$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft File: iIhNTUp18X8I3UTLqVkv5w9TnZc.mft (raw, json) Hash identifier: 6YcscHZzZBoNm3fVydv5zUuXo5gg5vCLui5d7vcVuT8= Subject key identifier: 74:F5:E0:C1:04:8A:58:81:D5:98:C5:7D:13:66:6F:F3:E9:76:96:FC Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 1F0A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft Manifest number: 1ED3 Signing time: Fri 20 Jun 2025 13:12:31 +0000 Manifest this update: Fri 20 Jun 2025 13:12:31 +0000 Manifest next update: Fri 20 Jun 2025 19:12:31 +0000 Files and hashes: 1: Fu_b4tel5NGHEPxYvtqzDhhAbqQ.roa (hash: skkkRa+f+zbYNJtBW9cXYGXDstm5mWfrryxHxT22Fv4=) 2: JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa (hash: LGZkzecS/oOZB/jgNue3M7MGauHxK1CsafE7hzqN+lM=) 3: UZHfKjNy_777Q9bAPY-TRRLF7JM.roa (hash: gTXt1ZXlzhAqrXd8fGYX/D/fL64eBW9l+ESGdbQgWzk=) 4: UwF3RRWBWBJzOKMpEgCPwJHusDQ.roa (hash: 2j9APxsIAALLNwJhqrNuF15QX7EES49mUdK4GoYHWms=) 5: cREs8hmh_CmOnkUd4fU9j_ntn0w.roa (hash: CP7BSCAsooYTWgzemNYrDx/XFHt9xqP+ChJ75EbH+cE=) 6: eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa (hash: PvsnJd+w8p2xQdrIuCBq16T7Z7QhAuuf+Nw8Pr9uF6A=) 7: eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa (hash: Hgl/czQiJR245QlSg4cy6iaWEpWFiq9ORvftoROwGWQ=) 8: eZah-AngLzb8qFPY5nps7k990bY.roa (hash: ZrAWhkudRJM4vRG6Jn9b9j7Vh7eTCG04BPZTFrJzppk=) 9: ftFMs_-GIzFOKfuDr7xm-R24Kr8.roa (hash: gUV9DW32VKoXS9w9FeSdsgysPfhlzoba3d+Ijnrdcuo=) 10: iIhNTUp18X8I3UTLqVkv5w9TnZc.crl (hash: jF6fOe+WFphDfC/BeEkwfHdMoYTrvp3QjtgeaC9RQ1Y=) 11: kDW1cRo86YzzeBsDbuuqb0TPbSY.roa (hash: zH0Bb/tnJndPjBUYLdvYRyQIrO9oLPTeV3JZ/lVlA58=) 12: kGqizEN9BiXKNNQ9yNJogseQMI4.roa (hash: Jj79TOIXBeTybk08mL3v4LtSKPltU7N+KVAbvAEyKJY=) 13: oCfS0hIaiNsPZD9_Byqu1CoJ8VI.roa (hash: Hy+566HgUdo7tAmvKq5D06v1xyoGXDvCRugVB0yhFmw=) 14: w3pt5ET1tvSm7d0RqvtpQaSbUSg.roa (hash: TdLS3FpjQ1UPLqz5X5rwpVpfmm+7VwjlrlPBgwGcC0E=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 19:12:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7946 (0x1f0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Jun 20 13:12:31 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=74F5E0C1048A5881D598C57D13666FF3E97696FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:eb:32:99:d6:89:fc:17:87:10:91:62:9d:93: 13:df:f3:4a:1a:d6:2a:11:5d:bc:89:f6:f1:76:45: 46:6f:ea:e7:36:37:dd:df:2f:d2:80:4b:b4:4a:e9: 08:55:03:97:db:d6:db:2b:11:8d:dd:f3:de:ef:44: 4e:7a:b7:b9:ad:30:ee:04:fa:44:5a:ae:43:f7:28: fa:7d:14:8f:de:e7:50:bc:24:31:fc:53:4a:21:00: ab:ed:61:8a:aa:12:9e:39:18:17:0e:a7:27:8a:a7: 3a:1a:87:d9:32:bf:02:11:06:fb:95:03:88:3c:04: 22:9e:58:89:e0:84:6c:56:9e:26:a2:28:0d:fd:64: 21:d1:5f:a4:d8:17:82:af:90:96:fd:64:09:13:7d: 04:5b:f3:72:f8:c8:b8:13:33:21:7c:7d:74:85:82: 47:21:79:a0:dc:d4:7a:5d:66:a8:51:b7:cf:fd:2a: b4:59:17:9b:59:bf:88:ce:64:5b:44:5b:57:36:71: f9:cd:89:d9:2b:e3:1a:00:80:47:fb:ae:cf:e2:94: 1c:e3:35:45:45:ac:c1:ff:61:8c:b5:fd:ae:ca:bd: be:01:1c:1e:1f:30:76:2b:41:35:42:a6:52:7b:b8: fb:54:64:72:ee:3f:c2:a8:e4:bc:dc:33:73:d5:c3: da:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:F5:E0:C1:04:8A:58:81:D5:98:C5:7D:13:66:6F:F3:E9:76:96:FC X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:cb:e8:0c:97:f3:96:8f:76:2d:9f:11:11:24:fd:a8:4a:6f: a6:da:c3:18:96:de:fb:b1:49:a7:df:a5:12:fb:aa:27:35:a8: 28:77:b9:9d:3a:00:0d:4b:1d:ff:3d:3c:13:69:df:ab:9c:8c: c6:87:6d:79:35:ff:6b:1d:ae:64:2f:85:fa:50:fe:57:4d:bd: c7:08:97:b3:fe:5e:d7:28:0b:fa:63:01:fc:3e:31:01:97:0c: 4a:48:ee:03:c2:8c:93:c3:73:1c:8a:a6:5e:58:60:4b:1f:d6: 80:04:a5:7e:59:58:3b:38:ae:ff:6a:2a:d5:ed:0a:7c:1d:a8: ac:7d:a7:6c:9b:7d:62:b9:a4:0f:2f:c7:79:7e:cf:46:ee:a9: 35:ff:b0:39:a7:48:63:c1:70:37:6d:c7:5a:de:9f:24:f4:93: b8:ec:d3:8c:86:dd:c9:5b:cc:a1:37:6e:47:d8:cd:12:83:3f: 21:83:1a:b5:4d:ea:cb:12:56:43:0c:04:c4:23:ef:c7:91:9f: cd:c7:b8:27:95:6b:db:14:9c:7f:ef:a3:c3:0c:5f:de:59:f1: 45:e1:92:a0:23:a5:44:93:69:dc:56:2a:40:76:0c:04:a3:52: 35:b8:0b:e3:32:6f:bb:e5:c3:9c:a4:80:37:ab:4b:57:e5:d2: 2f:2c:f1:03 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA2MjAx MzEyMzFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc0RjVFMEMxMDQ4QTU4 ODFENTk4QzU3RDEzNjY2RkYzRTk3Njk2RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCx6zKZ1on8F4cQkWKdkxPf80oa1ioRXbyJ9vF2RUZv6uc2N93f L9KAS7RK6QhVA5fb1tsrEY3d897vRE56t7mtMO4E+kRarkP3KPp9FI/e51C8JDH8 U0ohAKvtYYqqEp45GBcOpyeKpzoah9kyvwIRBvuVA4g8BCKeWInghGxWniaiKA39 ZCHRX6TYF4KvkJb9ZAkTfQRb83L4yLgTMyF8fXSFgkcheaDc1HpdZqhRt8/9KrRZ F5tZv4jOZFtEW1c2cfnNidkr4xoAgEf7rs/ilBzjNUVFrMH/YYy1/a7Kvb4BHB4f MHYrQTVCplJ7uPtUZHLuP8Ko5LzcM3PVw9q1AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUdPXgwQSKWIHVmMV9E2Zv8+l2lvwwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvaUloTlRVcDE4WDhJ M1VUTHFWa3Y1dzlUblpjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABLL6AyX85aPdi2fEREk/ahKb6bawxiW3vuxSaffpRL7qic1qCh3uZ06AA1L Hf89PBNp36ucjMaHbXk1/2sdrmQvhfpQ/ldNvccIl7P+XtcoC/pjAfw+MQGXDEpI 7gPCjJPDcxyKpl5YYEsf1oAEpX5ZWDs4rv9qKtXtCnwdqKx9p2ybfWK5pA8vx3l+ z0buqTX/sDmnSGPBcDdtx1renyT0k7js04yG3clbzKE3bkfYzRKDPyGDGrVN6ssS VkMMBMQj78eRn83HuCeVa9sUnH/vo8MMX95Z8UXhkqAjpUSTadxWKkB2DASjUjW4 C+Myb7vlw5ykgDerS1fl0i8s8QM= -----END CERTIFICATE-----Generated at Fri Jun 20 16:46:01 2025 by rpki-client