$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft File: NxT4EtSpDicn7ABvXkzukIk0r3g.mft (raw, json) Hash identifier: dEoLk28xZBhnzaSWPNOV6BOxMUkuS/S1nr2pfkUPkFs= Subject key identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA Authority key identifier: 37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 Certificate issuer: /CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Certificate serial: 1E98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft Manifest number: 1E98 Signing time: Wed 13 Aug 2025 16:02:29 +0000 Manifest this update: Wed 13 Aug 2025 16:02:29 +0000 Manifest next update: Wed 13 Aug 2025 22:02:29 +0000 Files and hashes: 1: NxT4EtSpDicn7ABvXkzukIk0r3g.crl (hash: AHwCbgJD8eKJSJm5yhIbg4VOIzgauaV+BLj2/FheloA=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 20:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7832 (0x1e98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3714F812D4A90E2727EC006F5E4CEE908934AF78 Validity Not Before: Aug 13 16:02:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D4727BD1540DF9B6C4FCC174C40A002280302BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:3b:6c:95:b3:19:b9:3c:7f:39:15:f1:fd: b5:9a:0d:ba:0a:83:cf:0b:a9:32:4a:ca:fd:8f:1b: 6f:47:00:29:45:8d:60:ee:28:18:fd:d7:fb:7f:64: ef:7e:1a:0a:cf:8c:34:ba:5b:61:b5:06:1f:0b:0d: e3:bc:71:9b:9c:a1:a8:2c:7b:f9:40:62:42:f9:7a: bb:ef:ee:7b:87:00:71:3b:9d:88:82:03:e1:31:35: 45:68:19:50:53:82:cf:b2:98:1d:7d:9b:ea:4e:fd: e0:a5:fc:fc:e8:78:8f:1e:bc:32:20:2e:38:36:d5: 9b:80:27:94:10:10:57:d4:8f:1e:eb:a2:1e:a4:4e: 25:cf:74:bb:2f:a0:63:d9:e0:46:f0:ea:a8:3f:0f: a6:15:6a:18:76:b1:18:10:34:b2:12:65:9a:8e:24: 55:5c:e4:42:15:ac:20:09:ac:fd:4c:d9:e4:ae:f9: cf:6d:24:a6:9e:58:90:f9:7c:bf:53:a1:79:36:b5: b6:5f:4d:61:ac:0b:4e:c0:02:8d:ed:02:71:78:51: 30:c9:c9:fe:b6:8c:43:03:1e:8c:21:e5:3a:c1:50: 8e:02:c4:07:e4:5a:c2:d7:3e:c3:0d:16:fd:ef:36: d7:b2:a6:7c:43:3b:d4:c0:9e:5d:4e:17:63:ec:3a: b3:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA X509v3 Authority Key Identifier: keyid:37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:0c:4b:01:69:a0:a2:62:3f:36:79:76:55:a9:67:80:51:35: 83:d0:63:25:99:b6:84:3b:8d:fe:36:6c:9a:93:58:56:f1:b2: 43:7a:ce:9a:9d:3a:0d:01:14:29:09:8c:64:bc:2c:15:c0:4e: 80:4a:5c:52:77:12:b0:e0:6b:3d:d4:de:0b:ed:74:5d:5a:d5: 63:1d:8f:dd:ad:d5:67:59:97:70:9f:12:88:5a:91:02:6b:21: 20:3c:e3:7c:52:8c:16:5d:e3:1d:56:b8:d5:a2:76:6a:73:19: fc:8a:ce:33:37:34:9d:93:ff:55:bf:46:2f:6e:b0:bc:b0:a0: 99:51:74:b2:d8:10:31:f0:76:b9:c8:3d:5a:86:96:f6:e5:d0: 66:50:35:ed:1f:ec:95:2a:48:08:96:cf:8d:af:02:5d:4c:c4: d8:e7:96:21:00:99:c6:6b:1e:fa:68:f3:09:f1:20:68:59:4b: b3:ae:50:e2:4c:93:88:e9:48:ae:36:fd:32:3b:e2:33:9c:eb: f5:44:b5:f3:45:2d:ae:d6:8e:53:34:c2:f8:31:62:ad:f0:b8: 56:9a:e9:b2:19:23:b6:e3:a0:7d:0f:22:ce:a4:f2:b0:5c:32: 0f:58:db:87:0e:72:f2:f4:ac:d8:2d:72:54:1f:30:17:fb:7f: fb:6f:56:47 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcx NEY4MTJENEE5MEUyNzI3RUMwMDZGNUU0Q0VFOTA4OTM0QUY3ODAeFw0yNTA4MTMx NjAyMjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ0NzI3QkQxNTQwREY5 QjZDNEZDQzE3NEM0MEEwMDIyODAzMDJCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4kDtslbMZuTx/ORXx/bWaDboKg88LqTJKyv2PG29HAClFjWDu KBj91/t/ZO9+GgrPjDS6W2G1Bh8LDeO8cZucoagse/lAYkL5ervv7nuHAHE7nYiC A+ExNUVoGVBTgs+ymB19m+pO/eCl/PzoeI8evDIgLjg21ZuAJ5QQEFfUjx7roh6k TiXPdLsvoGPZ4Ebw6qg/D6YVahh2sRgQNLISZZqOJFVc5EIVrCAJrP1M2eSu+c9t JKaeWJD5fL9ToXk2tbZfTWGsC07AAo3tAnF4UTDJyf62jEMDHowh5TrBUI4CxAfk WsLXPsMNFv3vNteypnxDO9TAnl1OF2PsOrNNAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU1HJ70VQN+bbE/MF0xAoAIoAwK9owHwYDVR0jBBgwFoAUNxT4EtSpDicn7ABv XkzukIk0r3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz MC9OeFQ0RXRTcERpY243QUJ2WGt6dWtJazByM2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL054VDRFdFNwRGljbjdBQnZYa3p1a0lrMHIzZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMzAvTnhUNEV0U3BEaWNu N0FCdlhrenVrSWswcjNnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAMEMSwFpoKJiPzZ5dlWpZ4BRNYPQYyWZtoQ7jf42bJqTWFbxskN6zpqdOg0B FCkJjGS8LBXAToBKXFJ3ErDgaz3U3gvtdF1a1WMdj92t1WdZl3CfEohakQJrISA8 43xSjBZd4x1WuNWidmpzGfyKzjM3NJ2T/1W/Ri9usLywoJlRdLLYEDHwdrnIPVqG lvbl0GZQNe0f7JUqSAiWz42vAl1MxNjnliEAmcZrHvpo8wnxIGhZS7OuUOJMk4jp SK42/TI74jOc6/VEtfNFLa7WjlM0wvgxYq3wuFaa6bIZI7bjoH0PIs6k8rBcMg9Y 24cOcvL0rNgtclQfMBf7f/tvVkc= -----END CERTIFICATE-----Generated at Wed Aug 13 19:17:45 2025 by rpki-client