$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft (raw, json) Hash identifier: V9p9L+4lSzR9tcbgFjmqv4XRDMEs77+ok5RZAn0/t28= Subject key identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 0A0D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft Manifest number: 0A0A Signing time: Sat 21 Jun 2025 11:16:57 +0000 Manifest this update: Sat 21 Jun 2025 11:16:57 +0000 Manifest next update: Sat 21 Jun 2025 17:16:57 +0000 Files and hashes: 1: SGpuOxsalusTzpYR3fphfkpzMVY.roa (hash: YMN9QVglyHTZ+uAe4m7iUyKbPe/xcnJgsyMEy+dbYZI=) 2: kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl (hash: m4O//hZ3PNZWg/jWrNUt5aR7jqaQ9ou7/S3RA7fpqkc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:16:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2573 (0xa0d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Jun 21 11:16:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F7CE7231FE6F7D35AC67E125130F01403245BBCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:17:cd:57:be:fe:14:84:57:30:f0:64:79:4f: fe:86:52:f9:94:99:db:ee:be:6b:7c:2e:c6:ad:a7: d2:8f:b5:7b:ea:3b:38:7d:1d:b7:ec:45:19:15:95: 0a:c3:56:ba:78:7b:ea:a0:5b:fc:09:f9:8c:2f:33: 36:a8:c7:a2:89:ef:ab:26:8f:90:e4:8c:f1:90:02: 6f:3c:40:d3:e8:96:70:1a:d4:d6:c2:4e:95:c2:9a: 12:9e:ec:9f:ab:8f:64:45:bc:54:43:a2:fa:46:16: 9f:3c:32:7e:26:a3:47:f3:1a:87:0b:67:c8:c4:e3: 23:ed:62:52:b1:bc:a6:5e:e7:66:ec:e0:c6:a7:25: d2:ea:75:e5:81:9d:b0:8b:d7:ee:98:06:11:f2:35: d1:87:7c:a5:02:89:e0:65:e5:b4:05:38:fe:d9:e9: 6e:92:b0:2f:28:b2:59:0c:66:27:a0:aa:a5:01:ac: 58:eb:7e:3d:12:fb:eb:0f:a1:9b:02:cf:2f:e2:70: f5:40:fa:b3:92:25:64:a1:eb:a0:cd:57:11:b8:f4: 35:e2:92:21:db:d8:b5:86:1d:02:a2:e9:d8:31:1e: 0b:7a:da:5b:df:0c:bc:2c:c3:75:e1:89:27:97:cb: 12:7c:a2:ac:8e:ba:9a:2f:e9:21:78:35:47:61:d7: df:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:32:c3:03:e7:34:34:73:64:90:f8:64:ef:ae:84:66:d4:03: 6e:7c:70:ce:80:a4:b4:e4:c6:36:af:71:e0:c5:88:17:3c:85: 5e:bf:0f:10:fa:73:e7:45:6b:ad:0e:6f:96:64:13:51:55:22: 2a:02:cf:81:91:78:f7:57:2a:05:75:6f:2d:9a:b3:af:79:f9: 73:ec:96:0a:c2:af:5d:ee:a6:cd:53:99:bb:fb:65:3e:98:68: f2:c1:9d:22:43:79:3a:0c:84:76:db:a8:de:5e:2e:7b:36:6a: a8:dd:eb:32:dd:96:f5:80:a5:9d:64:5d:30:fd:7d:63:a2:1b: 28:6b:90:da:ed:47:ac:14:93:20:59:1c:8a:87:52:8a:a0:50: 0d:11:8f:3e:1c:39:29:ab:4a:d0:6c:1d:c9:c9:50:dc:76:04: 54:49:e6:41:aa:31:2e:05:12:4d:0a:21:58:42:97:8b:87:f2: cf:50:3d:f2:b1:6d:60:54:26:b2:39:6b:a4:f2:79:a8:9e:44: fb:45:f0:78:d2:8c:80:a0:a1:b3:87:ae:48:68:32:c6:21:61: eb:03:85:ef:28:00:b5:5a:cb:d5:f8:5d:38:cb:ad:87:d1:71: 6d:9f:b8:71:7a:5e:e4:9b:ab:57:7c:de:41:3a:12:13:20:3d: 7f:c6:fb:1b -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCg0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNTA2MjEx MTE2NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY3Q0U3MjMxRkU2RjdE MzVBQzY3RTEyNTEzMEYwMTQwMzI0NUJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCVF81Xvv4UhFcw8GR5T/6GUvmUmdvuvmt8Lsatp9KPtXvqOzh9 HbfsRRkVlQrDVrp4e+qgW/wJ+YwvMzaox6KJ76smj5DkjPGQAm88QNPolnAa1NbC TpXCmhKe7J+rj2RFvFRDovpGFp88Mn4mo0fzGocLZ8jE4yPtYlKxvKZe52bs4Man JdLqdeWBnbCL1+6YBhHyNdGHfKUCieBl5bQFOP7Z6W6SsC8oslkMZiegqqUBrFjr fj0S++sPoZsCzy/icPVA+rOSJWSh66DNVxG49DXikiHb2LWGHQKi6dgxHgt62lvf DLwsw3XhiSeXyxJ8oqyOupov6SF4NUdh19+vAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU985yMf5vfTWsZ+ElEw8BQDJFu84wHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgva1BNT0hmTW4wUU9R Znh2Z2p0UHFaTC0zZU9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJ0ywwPnNDRzZJD4ZO+uhGbUA258cM6ApLTkxjavceDFiBc8hV6/DxD6c+dF a60Ob5ZkE1FVIioCz4GRePdXKgV1by2as695+XPslgrCr13ups1Tmbv7ZT6YaPLB nSJDeToMhHbbqN5eLns2aqjd6zLdlvWApZ1kXTD9fWOiGyhrkNrtR6wUkyBZHIqH UoqgUA0Rjz4cOSmrStBsHcnJUNx2BFRJ5kGqMS4FEk0KIVhCl4uH8s9QPfKxbWBU JrI5a6TyeaieRPtF8HjSjICgobOHrkhoMsYhYesDhe8oALVay9X4XTjLrYfRcW2f uHF6XuSbq1d83kE6EhMgPX/G+xs= -----END CERTIFICATE-----Generated at Sat Jun 21 16:17:54 2025 by rpki-client