$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft File: h2aIiphaWvBfbvEvvU9k8h9SYYg.mft (raw, json) Hash identifier: nVDSj8ojphwP2CURzzlYKb2N6TOKjcyhxaFHhpbVSLY= Subject key identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 Authority key identifier: 87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 Certificate issuer: /CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Certificate serial: 0BAB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft Manifest number: 0BAB Signing time: Wed 13 Aug 2025 16:01:58 +0000 Manifest this update: Wed 13 Aug 2025 16:01:58 +0000 Manifest next update: Wed 13 Aug 2025 22:01:58 +0000 Files and hashes: 1: h2aIiphaWvBfbvEvvU9k8h9SYYg.crl (hash: Icl0AENxkRUSTeENkoKPjeSnKq8LzRr7WlZHNw9f3C8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 20:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2987 (0xbab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8766888A985A5AF05F6EF12FBD4F64F21F526188 Validity Not Before: Aug 13 16:01:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D8678AA95370861C4193AE13A081E75CD1C41BD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c0:ff:85:04:90:e9:70:da:7d:d0:ea:7d:8b: f6:99:03:3a:0b:5c:4f:4b:1d:e7:7c:aa:93:12:9b: 33:7a:64:7a:38:d4:29:2c:60:d6:c5:0d:77:99:c0: e4:16:48:ab:00:f5:64:65:d8:0a:ec:21:39:34:6b: b5:43:4d:93:7c:a3:75:4d:a4:6c:bb:0a:28:9f:f1: 78:f1:e1:5f:91:17:0b:da:4f:2f:1d:56:e4:24:b0: 7e:af:5e:6b:11:88:36:ec:f0:b6:9a:83:90:cb:da: 27:0b:e9:17:93:48:fe:4e:e1:ce:2a:50:b6:91:8c: 3a:00:a3:d5:53:9d:5f:52:f5:d2:4e:d2:6e:67:31: ef:4c:91:28:a1:30:5b:37:15:cd:90:4f:f1:ba:64: f0:24:57:f3:d8:5e:d7:c8:26:d4:b9:15:7d:07:1c: 45:c4:03:72:96:41:c5:f4:fe:d9:00:51:8f:1e:4f: c7:e3:d8:15:9e:1d:0f:86:07:5e:f1:e1:70:cb:65: 14:6e:8a:c9:eb:fc:b0:2b:e7:ba:ca:53:c2:c8:00: f3:bd:b9:96:55:5a:52:26:d8:aa:3d:40:75:57:15: a0:69:dc:7e:c8:81:d1:0e:e0:1c:c6:78:3a:f5:09: 9a:8f:3f:21:84:bc:b4:6b:ef:da:46:f4:ea:38:f8: 7c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:67:8A:A9:53:70:86:1C:41:93:AE:13:A0:81:E7:5C:D1:C4:1B:D7 X509v3 Authority Key Identifier: keyid:87:66:88:8A:98:5A:5A:F0:5F:6E:F1:2F:BD:4F:64:F2:1F:52:61:88 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/h2aIiphaWvBfbvEvvU9k8h9SYYg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1817/h2aIiphaWvBfbvEvvU9k8h9SYYg.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:2a:e8:54:bb:0a:9f:e4:c9:65:15:ad:89:f0:15:22:fc:09: 02:6c:2f:4f:6b:63:6c:b1:1e:75:06:b2:01:d1:9d:7c:bf:f4: c8:a8:40:73:43:bd:3a:f8:34:8f:ca:ed:9c:3e:61:81:8f:1c: fc:ef:9a:bf:4a:df:e5:08:b4:53:14:6f:0d:f8:a5:31:21:a5: fa:73:29:c4:3d:a9:ce:32:a1:ea:7c:d5:2c:fc:a3:36:d0:25: 62:28:b2:0d:2f:f1:63:3a:a0:42:44:90:80:1a:52:19:1e:8a: f4:a3:6e:94:26:c8:db:ed:63:85:55:d3:5c:2d:20:2f:c2:7f: 2e:db:a5:34:6e:07:95:58:80:35:61:1e:bc:45:eb:19:41:ed: a3:9a:f9:d0:66:a7:bb:75:0b:4e:2c:e9:32:7e:88:9d:41:10: 71:b2:39:60:ec:74:8e:b8:05:a5:0c:83:00:c4:38:a9:5c:8d: c1:78:be:cc:85:fb:1d:c1:7f:14:0d:e1:43:ae:1b:cd:e6:1e: c0:51:07:05:7b:b6:58:6a:96:35:c6:81:28:d3:9f:75:5c:b5: e9:85:f8:2f:22:4b:38:6f:6d:ff:2f:4c:56:85:4c:59:3f:e7: 58:e7:04:e4:d6:d1:55:6e:8f:1b:b9:94:9c:58:f4:a1:e9:6b: 7e:08:ba:5e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICC6swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODc2 Njg4OEE5ODVBNUFGMDVGNkVGMTJGQkQ0RjY0RjIxRjUyNjE4ODAeFw0yNTA4MTMx NjAxNThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ4Njc4QUE5NTM3MDg2 MUM0MTkzQUUxM0EwODFFNzVDRDFDNDFCRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJwP+FBJDpcNp90Op9i/aZAzoLXE9LHed8qpMSmzN6ZHo41Cks YNbFDXeZwOQWSKsA9WRl2ArsITk0a7VDTZN8o3VNpGy7Ciif8Xjx4V+RFwvaTy8d VuQksH6vXmsRiDbs8Laag5DL2icL6ReTSP5O4c4qULaRjDoAo9VTnV9S9dJO0m5n Me9MkSihMFs3Fc2QT/G6ZPAkV/PYXtfIJtS5FX0HHEXEA3KWQcX0/tkAUY8eT8fj 2BWeHQ+GB17x4XDLZRRuisnr/LAr57rKU8LIAPO9uZZVWlIm2Ko9QHVXFaBp3H7I gdEO4BzGeDr1CZqPPyGEvLRr79pG9Oo4+HwVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU2GeKqVNwhhxBk64ToIHnXNHEG9cwHwYDVR0jBBgwFoAUh2aIiphaWvBfbvEv vU9k8h9SYYgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgx Ny9oMmFJaXBoYVd2QmZidkV2dlU5azhoOVNZWWcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2gyYUlpcGhhV3ZCZmJ2RXZ2VTlrOGg5U1lZZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MTcvaDJhSWlwaGFXdkJm YnZFdnZVOWs4aDlTWVlnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJAq6FS7Cp/kyWUVrYnwFSL8CQJsL09rY2yxHnUGsgHRnXy/9MioQHNDvTr4 NI/K7Zw+YYGPHPzvmr9K3+UItFMUbw34pTEhpfpzKcQ9qc4yoep81Sz8ozbQJWIo sg0v8WM6oEJEkIAaUhkeivSjbpQmyNvtY4VV01wtIC/Cfy7bpTRuB5VYgDVhHrxF 6xlB7aOa+dBmp7t1C04s6TJ+iJ1BEHGyOWDsdI64BaUMgwDEOKlcjcF4vsyF+x3B fxQN4UOuG83mHsBRBwV7tlhqljXGgSjTn3VctemF+C8iSzhvbf8vTFaFTFk/51jn BOTW0VVujxu5lJxY9KHpa34Iul4= -----END CERTIFICATE-----Generated at Wed Aug 13 19:07:13 2025 by rpki-client