$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft File: IdyHWWXCumHR2su0je4UBVSqWu8.mft (raw, json) Hash identifier: cDRfMPQq+lVILiqhSDhHIHWxQVUZnJRvOmGQjab/Bdo= Subject key identifier: E6:80:90:B1:B9:42:51:2A:C2:9F:64:03:96:02:39:A3:F1:F0:1B:32 Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Certificate serial: 149C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft Manifest number: 1493 Signing time: Sat 26 Apr 2025 11:07:14 +0000 Manifest this update: Sat 26 Apr 2025 11:07:14 +0000 Manifest next update: Sat 26 Apr 2025 17:07:14 +0000 Files and hashes: 1: IdyHWWXCumHR2su0je4UBVSqWu8.crl (hash: J3o8Y7L6dfjUiVns7CVLT7MPVzWusC05udnjZ5zKYVA=) 2: ZuvQbTH8ZAJqK3Bv4oQXcXDGOM8.roa (hash: vBuDQxOioQeWVe9lqMaBkRts1ZbtGfixeSvj7yTqxCE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 17:07:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5276 (0x149c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF Validity Not Before: Apr 26 11:07:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E68090B1B942512AC29F6403960239A3F1F01B32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:14:fa:5f:fc:6c:3b:90:84:16:c8:16:f7:1a: 76:ea:da:ef:9a:17:a6:a5:24:93:14:18:19:af:9b: d9:0b:22:9a:b6:18:da:c0:a1:e9:13:00:79:17:fc: d2:ee:ef:cb:cd:ae:96:d3:80:a3:b4:c7:17:a8:21: 12:20:77:ee:50:36:91:d8:34:03:07:92:b4:de:fe: 5a:79:ab:5a:34:9a:b4:79:d0:2a:dc:7d:11:95:42: 43:21:ea:0a:0e:8d:96:bc:a5:4d:af:fa:17:cc:8c: 29:38:3b:19:d1:50:21:63:69:b9:3a:02:68:6c:68: 6c:73:88:44:67:cc:ab:4f:44:45:58:b3:3c:cb:af: 6e:c9:b9:61:43:4e:8b:ec:63:3c:ce:de:71:ef:d4: d5:b7:f7:4b:62:7d:9e:37:2b:10:99:5e:1a:49:69: 7f:b0:69:25:a8:b7:6f:3c:6d:fb:51:88:f0:1e:c6: 08:e1:bb:45:2c:d3:bf:c5:30:7e:cf:a9:4b:28:ec: 83:07:c6:ef:bd:b0:ec:f1:be:6e:57:2f:0f:46:dd: b1:ba:43:e7:57:9d:63:12:6f:c1:fa:50:48:6e:b0: a4:af:97:7d:57:93:2f:1c:16:6d:a6:e5:35:62:ab: e2:46:ea:db:c8:c0:71:72:e7:d7:ee:de:0d:9a:64: a9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:80:90:B1:B9:42:51:2A:C2:9F:64:03:96:02:39:A3:F1:F0:1B:32 X509v3 Authority Key Identifier: keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:d2:52:86:04:08:2e:78:9d:e9:0a:47:2e:d3:b7:b5:83:5b: 48:d6:ea:72:7f:9b:b3:9a:a7:a2:96:cc:27:37:70:81:ba:bd: 2c:e2:79:ac:ab:b0:62:50:15:b5:68:a7:f3:91:f7:d7:05:c4: 09:05:fb:4c:63:db:7c:17:85:e6:2d:5f:bc:4e:30:c6:dd:ed: 20:fa:c3:fd:13:a1:16:be:5f:64:66:c6:ed:07:4a:34:cb:ed: 8b:a4:d7:c4:37:18:92:27:9b:cc:3e:0c:f7:e3:4f:b9:e7:a7: c8:c0:3d:52:fb:97:65:ed:d8:74:c1:94:87:50:b5:31:ec:1c: bc:7d:29:fc:9e:c3:42:3e:f4:65:2b:22:b5:dd:19:02:03:5b: 67:0d:74:ed:54:90:5a:20:81:d9:84:57:97:e5:1b:4e:89:d2: 67:4b:c1:28:4e:bb:a9:47:80:e3:63:b4:91:a7:71:6e:05:aa: c2:c9:2d:e8:81:82:f0:53:4d:97:8f:83:e8:f5:82:22:57:3b: a2:e3:42:3d:ce:26:c0:f7:ab:3a:59:10:df:a3:2d:d0:d3:cf: 68:f6:6b:a4:6e:fb:88:ce:a8:f3:4b:4a:86:3c:af:b2:21:e9: 26:f0:18:cb:bf:55:47:71:93:9f:f2:7a:34:a1:00:e7:73:b6: 66:a6:e4:47 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICFJwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNTA0MjYx MTA3MTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2ODA5MEIxQjk0MjUx MkFDMjlGNjQwMzk2MDIzOUEzRjFGMDFCMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCSFPpf/Gw7kIQWyBb3Gnbq2u+aF6alJJMUGBmvm9kLIpq2GNrA oekTAHkX/NLu78vNrpbTgKO0xxeoIRIgd+5QNpHYNAMHkrTe/lp5q1o0mrR50Crc fRGVQkMh6goOjZa8pU2v+hfMjCk4OxnRUCFjabk6AmhsaGxziERnzKtPREVYszzL r27JuWFDTovsYzzO3nHv1NW390tifZ43KxCZXhpJaX+waSWot288bftRiPAexgjh u0Us07/FMH7PqUso7IMHxu+9sOzxvm5XLw9G3bG6Q+dXnWMSb8H6UEhusKSvl31X ky8cFm2m5TViq+JG6tvIwHFy59fu3g2aZKkHAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU5oCQsblCUSrCn2QDlgI5o/HwGzIwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0 je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvSWR5SFdXWEN1bUhS MnN1MGplNFVCVlNxV3U4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJjSUoYECC54nekKRy7Tt7WDW0jW6nJ/m7Oap6KWzCc3cIG6vSzieayrsGJQ FbVop/OR99cFxAkF+0xj23wXheYtX7xOMMbd7SD6w/0ToRa+X2Rmxu0HSjTL7Yuk 18Q3GJInm8w+DPfjT7nnp8jAPVL7l2Xt2HTBlIdQtTHsHLx9Kfyew0I+9GUrIrXd GQIDW2cNdO1UkFoggdmEV5flG06J0mdLwShOu6lHgONjtJGncW4FqsLJLeiBgvBT TZePg+j1giJXO6LjQj3OJsD3qzpZEN+jLdDTz2j2a6Ru+4jOqPNLSoY8r7Ih6Sbw GMu/VUdxk5/yejShAOdztmam5Ec= -----END CERTIFICATE-----Generated at Sat Apr 26 14:39:35 2025 by rpki-client