$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft File: IdyHWWXCumHR2su0je4UBVSqWu8.mft (raw, json) Hash identifier: yFch7n2feg2/PqtpORhL6P/1jF9tCeUptTPkMWox3H8= Subject key identifier: E6:80:90:B1:B9:42:51:2A:C2:9F:64:03:96:02:39:A3:F1:F0:1B:32 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 15B3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft Manifest number: 15AA Signing time: Sat 21 Jun 2025 20:12:19 +0000 Manifest this update: Sat 21 Jun 2025 20:12:19 +0000 Manifest next update: Sun 22 Jun 2025 02:12:19 +0000 Files and hashes: 1: IdyHWWXCumHR2su0je4UBVSqWu8.crl (hash: p3mCzWQUGFEhIVjYZ/AhElfVvLRQjYSGTCuppDwLB1w=) 2: ZuvQbTH8ZAJqK3Bv4oQXcXDGOM8.roa (hash: vBuDQxOioQeWVe9lqMaBkRts1ZbtGfixeSvj7yTqxCE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 23:43:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5555 (0x15b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Jun 21 20:12:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E68090B1B942512AC29F6403960239A3F1F01B32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:14:fa:5f:fc:6c:3b:90:84:16:c8:16:f7:1a: 76:ea:da:ef:9a:17:a6:a5:24:93:14:18:19:af:9b: d9:0b:22:9a:b6:18:da:c0:a1:e9:13:00:79:17:fc: d2:ee:ef:cb:cd:ae:96:d3:80:a3:b4:c7:17:a8:21: 12:20:77:ee:50:36:91:d8:34:03:07:92:b4:de:fe: 5a:79:ab:5a:34:9a:b4:79:d0:2a:dc:7d:11:95:42: 43:21:ea:0a:0e:8d:96:bc:a5:4d:af:fa:17:cc:8c: 29:38:3b:19:d1:50:21:63:69:b9:3a:02:68:6c:68: 6c:73:88:44:67:cc:ab:4f:44:45:58:b3:3c:cb:af: 6e:c9:b9:61:43:4e:8b:ec:63:3c:ce:de:71:ef:d4: d5:b7:f7:4b:62:7d:9e:37:2b:10:99:5e:1a:49:69: 7f:b0:69:25:a8:b7:6f:3c:6d:fb:51:88:f0:1e:c6: 08:e1:bb:45:2c:d3:bf:c5:30:7e:cf:a9:4b:28:ec: 83:07:c6:ef:bd:b0:ec:f1:be:6e:57:2f:0f:46:dd: b1:ba:43:e7:57:9d:63:12:6f:c1:fa:50:48:6e:b0: a4:af:97:7d:57:93:2f:1c:16:6d:a6:e5:35:62:ab: e2:46:ea:db:c8:c0:71:72:e7:d7:ee:de:0d:9a:64: a9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:80:90:B1:B9:42:51:2A:C2:9F:64:03:96:02:39:A3:F1:F0:1B:32 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:cd:ca:43:0c:e1:37:1c:7f:33:aa:a5:9f:fc:cc:93:04:be: 96:9f:12:d0:5e:de:4f:90:4a:e4:29:fb:85:c9:c2:d4:d1:aa: 3e:5c:69:34:81:65:7f:60:7e:ef:fd:15:ea:57:ce:0f:d9:42: e4:e5:3d:65:5d:af:48:b4:46:57:94:fa:b5:03:02:d5:34:81: 87:bb:ef:f4:e8:6d:20:ed:30:4d:2d:4f:d9:59:ed:48:84:80: 47:23:a0:29:fe:fb:1e:cd:73:99:8c:25:51:eb:31:2f:6b:81: a1:f7:5a:00:d7:17:74:42:36:af:a1:26:bd:06:fb:1b:e1:50: d8:21:0b:16:56:a4:72:47:45:44:5c:a1:ed:bc:66:06:6c:96: 9b:4b:be:3f:14:af:63:29:a1:a1:07:83:da:58:d0:8e:89:9f: f0:a6:38:a6:f3:bb:d6:20:03:f4:72:9b:d3:19:a5:cb:0b:23: 50:c9:25:8f:89:9e:23:12:cb:7e:37:2c:9b:e2:d3:d9:8a:37: 57:a5:38:17:bc:86:15:28:3e:a3:ce:6c:d5:d2:e6:09:51:6a: bb:17:21:06:73:b8:c7:10:63:44:2e:6e:3e:d1:f3:e7:bd:5d: ec:d9:99:8e:75:b1:2b:de:d0:2d:ba:2c:9f:96:41:64:97:8f: d9:8d:32:d9 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICFbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNTA2MjEy MDEyMTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2ODA5MEIxQjk0MjUx MkFDMjlGNjQwMzk2MDIzOUEzRjFGMDFCMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCSFPpf/Gw7kIQWyBb3Gnbq2u+aF6alJJMUGBmvm9kLIpq2GNrA oekTAHkX/NLu78vNrpbTgKO0xxeoIRIgd+5QNpHYNAMHkrTe/lp5q1o0mrR50Crc fRGVQkMh6goOjZa8pU2v+hfMjCk4OxnRUCFjabk6AmhsaGxziERnzKtPREVYszzL r27JuWFDTovsYzzO3nHv1NW390tifZ43KxCZXhpJaX+waSWot288bftRiPAexgjh u0Us07/FMH7PqUso7IMHxu+9sOzxvm5XLw9G3bG6Q+dXnWMSb8H6UEhusKSvl31X ky8cFm2m5TViq+JG6tvIwHFy59fu3g2aZKkHAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU5oCQsblCUSrCn2QDlgI5o/HwGzIwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvSWR5SFdXWEN1bUhS MnN1MGplNFVCVlNxV3U4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEDNykMM4TccfzOqpZ/8zJMEvpafEtBe3k+QSuQp+4XJwtTRqj5caTSBZX9g fu/9FepXzg/ZQuTlPWVdr0i0RleU+rUDAtU0gYe77/TobSDtME0tT9lZ7UiEgEcj oCn++x7Nc5mMJVHrMS9rgaH3WgDXF3RCNq+hJr0G+xvhUNghCxZWpHJHRURcoe28 ZgZslptLvj8Ur2MpoaEHg9pY0I6Jn/CmOKbzu9YgA/Rym9MZpcsLI1DJJY+JniMS y343LJvi09mKN1elOBe8hhUoPqPObNXS5glRarsXIQZzuMcQY0Qubj7R8+e9XezZ mY51sSve0C26LJ+WQWSXj9mNMtk= -----END CERTIFICATE-----Generated at Sat Jun 21 23:31:37 2025 by rpki-client