$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft File: NxT4EtSpDicn7ABvXkzukIk0r3g.mft (raw, json) Hash identifier: 5+HsS1gxEiUBZrVZYKUxrTy1G2jbJ5Omb+/aB9p/Duk= Subject key identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA Authority key identifier: 37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 Certificate issuer: /CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Certificate serial: 1D92 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft Manifest number: 1D92 Signing time: Sat 21 Jun 2025 15:41:53 +0000 Manifest this update: Sat 21 Jun 2025 15:41:53 +0000 Manifest next update: Sat 21 Jun 2025 21:41:53 +0000 Files and hashes: 1: NxT4EtSpDicn7ABvXkzukIk0r3g.crl (hash: tDO14eCMunoKFK/PaCHhpy33AjZ0L89IAwgBIupdQ7A=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7570 (0x1d92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Validity Not Before: Jun 21 15:41:53 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D4727BD1540DF9B6C4FCC174C40A002280302BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:3b:6c:95:b3:19:b9:3c:7f:39:15:f1:fd: b5:9a:0d:ba:0a:83:cf:0b:a9:32:4a:ca:fd:8f:1b: 6f:47:00:29:45:8d:60:ee:28:18:fd:d7:fb:7f:64: ef:7e:1a:0a:cf:8c:34:ba:5b:61:b5:06:1f:0b:0d: e3:bc:71:9b:9c:a1:a8:2c:7b:f9:40:62:42:f9:7a: bb:ef:ee:7b:87:00:71:3b:9d:88:82:03:e1:31:35: 45:68:19:50:53:82:cf:b2:98:1d:7d:9b:ea:4e:fd: e0:a5:fc:fc:e8:78:8f:1e:bc:32:20:2e:38:36:d5: 9b:80:27:94:10:10:57:d4:8f:1e:eb:a2:1e:a4:4e: 25:cf:74:bb:2f:a0:63:d9:e0:46:f0:ea:a8:3f:0f: a6:15:6a:18:76:b1:18:10:34:b2:12:65:9a:8e:24: 55:5c:e4:42:15:ac:20:09:ac:fd:4c:d9:e4:ae:f9: cf:6d:24:a6:9e:58:90:f9:7c:bf:53:a1:79:36:b5: b6:5f:4d:61:ac:0b:4e:c0:02:8d:ed:02:71:78:51: 30:c9:c9:fe:b6:8c:43:03:1e:8c:21:e5:3a:c1:50: 8e:02:c4:07:e4:5a:c2:d7:3e:c3:0d:16:fd:ef:36: d7:b2:a6:7c:43:3b:d4:c0:9e:5d:4e:17:63:ec:3a: b3:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA X509v3 Authority Key Identifier: keyid:37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:43:1c:c0:13:f3:7f:5c:dd:e6:51:ab:98:6a:cb:de:72:8a: fc:2c:b6:88:71:00:3d:0d:a7:69:89:0f:7b:7d:65:b9:05:f0: 41:85:0e:84:ca:60:97:40:ce:20:4b:2e:2f:c3:2c:68:54:36: 9b:cf:b7:1a:43:1e:2b:74:a3:69:96:43:13:27:a3:19:5c:43: 13:85:2b:cb:03:d8:bd:fe:50:7d:eb:84:c1:c1:dc:5e:eb:11: d9:af:75:9b:61:a7:3c:76:b4:e5:30:27:61:64:17:de:69:af: 2e:95:cf:2d:05:e8:16:2b:d5:7b:f8:2b:40:43:6e:ea:6b:ea: 84:4d:2b:09:d0:b0:c1:49:1b:2c:b4:c8:cc:d7:72:7b:84:6d: 0d:af:37:62:5f:e7:94:7f:61:a7:7b:6f:bf:f2:10:66:bd:53: 17:57:6e:ad:e8:46:5d:71:6c:ce:da:28:be:d2:86:18:93:ce: 1b:da:1d:3b:60:31:bd:2e:8f:34:4c:31:cd:3b:c2:be:ae:92: 00:54:a3:0d:a3:2a:c6:8a:53:cb:36:ad:83:4f:97:85:6e:97: 77:e8:37:63:4c:3b:cc:48:9b:f9:02:3a:5e:72:54:ad:48:f9: ca:c7:50:ca:e6:df:d7:4e:89:d9:b8:14:1b:21:6f:a9:6c:1c: e9:a8:3a:bf -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcx NEY4MTJENEE5MEUyNzI3RUMwMDZGNUU0Q0VFOTA4OTM0QUY3ODAeFw0yNTA2MjEx NTQxNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ0NzI3QkQxNTQwREY5 QjZDNEZDQzE3NEM0MEEwMDIyODAzMDJCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4kDtslbMZuTx/ORXx/bWaDboKg88LqTJKyv2PG29HAClFjWDu KBj91/t/ZO9+GgrPjDS6W2G1Bh8LDeO8cZucoagse/lAYkL5ervv7nuHAHE7nYiC A+ExNUVoGVBTgs+ymB19m+pO/eCl/PzoeI8evDIgLjg21ZuAJ5QQEFfUjx7roh6k TiXPdLsvoGPZ4Ebw6qg/D6YVahh2sRgQNLISZZqOJFVc5EIVrCAJrP1M2eSu+c9t JKaeWJD5fL9ToXk2tbZfTWGsC07AAo3tAnF4UTDJyf62jEMDHowh5TrBUI4CxAfk WsLXPsMNFv3vNteypnxDO9TAnl1OF2PsOrNNAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU1HJ70VQN+bbE/MF0xAoAIoAwK9owHwYDVR0jBBgwFoAUNxT4EtSpDicn7ABv XkzukIk0r3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz MC9OeFQ0RXRTcERpY243QUJ2WGt6dWtJazByM2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL054VDRFdFNwRGljbjdBQnZYa3p1a0lrMHIzZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMzAvTnhUNEV0U3BEaWNu N0FCdlhrenVrSWswcjNnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAG1DHMAT839c3eZRq5hqy95yivwstohxAD0Np2mJD3t9ZbkF8EGFDoTKYJdA ziBLLi/DLGhUNpvPtxpDHit0o2mWQxMnoxlcQxOFK8sD2L3+UH3rhMHB3F7rEdmv dZthpzx2tOUwJ2FkF95pry6Vzy0F6BYr1Xv4K0BDbupr6oRNKwnQsMFJGyy0yMzX cnuEbQ2vN2Jf55R/Yad7b7/yEGa9UxdXbq3oRl1xbM7aKL7ShhiTzhvaHTtgMb0u jzRMMc07wr6ukgBUow2jKsaKU8s2rYNPl4Vul3foN2NMO8xIm/kCOl5yVK1I+crH UMrm39dOidm4FBshb6lsHOmoOr8= -----END CERTIFICATE-----Generated at Sat Jun 21 18:36:48 2025 by rpki-client