$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft File: vcTZgftYN_Id2VEGP1m0dd1WJTY.mft (raw, json) Hash identifier: QUHq+ht6S9MtIuwXvDL5EgWvFUmh1pbSebzJeQsyw/U= Subject key identifier: 48:ED:2D:04:59:DF:0F:E7:68:E6:07:DA:7C:6D:13:70:A3:01:41:9D Authority key identifier: BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36 Certificate issuer: /CN=BDC4D981FB5837F21DD951063F59B475DD562536 Certificate serial: 01DF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft Manifest number: 01DE Signing time: Tue 12 Aug 2025 05:02:02 +0000 Manifest this update: Tue 12 Aug 2025 05:02:02 +0000 Manifest next update: Tue 12 Aug 2025 11:02:02 +0000 Files and hashes: 1: ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa (hash: gR5LOmN4JF2dPB94elxL+UoXokAkI2kc2RKlgGd4ebs=) 2: vcTZgftYN_Id2VEGP1m0dd1WJTY.crl (hash: gM2WB+A29/V7cBhkja6wWarQE5s9aUCqcXEgp8qByxU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 08:04:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 479 (0x1df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDC4D981FB5837F21DD951063F59B475DD562536 Validity Not Before: Aug 12 05:02:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=48ED2D0459DF0FE768E607DA7C6D1370A301419D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:85:01:25:5d:b3:c7:08:4c:9d:8f:fb:8d:cc: f4:c4:07:1f:79:ca:fb:0d:18:3a:55:90:e8:6d:a6: 53:ed:b3:73:02:97:4d:46:3f:52:7d:2d:2a:9d:29: b0:92:90:d8:01:f3:25:ad:1f:dd:a1:17:0a:a4:69: d7:2e:a6:d1:2e:45:7b:ba:09:2d:c0:77:aa:d0:f5: cb:a3:50:a9:2f:7e:5a:a0:11:0b:96:c6:ff:49:78: 79:e4:59:a5:e2:b2:d0:82:37:69:da:01:40:4c:89: 3a:d1:c2:0b:d7:ea:5d:3e:7f:92:ed:ad:2b:b7:3e: ec:a9:b1:0e:34:16:c0:a2:8e:2f:c3:a0:06:0e:c6: 29:0e:62:a9:6a:9a:85:d9:32:83:51:7e:a0:e6:ab: 8d:e8:c2:45:7b:a1:94:9d:a5:04:29:32:a7:77:16: 8f:c7:e8:38:70:3f:43:8c:97:de:e7:3d:0e:e3:5d: e0:7d:70:c8:11:4d:16:a1:67:c6:94:11:6b:7e:c1: a6:1e:5a:43:06:58:74:49:a9:6f:b0:eb:54:ff:c2: ce:2e:61:27:de:29:59:21:92:1c:54:04:69:8b:70: 76:85:e4:83:21:38:3e:69:af:de:0e:9e:cb:27:a7: 40:06:b7:03:05:3f:3d:55:56:b3:44:b9:fc:2e:41: 58:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:ED:2D:04:59:DF:0F:E7:68:E6:07:DA:7C:6D:13:70:A3:01:41:9D X509v3 Authority Key Identifier: keyid:BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption da:b2:ce:f1:a0:ca:67:96:62:90:be:39:88:0e:04:3a:e6:83: ca:56:72:4b:de:09:ad:b0:1c:89:a5:14:23:94:a3:a4:95:8e: 2e:dd:c9:3c:ad:32:39:3e:2d:49:43:aa:88:b1:96:14:1f:3d: f0:e7:de:ad:fc:1b:8b:3f:b6:69:e5:58:57:14:a8:b2:de:36: f0:ea:83:cc:52:22:91:1e:4e:3a:ba:39:83:bb:df:02:75:74: 73:ab:3b:a4:0d:63:a1:d2:6f:6d:b3:fa:29:aa:6f:63:89:3f: 64:b4:66:68:aa:e7:af:27:fe:23:32:0e:68:f0:b3:58:7b:83: 92:70:e7:dc:50:da:e0:94:96:55:56:46:36:50:44:46:0d:fb: e3:4f:a3:8f:19:17:4a:01:d6:e1:ea:f1:d1:63:e9:40:c2:13: fa:37:e3:25:7c:a4:9f:0d:df:5f:bc:04:fa:f3:a5:41:01:35: 8f:d2:a5:ce:84:59:d3:18:b2:b2:cd:d0:10:84:75:a7:91:4a: bf:a3:a9:c0:86:36:be:01:4e:93:f6:96:02:ce:35:15:f9:7a: ab:5e:28:bb:60:3d:eb:37:c6:04:89:9a:e1:8a:44:47:cd:c5: 5d:a5:c3:f4:47:dd:47:ce:42:45:fb:b3:7f:44:ee:04:b2:ba: de:ea:fc:a1 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRD NEQ5ODFGQjU4MzdGMjFERDk1MTA2M0Y1OUI0NzVERDU2MjUzNjAeFw0yNTA4MTIw NTAyMDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ4RUQyRDA0NTlERjBG RTc2OEU2MDdEQTdDNkQxMzcwQTMwMTQxOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDShQElXbPHCEydj/uNzPTEBx95yvsNGDpVkOhtplPts3MCl01G P1J9LSqdKbCSkNgB8yWtH92hFwqkadcuptEuRXu6CS3Ad6rQ9cujUKkvflqgEQuW xv9JeHnkWaXistCCN2naAUBMiTrRwgvX6l0+f5LtrSu3PuypsQ40FsCiji/DoAYO xikOYqlqmoXZMoNRfqDmq43owkV7oZSdpQQpMqd3Fo/H6DhwP0OMl97nPQ7jXeB9 cMgRTRahZ8aUEWt+waYeWkMGWHRJqW+w61T/ws4uYSfeKVkhkhxUBGmLcHaF5IMh OD5pr94Onssnp0AGtwMFPz1VVrNEufwuQVgNAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUSO0tBFnfD+do5gfafG0TcKMBQZ0wHwYDVR0jBBgwFoAUvcTZgftYN/Id2VEG P1m0dd1WJTYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY2 Mi92Y1RaZ2Z0WU5fSWQyVkVHUDFtMGRkMVdKVFkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZjVFpnZnRZTl9JZDJWRUdQMW0wZGQxV0pUWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NjIvdmNUWmdmdFlOX0lk MlZFR1AxbTBkZDFXSlRZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBANqyzvGgymeWYpC+OYgOBDrmg8pWckveCa2wHImlFCOUo6SVji7dyTytMjk+ LUlDqoixlhQfPfDn3q38G4s/tmnlWFcUqLLeNvDqg8xSIpEeTjq6OYO73wJ1dHOr O6QNY6HSb22z+imqb2OJP2S0Zmiq568n/iMyDmjws1h7g5Jw59xQ2uCUllVWRjZQ REYN++NPo48ZF0oB1uHq8dFj6UDCE/o34yV8pJ8N31+8BPrzpUEBNY/Spc6EWdMY srLN0BCEdaeRSr+jqcCGNr4BTpP2lgLONRX5eqteKLtgPes3xgSJmuGKREfNxV2l w/RH3UfOQkX7s39E7gSyut7q/KE= -----END CERTIFICATE-----Generated at Tue Aug 12 06:34:48 2025 by rpki-client