$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft File: IGM8jmnuaH1MQSPQwJea0UTlXrc.mft (raw, json) Hash identifier: QS9ryOdMCJ7eFMTyM5JNFNJY6jqKCbi73sNhIuRKYMA= Subject key identifier: 8A:73:24:BA:58:30:A5:5C:DA:6E:BE:7C:2F:41:0F:BC:89:0A:40:04 Authority key identifier: 20:63:3C:8E:69:EE:68:7D:4C:41:23:D0:C0:97:9A:D1:44:E5:5E:B7 Certificate issuer: /CN=20633C8E69EE687D4C4123D0C0979AD144E55EB7 Certificate serial: 5479 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IGM8jmnuaH1MQSPQwJea0UTlXrc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft Manifest number: 5479 Signing time: Wed 13 Aug 2025 16:02:20 +0000 Manifest this update: Wed 13 Aug 2025 16:02:20 +0000 Manifest next update: Wed 13 Aug 2025 22:02:20 +0000 Files and hashes: 1: IGM8jmnuaH1MQSPQwJea0UTlXrc.crl (hash: 2yjYQmRiI7QqleS71i4pY0RcVO7KVXPCmkLmd5wQmDU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IGM8jmnuaH1MQSPQwJea0UTlXrc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 22:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21625 (0x5479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20633C8E69EE687D4C4123D0C0979AD144E55EB7 Validity Not Before: Aug 13 16:02:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8A7324BA5830A55CDA6EBE7C2F410FBC890A4004 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ab:60:9d:02:16:1f:62:3c:eb:5a:2b:b6:b8: f7:29:bc:cd:7e:af:3c:eb:15:1c:b0:23:41:af:c5: a1:d6:bd:a2:51:84:8e:75:24:28:c9:8b:dd:10:55: 35:51:72:b6:86:35:dc:47:8c:55:85:96:be:e2:fd: 92:d3:8f:b8:ed:f7:23:02:ec:f3:6c:d0:12:fa:26: b0:59:a5:a4:43:33:f9:1a:39:42:0b:97:62:9a:27: bf:42:79:32:2e:9e:8c:d8:09:45:03:93:4a:6e:93: 07:69:53:64:bc:61:96:2b:44:51:5b:39:ef:45:97: ec:47:cd:4c:55:99:99:1c:c0:b7:00:9f:0b:a2:80: d7:da:2d:b8:f6:05:6c:ac:40:f9:fb:13:31:27:65: 99:a6:29:19:4e:50:8e:e3:87:01:9e:ea:2f:5f:12: 58:39:0e:95:61:f3:27:52:7a:a6:27:0c:c9:16:46: 53:d9:de:02:b1:93:64:46:17:37:f6:06:10:e0:a7: 94:6a:75:78:62:a3:fa:5b:41:e7:35:8d:53:a9:5b: 14:0f:cc:44:2f:09:4b:fc:2c:ac:c5:77:33:78:10: c3:06:ed:f9:ef:e9:c0:ef:b4:9e:4f:82:f9:66:e4: 2d:37:53:91:e5:d4:0b:2c:14:74:0b:84:15:03:94: d8:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:73:24:BA:58:30:A5:5C:DA:6E:BE:7C:2F:41:0F:BC:89:0A:40:04 X509v3 Authority Key Identifier: keyid:20:63:3C:8E:69:EE:68:7D:4C:41:23:D0:C0:97:9A:D1:44:E5:5E:B7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IGM8jmnuaH1MQSPQwJea0UTlXrc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:c6:d9:10:32:ef:91:1e:b6:04:dd:1d:57:3c:fa:22:2a:da: 88:c6:70:8b:a4:96:92:3a:f3:d9:e3:5d:e9:0d:3f:4c:6a:46: 6a:cf:97:b2:fe:a8:40:a5:e0:be:87:e8:a8:7a:fa:13:a6:23: 34:94:61:cf:1c:4c:bb:ce:2d:a3:f5:d2:86:85:1a:21:82:5d: fb:2a:d1:1f:3c:5e:75:27:d5:a5:05:25:d4:6f:fa:c8:e1:10: d2:89:13:9f:45:61:81:18:2f:14:1a:c5:9d:35:26:59:48:e8: aa:1d:11:12:a6:11:e1:9c:98:b3:3a:7d:13:60:37:a1:6b:76: c3:e9:02:ba:ae:c8:21:bc:f0:77:0b:d0:07:45:d4:fe:c2:9d: 5f:26:2c:53:71:0a:3c:31:5d:e1:da:7e:c0:63:a4:7f:83:be: e6:e2:99:ff:31:d9:07:be:c6:32:cc:68:30:5f:22:ba:8a:13: 75:87:07:45:4e:7d:c5:bc:19:67:e8:67:b4:fd:bc:8a:34:96: 89:01:d8:15:f8:db:f1:e1:4b:39:dd:46:a8:04:0b:e8:17:4a: 97:63:63:2e:20:fd:55:64:88:8f:68:74:03:65:ce:7f:62:37: 33:6d:b5:e8:f5:b5:b5:29:66:fb:34:87:87:dc:df:61:a8:37: b9:76:3a:bd -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICVHkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjA2 MzNDOEU2OUVFNjg3RDRDNDEyM0QwQzA5NzlBRDE0NEU1NUVCNzAeFw0yNTA4MTMx NjAyMjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhBNzMyNEJBNTgzMEE1 NUNEQTZFQkU3QzJGNDEwRkJDODkwQTQwMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPq2CdAhYfYjzrWiu2uPcpvM1+rzzrFRywI0GvxaHWvaJRhI51 JCjJi90QVTVRcraGNdxHjFWFlr7i/ZLTj7jt9yMC7PNs0BL6JrBZpaRDM/kaOUIL l2KaJ79CeTIunozYCUUDk0pukwdpU2S8YZYrRFFbOe9Fl+xHzUxVmZkcwLcAnwui gNfaLbj2BWysQPn7EzEnZZmmKRlOUI7jhwGe6i9fElg5DpVh8ydSeqYnDMkWRlPZ 3gKxk2RGFzf2BhDgp5RqdXhio/pbQec1jVOpWxQPzEQvCUv8LKzFdzN4EMMG7fnv 6cDvtJ5Pgvlm5C03U5Hl1AssFHQLhBUDlNibAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUinMkulgwpVzabr58L0EPvIkKQAQwHwYDVR0jBBgwFoAUIGM8jmnuaH1MQSPQ wJea0UTlXrcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM4 Mi9JR004am1udWFIMU1RU1BRd0plYTBVVGxYcmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lHTThqbW51YUgxTVFTUFF3SmVhMFVUbFhyYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzODIvSUdNOGptbnVhSDFN UVNQUXdKZWEwVVRsWHJjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAIHG2RAy75EetgTdHVc8+iIq2ojGcIuklpI689njXekNP0xqRmrPl7L+qECl 4L6H6Kh6+hOmIzSUYc8cTLvOLaP10oaFGiGCXfsq0R88XnUn1aUFJdRv+sjhENKJ E59FYYEYLxQaxZ01JllI6KodERKmEeGcmLM6fRNgN6FrdsPpArquyCG88HcL0AdF 1P7CnV8mLFNxCjwxXeHafsBjpH+Dvubimf8x2Qe+xjLMaDBfIrqKE3WHB0VOfcW8 GWfoZ7T9vIo0lokB2BX42/HhSzndRqgEC+gXSpdjYy4g/VVkiI9odANlzn9iNzNt tej1tbUpZvs0h4fc32GoN7l2Or0= -----END CERTIFICATE-----Generated at Wed Aug 13 20:24:10 2025 by rpki-client