$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft File: 5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft (raw, json) Hash identifier: 65mHEaF3zhUm8q4zu+5iPe+3Y4+DMsuDfiJ7RpwRxOw= Subject key identifier: C8:78:A0:D0:50:B9:93:35:16:51:7E:A5:08:7E:BA:12:24:41:2D:63 Authority key identifier: E5:ED:C5:64:FE:8B:02:F2:CF:87:00:93:BB:FD:DC:32:7D:6D:93:95 Certificate issuer: /CN=E5EDC564FE8B02F2CF870093BBFDDC327D6D9395 Certificate serial: 1F3E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft Manifest number: 1F3E Signing time: Wed 13 Aug 2025 16:02:45 +0000 Manifest this update: Wed 13 Aug 2025 16:02:45 +0000 Manifest next update: Wed 13 Aug 2025 22:02:45 +0000 Files and hashes: 1: 5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl (hash: e0c2RbbWelVfXqzSVJlESHeNYVrHShpZ8J5zUEIguYs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 20:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7998 (0x1f3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5EDC564FE8B02F2CF870093BBFDDC327D6D9395 Validity Not Before: Aug 13 16:02:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C878A0D050B9933516517EA5087EBA1224412D63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:23:3f:58:00:f8:4d:85:6d:6f:ef:7d:5b:80: b1:14:d9:33:7e:2a:3c:4a:40:6e:b4:29:f8:90:f2: 8b:d4:49:d1:9a:0b:ed:d7:e0:8c:bb:a3:7e:30:ec: 1e:a5:d9:89:32:0c:63:44:c5:a8:e8:d3:b2:e5:9f: 5e:f4:23:d9:7c:e7:09:8b:38:36:aa:9a:07:e0:00: 42:15:39:f5:36:a3:2e:3a:3c:aa:5c:07:6b:79:a7: b5:02:02:1e:a8:ab:1d:ea:5d:f9:db:8c:7c:0f:1b: 3f:3c:75:b1:37:2a:86:58:68:50:c2:95:1f:02:05: 79:3c:06:55:8f:42:c2:d8:f4:fc:d2:79:20:3c:c9: 1b:d5:2f:41:96:af:7e:2b:b5:e9:2a:12:35:79:e5: 44:c8:05:0f:4d:c8:65:32:fd:30:0d:49:b0:e9:84: 8d:5c:e1:22:84:7d:29:62:c0:fb:d4:88:65:d5:65: 1c:66:1c:6f:4c:07:1a:2c:0e:44:f8:63:9d:c7:08: 8b:83:d7:af:b2:c0:b3:47:79:fe:0f:f5:da:cc:8b: 7f:a5:59:6f:ef:65:2f:f5:30:63:ee:b6:73:46:5a: df:4b:07:20:4f:55:2a:c7:8d:d1:49:c0:58:42:e6: 15:86:b6:04:aa:b0:9f:54:69:3f:1b:61:86:83:18: be:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:78:A0:D0:50:B9:93:35:16:51:7E:A5:08:7E:BA:12:24:41:2D:63 X509v3 Authority Key Identifier: keyid:E5:ED:C5:64:FE:8B:02:F2:CF:87:00:93:BB:FD:DC:32:7D:6D:93:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5e3FZP6LAvLPhwCTu_3cMn1tk5U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2748/5e3FZP6LAvLPhwCTu_3cMn1tk5U.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:11:67:4e:98:24:10:93:d3:9d:8b:77:56:d1:4c:a9:65:41: cd:af:33:d1:9e:2d:e4:70:dc:ff:b2:0e:61:2a:58:ec:ab:2a: 5c:9e:8d:f7:57:cf:80:ee:46:44:29:8d:89:20:7c:d1:97:93: cc:a6:70:9c:29:31:57:89:d6:f4:df:a4:76:c9:a6:34:99:68: 85:8c:bf:c1:bb:aa:24:1d:65:bb:c5:01:19:dd:e9:2b:b0:00: 2b:8f:0b:8a:1a:b6:c9:68:41:5d:b9:ed:df:61:ff:f0:fd:af: 4f:7e:09:3a:5e:01:56:4e:12:c2:1c:0f:18:c3:b1:89:bb:2d: 9f:ed:75:88:20:f4:d9:49:e3:0e:b2:f9:5d:79:05:64:e2:6b: 9a:cc:c4:67:3f:24:b2:ca:a4:5c:de:97:dc:1c:f5:0c:d6:5d: df:c2:19:4b:c0:a9:c6:99:73:29:d7:36:18:75:08:04:20:8e: 53:9b:dd:39:23:b1:eb:d7:f9:d9:45:b3:65:06:c4:3a:b9:5a: 22:b5:a4:57:f1:4d:8b:a0:af:10:25:bc:d5:82:e5:02:66:eb: 04:ae:c5:43:0d:ac:d0:eb:c2:31:b9:be:70:7e:16:7a:54:7f: e5:43:95:88:c3:43:4a:a1:3b:3f:26:93:81:b9:46:5f:1a:b0: ae:cc:d4:68 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVF REM1NjRGRThCMDJGMkNGODcwMDkzQkJGRERDMzI3RDZEOTM5NTAeFw0yNTA4MTMx NjAyNDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM4NzhBMEQwNTBCOTkz MzUxNjUxN0VBNTA4N0VCQTEyMjQ0MTJENjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNIz9YAPhNhW1v731bgLEU2TN+KjxKQG60KfiQ8ovUSdGaC+3X 4Iy7o34w7B6l2YkyDGNExajo07Lln170I9l85wmLODaqmgfgAEIVOfU2oy46PKpc B2t5p7UCAh6oqx3qXfnbjHwPGz88dbE3KoZYaFDClR8CBXk8BlWPQsLY9PzSeSA8 yRvVL0GWr34rtekqEjV55UTIBQ9NyGUy/TANSbDphI1c4SKEfSliwPvUiGXVZRxm HG9MBxosDkT4Y53HCIuD16+ywLNHef4P9drMi3+lWW/vZS/1MGPutnNGWt9LByBP VSrHjdFJwFhC5hWGtgSqsJ9UaT8bYYaDGL53AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUyHig0FC5kzUWUX6lCH66EiRBLWMwHwYDVR0jBBgwFoAU5e3FZP6LAvLPhwCT u/3cMn1tk5UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 OC81ZTNGWlA2TEF2TFBod0NUdV8zY01uMXRrNVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVlM0ZaUDZMQXZMUGh3Q1R1XzNjTW4xdGs1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDgvNWUzRlpQNkxBdkxQ aHdDVHVfM2NNbjF0azVVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFwRZ06YJBCT052Ld1bRTKllQc2vM9GeLeRw3P+yDmEqWOyrKlyejfdXz4Du RkQpjYkgfNGXk8ymcJwpMVeJ1vTfpHbJpjSZaIWMv8G7qiQdZbvFARnd6SuwACuP C4oatsloQV257d9h//D9r09+CTpeAVZOEsIcDxjDsYm7LZ/tdYgg9NlJ4w6y+V15 BWTia5rMxGc/JLLKpFzel9wc9QzWXd/CGUvAqcaZcynXNhh1CAQgjlOb3TkjsevX +dlFs2UGxDq5WiK1pFfxTYugrxAlvNWC5QJm6wSuxUMNrNDrwjG5vnB+FnpUf+VD lYjDQ0qhOz8mk4G5Rl8asK7M1Gg= -----END CERTIFICATE-----Generated at Wed Aug 13 19:05:44 2025 by rpki-client