$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft File: hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft (raw, json) Hash identifier: GmQCDv1ohw4s9YD62+BlPOQ0YZkRE7neAHoOZldeSIQ= Subject key identifier: 4D:28:36:42:2D:A4:F1:4F:8E:8A:7E:1D:DA:A1:7B:D2:F2:CF:62:79 Authority key identifier: 85:7F:20:86:98:A2:49:A0:59:60:79:DE:4F:3D:AE:5F:A7:B9:67:54 Certificate issuer: /CN=857F208698A249A0596079DE4F3DAE5FA7B96754 Certificate serial: 0A02 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft Manifest number: 0A02 Signing time: Sat 21 Jun 2025 11:13:41 +0000 Manifest this update: Sat 21 Jun 2025 11:13:41 +0000 Manifest next update: Sat 21 Jun 2025 17:13:41 +0000 Files and hashes: 1: hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl (hash: zDo1UlIlsPrNFJTLyfC6IXMa6yWLI2P5MLFi3vazYkw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:13:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2562 (0xa02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=857F208698A249A0596079DE4F3DAE5FA7B96754 Validity Not Before: Jun 21 11:13:41 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4D2836422DA4F14F8E8A7E1DDAA17BD2F2CF6279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c1:61:84:f2:15:6d:fb:f5:6d:1c:83:13:14: 46:d6:5f:2d:2e:43:72:41:d8:d1:e4:3a:ce:59:76: 0a:bb:77:95:38:9e:b5:ec:4f:d6:b2:17:78:c6:29: 03:5e:6c:85:17:f3:8b:5f:28:e8:8e:51:c4:f0:24: 56:16:e3:f0:03:d2:e8:f5:da:aa:0e:a7:c6:fa:6c: 1f:66:60:7e:72:9c:6e:44:95:00:10:e6:e0:38:90: c1:f1:47:a3:33:63:bc:d6:85:92:5f:02:7c:e6:8c: 1e:4c:20:54:a3:77:ed:ca:8e:31:e3:8f:1d:62:14: 12:91:24:f2:28:30:a2:e1:70:54:ca:81:f1:3f:07: 4c:1f:e6:18:c0:df:9b:04:d7:61:63:f6:4a:b7:9a: 41:ea:38:f4:4f:65:75:92:26:97:0a:9f:39:4b:b1: 95:98:ce:a0:0a:48:2b:4c:52:26:91:22:1a:45:58: 5e:40:5e:ba:b9:52:80:58:9e:4a:7c:db:1a:dc:85: d0:1e:e9:9a:08:d5:9d:47:48:46:ed:dc:e3:80:d8: 49:67:c5:9f:10:1b:db:6e:18:69:4b:72:06:ee:f1: 1f:8b:1e:2a:c7:60:e5:2b:90:f3:49:eb:f7:43:1e: d3:c1:59:81:1a:51:f6:a6:24:17:3f:1f:33:94:28: 12:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:28:36:42:2D:A4:F1:4F:8E:8A:7E:1D:DA:A1:7B:D2:F2:CF:62:79 X509v3 Authority Key Identifier: keyid:85:7F:20:86:98:A2:49:A0:59:60:79:DE:4F:3D:AE:5F:A7:B9:67:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3259/hX8ghpiiSaBZYHneTz2uX6e5Z1Q.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c3:ad:9b:57:05:83:6f:ce:a8:5c:b7:ad:1e:69:0d:3e:c2:4b: 9a:c2:6a:06:73:62:5e:2f:77:be:ed:85:17:34:3e:8d:a1:c4: 4a:c0:24:73:5f:f9:c1:87:b7:2a:66:d5:a8:9f:e4:74:44:c5: ab:be:cc:65:e9:40:22:72:e1:66:26:88:d3:4f:6c:8f:96:f6: f4:cd:a4:a6:bd:85:7b:62:3e:9b:a9:62:26:f9:e9:26:02:6c: f4:07:26:e5:f8:37:e6:8f:f3:ad:19:f0:95:fe:17:89:b0:f5: 8f:8d:fa:92:f7:28:6f:f2:d9:51:94:cd:c2:85:e6:99:cb:1a: 7a:f1:12:49:dd:f3:a2:67:41:73:d1:2a:d2:69:0a:f2:bc:c8: 4a:68:06:b0:1e:0e:37:82:98:d6:81:55:69:13:35:b7:1b:be: 61:f6:10:21:95:60:c4:12:1d:cc:b7:33:92:96:b8:61:79:50: c2:64:1a:ef:57:41:d2:28:b1:83:26:d2:bf:c9:21:f6:5b:f1: fc:55:b1:1e:d0:fb:9e:1d:de:e3:d5:86:b2:0c:27:25:65:de: 92:85:77:33:63:96:28:91:80:8a:c0:18:c9:d8:01:87:67:78: 35:1a:b7:3c:07:cc:72:b8:93:ec:4c:4d:87:a9:2f:e1:14:8f: 1b:75:85:88 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU3 RjIwODY5OEEyNDlBMDU5NjA3OURFNEYzREFFNUZBN0I5Njc1NDAeFw0yNTA2MjEx MTEzNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDREMjgzNjQyMkRBNEYx NEY4RThBN0UxRERBQTE3QkQyRjJDRjYyNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6wWGE8hVt+/VtHIMTFEbWXy0uQ3JB2NHkOs5Zdgq7d5U4nrXs T9ayF3jGKQNebIUX84tfKOiOUcTwJFYW4/AD0uj12qoOp8b6bB9mYH5ynG5ElQAQ 5uA4kMHxR6MzY7zWhZJfAnzmjB5MIFSjd+3KjjHjjx1iFBKRJPIoMKLhcFTKgfE/ B0wf5hjA35sE12Fj9kq3mkHqOPRPZXWSJpcKnzlLsZWYzqAKSCtMUiaRIhpFWF5A Xrq5UoBYnkp82xrchdAe6ZoI1Z1HSEbt3OOA2ElnxZ8QG9tuGGlLcgbu8R+LHirH YOUrkPNJ6/dDHtPBWYEaUfamJBc/HzOUKBJ1AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUTSg2Qi2k8U+Oin4d2qF70vLPYnkwHwYDVR0jBBgwFoAUhX8ghpiiSaBZYHne Tz2uX6e5Z1QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OS9oWDhnaHBpaVNhQlpZSG5lVHoydVg2ZTVaMVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2hYOGdocGlpU2FCWllIbmVUejJ1WDZlNVoxUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTkvaFg4Z2hwaWlTYUJa WUhuZVR6MnVYNmU1WjFRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAMOtm1cFg2/OqFy3rR5pDT7CS5rCagZzYl4vd77thRc0Po2hxErAJHNf+cGH typm1aif5HRExau+zGXpQCJy4WYmiNNPbI+W9vTNpKa9hXtiPpupYib56SYCbPQH JuX4N+aP860Z8JX+F4mw9Y+N+pL3KG/y2VGUzcKF5pnLGnrxEknd86JnQXPRKtJp CvK8yEpoBrAeDjeCmNaBVWkTNbcbvmH2ECGVYMQSHcy3M5KWuGF5UMJkGu9XQdIo sYMm0r/JIfZb8fxVsR7Q+54d3uPVhrIMJyVl3pKFdzNjliiRgIrAGMnYAYdneDUa tzwHzHK4k+xMTYepL+EUjxt1hYg= -----END CERTIFICATE-----Generated at Sat Jun 21 16:53:44 2025 by rpki-client