: vCE9aodm-DafWThfda8AgjreZgQ.mft (raw, json) Hash identifier: YEZLBT7pU08X/dY22TUhSu2Dbcha6GHaHOOYdRKSLVI= Subject key identifier: E5:37:31:37:0F:30:FD:B2:60:24:BF:A4:9C:E6:31:57:A0:6E:E4:97 Authority key identifier: BC:21:3D:6A:87:66:F8:36:9F:59:38:5F:75:AF:00:82:3A:DE:66:04 Certificate issuer: /CN=BC213D6A8766F8369F59385F75AF00823ADE6604 Certificate serial: 1667 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vCE9aodm-DafWThfda8AgjreZgQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft Manifest number: 1667 Signing time: Sat 26 Apr 2025 09:36:27 +0000 Manifest this update: Sat 26 Apr 2025 09:36:27 +0000 Manifest next update: Sat 26 Apr 2025 15:36:27 +0000 Files and hashes: 1: vCE9aodm-DafWThfda8AgjreZgQ.crl (hash: Z2GWkoasHtRPAl+jUpX4EQwGVOZ9i/L12QYvhl1IMWo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vCE9aodm-DafWThfda8AgjreZgQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5735 (0x1667) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BC213D6A8766F8369F59385F75AF00823ADE6604 Validity Not Before: Apr 26 09:36:27 2025 GMT Not After : Sep 27 02:44:45 2025 GMT Subject: CN=E53731370F30FDB26024BFA49CE63157A06EE497 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:0b:fe:3b:37:bc:61:45:56:d7:30:80:48:3b: 74:d7:66:f5:fa:3d:5b:1f:ec:fd:85:de:58:b3:5a: 8b:ba:06:8b:d7:8d:c0:39:27:70:29:a3:8f:d5:a4: a5:ae:2b:ea:27:e1:0b:11:75:8d:6e:0d:bb:38:b9: 5b:af:bf:3e:90:db:2c:9d:22:b9:c5:1a:fc:66:27: 9f:2c:6d:65:05:df:9a:98:38:88:b3:67:60:c4:0f: 0d:17:00:86:f8:fe:9d:9f:e0:c6:af:b6:b8:12:60: 4d:67:e3:a6:cf:b1:81:24:eb:4d:88:81:10:90:b2: 85:5b:6b:f3:f5:7d:da:bc:ed:bd:41:fb:88:34:7a: 4e:65:18:0d:e0:25:e2:b4:c0:77:b7:d7:4f:3a:0a: af:1c:c1:2f:be:89:7d:59:5b:b2:91:5b:dc:9a:79: 78:be:27:1c:1c:e9:ea:cc:62:e0:2d:aa:0e:ab:e8: c0:92:a2:cd:07:db:86:7e:59:51:60:05:6f:a1:59: 3e:20:05:a4:16:c4:85:11:68:a3:61:cf:e4:ba:5f: c7:e0:f6:a1:0f:5c:76:30:d7:fa:56:b7:b8:6a:ab: e7:17:11:51:75:86:27:1e:f7:a6:4a:c2:10:2d:a1: fb:4d:71:da:9f:09:8e:b1:4b:3f:9b:a8:c6:c9:44: 22:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:37:31:37:0F:30:FD:B2:60:24:BF:A4:9C:E6:31:57:A0:6E:E4:97 X509v3 Authority Key Identifier: keyid:BC:21:3D:6A:87:66:F8:36:9F:59:38:5F:75:AF:00:82:3A:DE:66:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vCE9aodm-DafWThfda8AgjreZgQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1377/vCE9aodm-DafWThfda8AgjreZgQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:1d:19:36:80:6d:c7:f2:e4:d6:51:cd:4c:9f:5e:18:0d:b0: 83:58:f2:95:65:dd:7f:cb:d0:8c:58:01:7e:9b:29:a7:9d:12: 5e:29:68:60:48:c7:c4:ad:f6:64:5f:c1:b9:a3:94:7f:a0:82: 72:86:64:8d:ef:bd:e6:1c:53:0e:84:5a:2f:2e:c7:a4:52:fc: 7b:59:48:18:2b:07:8f:3a:dc:c7:32:e3:58:1d:74:5b:a5:25: 71:85:82:ee:01:53:2f:7d:f3:37:bc:6b:bb:a0:f2:66:76:4c: 76:45:08:0a:83:b8:89:4d:32:03:d3:b9:69:97:a6:03:57:18: 05:16:ae:66:82:ec:95:f6:eb:f1:b2:78:1b:92:24:74:28:13: 15:15:8e:b8:0f:0f:c4:ee:d2:1e:62:bd:a9:a9:9f:f4:24:30: 13:06:6c:15:5a:5e:c2:50:0f:94:a3:e1:5f:68:aa:af:5c:fb: b9:b0:89:b6:93:9f:1b:53:63:26:11:04:de:74:99:c8:a1:d9: 03:73:49:20:5f:8b:fd:91:16:3e:fc:df:e1:63:ca:75:c6:a4: f6:d6:a3:d7:ae:a5:5e:49:cf:b6:d1:bf:b4:3d:f5:59:72:b7: e1:a2:20:c7:2d:bb:df:d5:14:4a:65:db:28:ae:45:bb:cb:2d: db:1f:d1:c2 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICFmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkMy MTNENkE4NzY2RjgzNjlGNTkzODVGNzVBRjAwODIzQURFNjYwNDAeFw0yNTA0MjYw OTM2MjdaFw0yNTA5MjcwMjQ0NDVaMDMxMTAvBgNVBAMTKEU1MzczMTM3MEYzMEZE QjI2MDI0QkZBNDlDRTYzMTU3QTA2RUU0OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnC/47N7xhRVbXMIBIO3TXZvX6PVsf7P2F3lizWou6BovXjcA5 J3Apo4/VpKWuK+on4QsRdY1uDbs4uVuvvz6Q2yydIrnFGvxmJ58sbWUF35qYOIiz Z2DEDw0XAIb4/p2f4MavtrgSYE1n46bPsYEk602IgRCQsoVba/P1fdq87b1B+4g0 ek5lGA3gJeK0wHe31086Cq8cwS++iX1ZW7KRW9yaeXi+Jxwc6erMYuAtqg6r6MCS os0H24Z+WVFgBW+hWT4gBaQWxIURaKNhz+S6X8fg9qEPXHYw1/pWt7hqq+cXEVF1 hice96ZKwhAtoftNcdqfCY6xSz+bqMbJRCJrAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU5TcxNw8w/bJgJL+knOYxV6Bu5JcwHwYDVR0jBBgwFoAUvCE9aodm+DafWThf da8AgjreZgQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 Ny92Q0U5YW9kbS1EYWZXVGhmZGE4QWdqcmVaZ1EuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZDRTlhb2RtLURhZldUaGZkYThBZ2pyZVpnUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzcvdkNFOWFvZG0tRGFm V1RoZmRhOEFnanJlWmdRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEUdGTaAbcfy5NZRzUyfXhgNsINY8pVl3X/L0IxYAX6bKaedEl4paGBIx8St 9mRfwbmjlH+ggnKGZI3vveYcUw6EWi8ux6RS/HtZSBgrB4863Mcy41gddFulJXGF gu4BUy998ze8a7ug8mZ2THZFCAqDuIlNMgPTuWmXpgNXGAUWrmaC7JX26/GyeBuS JHQoExUVjrgPD8Tu0h5ivampn/QkMBMGbBVaXsJQD5Sj4V9oqq9c+7mwibaTnxtT YyYRBN50mcih2QNzSSBfi/2RFj783+FjynXGpPbWo9eupV5Jz7bRv7Q99Vlyt+Gi IMctu9/VFEpl2yiuRbvLLdsf0cI= -----END CERTIFICATE-----Generated at Sat Apr 26 15:10:22 2025 by rpki-client