$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft File: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft (raw, json) Hash identifier: xXqlpuPINWI4tUq4Q5CaOR2LybkygCiJcOcm6peUNyI= Subject key identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C Authority key identifier: 19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03 Certificate issuer: /CN=193519DD773C40D04F641CC44558D3461297B003 Certificate serial: 1E9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft Manifest number: 1E94 Signing time: Fri 20 Jun 2025 06:09:29 +0000 Manifest this update: Fri 20 Jun 2025 06:09:29 +0000 Manifest next update: Fri 20 Jun 2025 12:09:29 +0000 Files and hashes: 1: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl (hash: 7Me4t2FlIXa2pispMf9BNo1L8bOh77zIOWuNp28SE5g=) 2: ofWDTuZdBsoEHdpdD-hMueJn7lQ.roa (hash: mtF01OQZB4FrXLC5rgApOcnJP5/2xm8KbS60Erj6vHw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 12:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7834 (0x1e9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=193519DD773C40D04F641CC44558D3461297B003 Validity Not Before: Jun 20 06:09:29 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=857AD43056F6EE38F2F239E3647797B73033927C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:11:dd:56:1b:93:a0:3a:ef:10:8b:28:0a:3b: 80:72:e5:0d:2a:45:a7:77:3b:65:87:c9:2d:77:ed: 19:66:30:f1:eb:74:54:4d:1f:99:1b:08:56:fa:bd: 45:26:25:3f:ea:1e:22:30:c6:39:ef:5f:39:67:0f: 7b:f7:c5:76:98:2e:bf:f4:a0:ea:b6:8a:f1:39:ba: 1a:02:bf:57:62:fc:c2:15:54:66:9c:d6:d0:09:60: 49:68:ab:0d:24:71:44:d1:4f:86:86:c2:40:15:43: e3:95:ef:92:6b:18:82:77:e5:b8:b0:1f:4f:7e:52: f1:86:79:05:3c:90:f5:35:c7:b7:68:ca:97:18:4d: 79:51:4a:a6:76:fa:62:a1:a7:5e:87:6d:87:a2:81: 6d:c5:f3:40:f6:96:1e:98:22:d3:ba:9d:31:07:c8: 9e:fc:0f:48:05:65:cc:45:fe:76:5c:44:a5:67:45: 98:37:83:95:6b:cf:66:f6:7b:ee:43:87:a3:7e:21: b8:85:e6:0b:74:04:ba:bd:d2:e8:79:54:61:df:ee: bd:16:41:6f:aa:a8:37:a4:0e:35:2e:e0:46:f0:12: ba:76:89:8c:f8:67:89:92:22:24:11:1c:8d:d6:31: 01:18:43:1b:0f:0d:2d:93:eb:78:47:3f:5a:57:52: 82:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C X509v3 Authority Key Identifier: keyid:19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:c5:be:a8:3f:ed:85:85:05:c8:61:1a:12:41:dc:21:dd:ae: 66:d7:9f:80:8e:97:3b:64:25:4d:19:79:b4:2e:3a:68:32:99: 36:b7:53:93:c5:f1:fb:4c:58:d2:ad:d7:49:85:f9:e3:3b:48: 57:c6:7e:89:a8:bc:40:a2:fa:48:3a:ff:cb:c0:e0:70:a6:10: 50:c9:34:e5:df:3a:1c:6a:89:4f:d7:bc:b5:d1:18:00:63:be: 57:4d:fe:97:f5:37:1e:42:62:3c:f4:23:ca:8d:0f:71:77:93: 42:58:f4:36:eb:0c:71:8a:7f:bd:e3:10:cf:53:59:6d:80:ed: 82:4d:e6:82:88:28:87:a2:5f:f9:df:69:2f:aa:39:0f:40:7c: 8a:e5:c3:14:af:d5:1c:40:2f:c4:e2:4b:c3:5d:ff:27:d7:c7: 53:00:c9:3b:25:7b:04:78:78:f0:64:7b:77:d7:75:cc:e1:c7: bd:4d:bd:e6:9a:38:cd:6a:43:98:15:02:fb:f5:8a:37:e4:83: be:e4:4b:08:c3:f6:da:c0:b6:b2:d0:42:cd:12:96:7c:9c:0c: c2:bb:c6:da:68:1a:94:13:6e:ae:05:85:6f:5e:d3:b8:b8:15: 6a:d0:86:2a:c1:c2:b1:c8:d7:9e:7e:19:8b:94:87:a1:c6:a3: 5a:75:a3:f7 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTkz NTE5REQ3NzNDNDBEMDRGNjQxQ0M0NDU1OEQzNDYxMjk3QjAwMzAeFw0yNTA2MjAw NjA5MjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg1N0FENDMwNTZGNkVF MzhGMkYyMzlFMzY0Nzc5N0I3MzAzMzkyN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPEd1WG5OgOu8QiygKO4By5Q0qRad3O2WHyS137RlmMPHrdFRN H5kbCFb6vUUmJT/qHiIwxjnvXzlnD3v3xXaYLr/0oOq2ivE5uhoCv1di/MIVVGac 1tAJYEloqw0kcUTRT4aGwkAVQ+OV75JrGIJ35biwH09+UvGGeQU8kPU1x7doypcY TXlRSqZ2+mKhp16HbYeigW3F80D2lh6YItO6nTEHyJ78D0gFZcxF/nZcRKVnRZg3 g5Vrz2b2e+5Dh6N+IbiF5gt0BLq90uh5VGHf7r0WQW+qqDekDjUu4EbwErp2iYz4 Z4mSIiQRHI3WMQEYQxsPDS2T63hHP1pXUoLZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUhXrUMFb27jjy8jnjZHeXtzAzknwwHwYDVR0jBBgwFoAUGTUZ3Xc8QNBPZBzE RVjTRhKXsAMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkw My9HVFVaM1hjOFFOQlBaQnpFUlZqVFJoS1hzQU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dUVVozWGM4UU5CUFpCekVSVmpUUmhLWHNBTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5MDMvR1RVWjNYYzhRTkJQ WkJ6RVJWalRSaEtYc0FNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAD/Fvqg/7YWFBchhGhJB3CHdrmbXn4COlztkJU0ZebQuOmgymTa3U5PF8ftM WNKt10mF+eM7SFfGfomovECi+kg6/8vA4HCmEFDJNOXfOhxqiU/XvLXRGABjvldN /pf1Nx5CYjz0I8qND3F3k0JY9DbrDHGKf73jEM9TWW2A7YJN5oKIKIeiX/nfaS+q OQ9AfIrlwxSv1RxAL8TiS8Nd/yfXx1MAyTslewR4ePBke3fXdczhx71NveaaOM1q Q5gVAvv1ijfkg77kSwjD9trAtrLQQs0SlnycDMK7xtpoGpQTbq4FhW9e07i4FWrQ hirBwrHI155+GYuUh6HGo1p1o/c= -----END CERTIFICATE-----Generated at Fri Jun 20 11:44:27 2025 by rpki-client