$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft File: fPRMBtXqffDL1PaFCPFOhNoIt1I.mft (raw, json) Hash identifier: iSVrmKS1re5UU+qxEx92G3MNusp9dofBDjl06vb2nQ8= Subject key identifier: 7C:23:A7:76:81:71:4E:FB:35:C9:01:DA:63:0F:2C:52:5E:FE:19:BF Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Certificate serial: 17EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft Manifest number: 17E3 Signing time: Mon 11 Aug 2025 08:04:06 +0000 Manifest this update: Mon 11 Aug 2025 08:04:06 +0000 Manifest next update: Mon 11 Aug 2025 14:04:06 +0000 Files and hashes: 1: HIkT_nEnsLxGeI-3zJUHhtNyWj8.roa (hash: IhDC9QUQgRmJWF3Vdetq/G4pSKe6C+p+OntJsqXr45o=) 2: OYh5JEj0uWuUFwdKjB10pF76_pI.roa (hash: An6u7oH3sagNhBru0T5ojCoKJVfFfrmJ66mlx7PcbhI=) 3: USiwWmP7_uZv84RfFsFEk-_9H8Q.roa (hash: b7crNyxxWRj94oFuRTJxzkl+UkzfJZ2V5euQ8agMh3o=) 4: cIWlcgIlWrr7dPhvnLjAEmryGDc.roa (hash: qYlW/Je7TxRMGGbrH6KCQs+TJv0I6bBgau3xwOaOT6g=) 5: fPRMBtXqffDL1PaFCPFOhNoIt1I.crl (hash: VTcydoGD7ybVuQ2PbTZ/Ec3VDaX8ifKhAL1Oai9XWnY=) 6: gALoy-WEClG9nOagRiQccU0WnpE.roa (hash: Gmv5mtUHklFp3j+m8mMU5eiB9lpckT1KXPsOboMEr50=) 7: nlfKk31w0-JMOBpbuydpYlmgaK4.roa (hash: Pd6xFisxhVIf9N5p5BSqwtwrTZp9+Wnd5CgCa9g0/nM=) 8: r78L_jfDaGDjaH3rsP83eK4kcG4.roa (hash: u1or2If1pLNDG9eB56Xw8Z+2kHObmlhnvE4GqSl5VaQ=) 9: xB_JUhaUTOLRuggWEFRDEbGKbdA.roa (hash: MUeQ6SBwA1FY7z2svn5ifPBc7LhDADwZ7QfDARqfH+4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:04:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6127 (0x17ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Validity Not Before: Aug 11 08:04:06 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7C23A77681714EFB35C901DA630F2C525EFE19BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:2a:bb:7b:59:64:df:24:f6:6c:eb:bb:11:8a: b8:10:c4:dc:0b:39:e9:39:6c:d6:f4:fe:8e:d2:6e: e7:2d:e0:8d:d1:3e:30:0e:e9:e9:40:0f:13:58:9a: 69:08:05:09:2f:da:e8:f6:ad:0c:58:f4:89:f1:ca: 1d:29:f9:c3:d9:7f:c6:67:52:8e:67:28:ac:e3:d8: 38:37:9d:d0:40:be:39:4c:d1:d0:16:c4:e8:ef:c9: be:0c:de:94:15:2f:53:6a:a7:3a:00:77:42:a3:19: af:82:30:ff:13:d5:ad:8d:1e:56:28:9f:59:a7:74: 5d:f8:3c:7e:c9:cf:96:8d:f7:12:24:92:e7:5d:da: 7a:86:6c:c4:44:4e:34:4c:12:22:b8:ae:6b:4f:21: 78:f5:ca:31:5f:72:7c:2d:16:ae:01:e0:b5:f1:52: ae:78:6d:ac:46:c0:99:f9:ea:79:13:92:fa:7f:3e: 3b:d6:b1:98:50:b4:d0:4d:24:f2:1d:87:61:f9:75: 25:cc:b7:5f:cc:c7:a8:38:03:d3:32:d6:7a:73:37: e7:d2:db:ab:8a:b2:86:aa:9f:8d:c0:b6:f4:6e:cf: 8d:8f:3c:69:99:b6:07:1d:af:c5:23:e0:a2:01:63: df:7a:72:b4:89:b0:38:aa:e4:f5:97:12:29:1d:f1: 07:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:23:A7:76:81:71:4E:FB:35:C9:01:DA:63:0F:2C:52:5E:FE:19:BF X509v3 Authority Key Identifier: keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:9f:06:bd:67:d6:df:b7:36:7f:ac:13:8b:c2:f8:9f:e8:09: 2e:31:6d:0d:1c:a6:cb:f0:51:63:71:67:72:72:84:d1:92:a0: ab:1d:59:53:96:31:db:a1:3d:e8:0a:44:83:14:7c:c4:b7:9c: 39:24:1b:48:97:e7:07:eb:b4:95:03:dd:22:c7:d9:8c:45:15: bf:e6:67:3a:de:89:e8:1f:e2:6e:38:bf:05:c8:6e:28:82:bf: 25:25:ea:e6:df:3d:63:02:e4:a2:49:46:ef:08:71:8e:08:78: c5:89:62:39:54:d2:46:ef:45:69:37:ef:ad:ab:9e:86:1c:dc: ea:c6:fe:53:48:bd:36:27:f3:cb:2b:97:66:58:13:86:ab:82: 9f:06:bf:dc:1d:54:df:17:57:39:ef:a2:5c:fb:9c:e0:29:04: 5d:6e:ed:99:79:24:65:83:13:ae:b7:86:10:c8:75:6a:c1:01: cc:e0:29:72:eb:cb:da:cd:3a:5c:7c:e0:7b:c5:1c:ea:43:ff: 81:53:97:01:6d:c4:12:61:68:57:55:35:c8:2c:4e:a8:49:bc: cf:f2:89:21:38:ba:8f:97:bb:b0:2e:a1:6a:24:86:0e:70:40: 0a:e7:ff:6c:6d:3e:02:50:0f:a0:69:e2:89:28:fc:ff:59:96: 84:85:bd:16 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICF+8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA4MTEw ODA0MDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdDMjNBNzc2ODE3MTRF RkIzNUM5MDFEQTYzMEYyQzUyNUVGRTE5QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDuKrt7WWTfJPZs67sRirgQxNwLOek5bNb0/o7Sbuct4I3RPjAO 6elADxNYmmkIBQkv2uj2rQxY9Inxyh0p+cPZf8ZnUo5nKKzj2Dg3ndBAvjlM0dAW xOjvyb4M3pQVL1NqpzoAd0KjGa+CMP8T1a2NHlYon1mndF34PH7Jz5aN9xIkkudd 2nqGbMRETjRMEiK4rmtPIXj1yjFfcnwtFq4B4LXxUq54baxGwJn56nkTkvp/PjvW sZhQtNBNJPIdh2H5dSXMt1/Mx6g4A9My1npzN+fS26uKsoaqn43AtvRuz42PPGmZ tgcdr8Uj4KIBY996crSJsDiq5PWXEikd8QdHAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUfCOndoFxTvs1yQHaYw8sUl7+Gb8wHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3 OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvZlBSTUJ0WHFmZkRM MVBhRkNQRk9oTm9JdDFJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABOfBr1n1t+3Nn+sE4vC+J/oCS4xbQ0cpsvwUWNxZ3JyhNGSoKsdWVOWMduh PegKRIMUfMS3nDkkG0iX5wfrtJUD3SLH2YxFFb/mZzreiegf4m44vwXIbiiCvyUl 6ubfPWMC5KJJRu8IcY4IeMWJYjlU0kbvRWk3762rnoYc3OrG/lNIvTYn88srl2ZY E4argp8Gv9wdVN8XVznvolz7nOApBF1u7Zl5JGWDE663hhDIdWrBAczgKXLry9rN Olx84HvFHOpD/4FTlwFtxBJhaFdVNcgsTqhJvM/yiSE4uo+Xu7AuoWokhg5wQArn /2xtPgJQD6Bp4oko/P9ZloSFvRY= -----END CERTIFICATE-----Generated at Mon Aug 11 12:56:46 2025 by rpki-client