$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft File: 5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft (raw, json) Hash identifier: Bzr7G6pwZNmuEINGb4dRKg9Qcd2aamhIoRi9wOEHTSY= Subject key identifier: C8:78:A0:D0:50:B9:93:35:16:51:7E:A5:08:7E:BA:12:24:41:2D:63 Authority key identifier: E5:ED:C5:64:FE:8B:02:F2:CF:87:00:93:BB:FD:DC:32:7D:6D:93:95 Certificate issuer: /CN=E5EDC564FE8B02F2CF870093BBFDDC327D6D9395 Certificate serial: 1D21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft Manifest number: 1D21 Signing time: Sat 26 Apr 2025 06:37:20 +0000 Manifest this update: Sat 26 Apr 2025 06:37:20 +0000 Manifest next update: Sat 26 Apr 2025 12:37:20 +0000 Files and hashes: 1: 5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl (hash: b+4/ikML1u1JAWEzVKdxXkNhNNnlFnzfTmsazbX8JsM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 12:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7457 (0x1d21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5EDC564FE8B02F2CF870093BBFDDC327D6D9395 Validity Not Before: Apr 26 06:37:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C878A0D050B9933516517EA5087EBA1224412D63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:23:3f:58:00:f8:4d:85:6d:6f:ef:7d:5b:80: b1:14:d9:33:7e:2a:3c:4a:40:6e:b4:29:f8:90:f2: 8b:d4:49:d1:9a:0b:ed:d7:e0:8c:bb:a3:7e:30:ec: 1e:a5:d9:89:32:0c:63:44:c5:a8:e8:d3:b2:e5:9f: 5e:f4:23:d9:7c:e7:09:8b:38:36:aa:9a:07:e0:00: 42:15:39:f5:36:a3:2e:3a:3c:aa:5c:07:6b:79:a7: b5:02:02:1e:a8:ab:1d:ea:5d:f9:db:8c:7c:0f:1b: 3f:3c:75:b1:37:2a:86:58:68:50:c2:95:1f:02:05: 79:3c:06:55:8f:42:c2:d8:f4:fc:d2:79:20:3c:c9: 1b:d5:2f:41:96:af:7e:2b:b5:e9:2a:12:35:79:e5: 44:c8:05:0f:4d:c8:65:32:fd:30:0d:49:b0:e9:84: 8d:5c:e1:22:84:7d:29:62:c0:fb:d4:88:65:d5:65: 1c:66:1c:6f:4c:07:1a:2c:0e:44:f8:63:9d:c7:08: 8b:83:d7:af:b2:c0:b3:47:79:fe:0f:f5:da:cc:8b: 7f:a5:59:6f:ef:65:2f:f5:30:63:ee:b6:73:46:5a: df:4b:07:20:4f:55:2a:c7:8d:d1:49:c0:58:42:e6: 15:86:b6:04:aa:b0:9f:54:69:3f:1b:61:86:83:18: be:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:78:A0:D0:50:B9:93:35:16:51:7E:A5:08:7E:BA:12:24:41:2D:63 X509v3 Authority Key Identifier: keyid:E5:ED:C5:64:FE:8B:02:F2:CF:87:00:93:BB:FD:DC:32:7D:6D:93:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:85:4a:37:5f:86:52:d3:f7:4c:15:09:ec:a1:33:30:06:9f: 11:05:b2:e3:7e:e1:9a:73:57:ba:2a:e7:fa:18:88:27:41:54: 84:cb:b0:4a:44:fb:7d:8c:1e:a5:62:33:18:9b:f5:b2:45:04: 01:bd:88:59:94:be:8f:3b:2d:d8:11:69:18:fd:96:6e:5e:6c: 7c:d6:7d:40:78:61:ee:82:27:3e:6d:fd:8f:ab:0a:2a:35:78: b6:27:15:e2:67:82:94:7c:d6:00:a3:67:b8:a0:f4:e4:74:0e: be:01:97:2a:20:5b:2e:ad:0e:d9:a8:21:19:91:79:fc:5e:b3: 8f:b9:54:4c:bc:6c:a5:4a:23:7a:26:9b:87:7c:77:fc:4c:21: 42:c3:16:0f:b9:b7:e7:f8:4d:45:8c:ff:05:85:14:c0:ac:16: 31:c6:f3:96:f4:df:91:46:ed:e6:6f:b4:5f:f3:b1:a4:21:9e: ba:ec:15:c0:b4:69:40:6a:3b:09:bf:00:9b:5a:28:10:05:17: 79:29:6b:a9:22:30:67:11:d2:85:68:06:d6:eb:0f:44:7d:0a: a3:b4:ab:40:a6:5d:76:5e:db:3a:1b:c3:ba:d1:29:34:e3:da: 4f:c3:34:86:10:92:02:47:9f:e6:34:e8:9b:ae:a6:c8:e6:cd: a0:6e:00:21 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVF REM1NjRGRThCMDJGMkNGODcwMDkzQkJGRERDMzI3RDZEOTM5NTAeFw0yNTA0MjYw NjM3MjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM4NzhBMEQwNTBCOTkz MzUxNjUxN0VBNTA4N0VCQTEyMjQ0MTJENjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNIz9YAPhNhW1v731bgLEU2TN+KjxKQG60KfiQ8ovUSdGaC+3X 4Iy7o34w7B6l2YkyDGNExajo07Lln170I9l85wmLODaqmgfgAEIVOfU2oy46PKpc B2t5p7UCAh6oqx3qXfnbjHwPGz88dbE3KoZYaFDClR8CBXk8BlWPQsLY9PzSeSA8 yRvVL0GWr34rtekqEjV55UTIBQ9NyGUy/TANSbDphI1c4SKEfSliwPvUiGXVZRxm HG9MBxosDkT4Y53HCIuD16+ywLNHef4P9drMi3+lWW/vZS/1MGPutnNGWt9LByBP VSrHjdFJwFhC5hWGtgSqsJ9UaT8bYYaDGL53AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUyHig0FC5kzUWUX6lCH66EiRBLWMwHwYDVR0jBBgwFoAU5e3FZP6LAvLPhwCT u/3cMn1tk5UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 OC81ZTNGWlA2TEF2TFBod0NUdV8zY01uMXRrNVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVlM0ZaUDZMQXZMUGh3Q1R1XzNjTW4xdGs1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDgvNWUzRlpQNkxBdkxQ aHdDVHVfM2NNbjF0azVVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAL2FSjdfhlLT90wVCeyhMzAGnxEFsuN+4ZpzV7oq5/oYiCdBVITLsEpE+32M HqViMxib9bJFBAG9iFmUvo87LdgRaRj9lm5ebHzWfUB4Ye6CJz5t/Y+rCio1eLYn FeJngpR81gCjZ7ig9OR0Dr4BlyogWy6tDtmoIRmRefxes4+5VEy8bKVKI3omm4d8 d/xMIULDFg+5t+f4TUWM/wWFFMCsFjHG85b035FG7eZvtF/zsaQhnrrsFcC0aUBq Owm/AJtaKBAFF3kpa6kiMGcR0oVoBtbrD0R9CqO0q0CmXXZe2zobw7rRKTTj2k/D NIYQkgJHn+Y06JuupsjmzaBuACE= -----END CERTIFICATE-----Generated at Sat Apr 26 12:33:41 2025 by rpki-client