$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft File: oZapzKejMT4hgEp8O7SXdfnwZYo.mft (raw, json) Hash identifier: ffFVPf64vY5hI2DYat3G+2BX89XxhJ9MvyHXrYNX6XA= Subject key identifier: DA:37:F7:07:93:01:7B:A5:C6:48:F3:BD:80:A4:1B:A9:CF:5C:81:6A Authority key identifier: A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A Certificate issuer: /CN=A196A9CCA7A3313E21804A7C3BB49775F9F0658A Certificate serial: 0DF6 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft Manifest number: 0DF6 Signing time: Wed 13 Aug 2025 06:03:14 +0000 Manifest this update: Wed 13 Aug 2025 06:03:14 +0000 Manifest next update: Wed 13 Aug 2025 12:03:14 +0000 Files and hashes: 1: oZapzKejMT4hgEp8O7SXdfnwZYo.crl (hash: pZL/t/0VHOLFHj1tepgsuLQ8Xz4YYRnUEKCsic5bXao=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 12:03:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3574 (0xdf6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A196A9CCA7A3313E21804A7C3BB49775F9F0658A Validity Not Before: Aug 13 06:03:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DA37F70793017BA5C648F3BD80A41BA9CF5C816A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:2f:da:9c:59:d3:b4:fa:59:cb:6e:0e:17:94: f0:b3:5e:ce:88:fa:29:03:9d:81:46:cf:4a:57:9b: e1:59:9e:b3:b1:6a:e8:37:ad:78:a6:51:7a:39:00: e8:eb:4f:c7:0a:2b:03:56:84:91:e9:ed:e6:0e:9b: 13:5b:bb:8e:20:72:dc:6f:e4:fe:10:34:7f:ad:2a: 49:2b:fb:a0:42:0b:5e:45:3f:9a:6a:bc:61:af:f4: 13:d3:13:3a:27:51:8e:1a:dc:89:eb:cb:df:18:2e: 72:7f:14:e7:93:31:03:8a:f6:51:1e:f7:91:4c:15: 84:de:b0:42:e1:6c:26:f9:a7:59:67:24:14:6a:ec: 38:f2:a8:24:a5:5a:d7:5b:f4:4f:9c:20:33:d4:a4: 91:26:33:f6:b3:10:e8:d3:b6:ac:57:d0:94:a6:a3: e7:ab:b7:aa:0f:22:44:f4:92:96:7c:06:18:90:ea: ba:63:06:af:04:2a:a2:b2:f1:2f:29:b4:bf:e5:08: 95:bd:23:b4:a9:f9:62:bc:ed:ea:33:41:d3:d9:d8: 27:21:45:58:f1:00:67:b7:1e:a1:af:86:63:28:29: d1:8f:0a:07:f1:13:a5:0c:49:54:a4:b7:21:33:a0: 32:7d:ce:24:50:27:ac:c3:96:4b:ce:2a:4d:04:03: 0a:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:37:F7:07:93:01:7B:A5:C6:48:F3:BD:80:A4:1B:A9:CF:5C:81:6A X509v3 Authority Key Identifier: keyid:A1:96:A9:CC:A7:A3:31:3E:21:80:4A:7C:3B:B4:97:75:F9:F0:65:8A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oZapzKejMT4hgEp8O7SXdfnwZYo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1384/oZapzKejMT4hgEp8O7SXdfnwZYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:98:8c:04:5b:82:04:e9:e5:ea:03:a5:20:e2:b3:85:c0:e0: 2b:04:d7:17:c4:d6:7c:0e:8a:a2:33:28:13:89:31:e2:c3:56: 9b:0c:79:32:1e:04:4f:33:5e:40:b6:d8:40:3d:f7:9b:84:5a: 76:aa:3b:5e:65:43:c2:5a:81:4c:b8:c4:b6:b7:c1:e2:80:1c: 25:a1:71:5a:f4:93:57:a6:50:1a:1a:86:2e:c7:46:36:d3:d1: 57:85:b9:94:7a:25:f6:8a:2a:9d:7c:66:02:44:23:93:c4:c6: e9:2f:0b:b6:c3:c1:d6:77:39:bd:c9:8b:a1:09:13:6a:c9:31: 43:3b:bd:94:68:2a:46:04:8f:88:f8:b0:30:f6:fd:c3:4f:a8: de:b5:32:81:bc:bc:b1:67:67:77:c9:e8:b1:33:b7:b7:05:b4: 35:77:54:ff:a8:d5:3b:be:1d:27:55:73:3f:02:b6:31:3f:78: 76:07:4c:36:c1:c1:5b:20:df:4d:d1:6a:14:0c:35:1f:94:0e: 0f:3f:86:46:92:b0:eb:19:83:88:f0:aa:ae:86:d2:06:1e:35: 9b:31:8a:d0:26:e1:cd:5e:b8:da:43:b6:9a:a6:1d:cd:be:31: 55:dc:29:66:ff:1a:38:5d:d6:19:52:71:ff:fc:1c:b0:c7:86: 1e:e8:df:2b -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICDfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTE5 NkE5Q0NBN0EzMzEzRTIxODA0QTdDM0JCNDk3NzVGOUYwNjU4QTAeFw0yNTA4MTMw NjAzMTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERBMzdGNzA3OTMwMTdC QTVDNjQ4RjNCRDgwQTQxQkE5Q0Y1QzgxNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeL9qcWdO0+lnLbg4XlPCzXs6I+ikDnYFGz0pXm+FZnrOxaug3 rXimUXo5AOjrT8cKKwNWhJHp7eYOmxNbu44gctxv5P4QNH+tKkkr+6BCC15FP5pq vGGv9BPTEzonUY4a3Inry98YLnJ/FOeTMQOK9lEe95FMFYTesELhbCb5p1lnJBRq 7DjyqCSlWtdb9E+cIDPUpJEmM/azEOjTtqxX0JSmo+ert6oPIkT0kpZ8BhiQ6rpj Bq8EKqKy8S8ptL/lCJW9I7Sp+WK87eozQdPZ2CchRVjxAGe3HqGvhmMoKdGPCgfx E6UMSVSktyEzoDJ9ziRQJ6zDlkvOKk0EAwpHAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2jf3B5MBe6XGSPO9gKQbqc9cgWowHwYDVR0jBBgwFoAUoZapzKejMT4hgEp8 O7SXdfnwZYowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM4 NC9vWmFwektlak1UNGhnRXA4TzdTWGRmbndaWW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL29aYXB6S2VqTVQ0aGdFcDhPN1NYZGZud1pZby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzODQvb1phcHpLZWpNVDRo Z0VwOE83U1hkZm53WllvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAD+YjARbggTp5eoDpSDis4XA4CsE1xfE1nwOiqIzKBOJMeLDVpsMeTIeBE8z XkC22EA995uEWnaqO15lQ8JagUy4xLa3weKAHCWhcVr0k1emUBoahi7HRjbT0VeF uZR6JfaKKp18ZgJEI5PExukvC7bDwdZ3Ob3Ji6EJE2rJMUM7vZRoKkYEj4j4sDD2 /cNPqN61MoG8vLFnZ3fJ6LEzt7cFtDV3VP+o1Tu+HSdVcz8CtjE/eHYHTDbBwVsg 303RahQMNR+UDg8/hkaSsOsZg4jwqq6G0gYeNZsxitAm4c1euNpDtpqmHc2+MVXc KWb/Gjhd1hlScf/8HLDHhh7o3ys= -----END CERTIFICATE-----Generated at Wed Aug 13 09:49:39 2025 by rpki-client