$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft File: KiJnreDthkvp9oLDpe2qFRu6hmQ.mft (raw, json) Hash identifier: pjFoS6pL8LWcfNiaCxOmfbJNhiaeL6PkVsJUhX+m51Q= Subject key identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 Authority key identifier: 2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 Certificate issuer: /CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Certificate serial: 0920 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft Manifest number: 0920 Signing time: Sat 21 Jun 2025 11:15:17 +0000 Manifest this update: Sat 21 Jun 2025 11:15:17 +0000 Manifest next update: Sat 21 Jun 2025 17:15:17 +0000 Files and hashes: 1: KiJnreDthkvp9oLDpe2qFRu6hmQ.crl (hash: JBy7XTmQwLAV5gSGqdfGfETWdcn6nLDVPe7+qr57Pug=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:15:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2336 (0x920) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A2267ADE0ED864BE9F682C3A5EDAA151BBA8664 Validity Not Before: Jun 21 11:15:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9DB8B31D70A09D50141479712B74C829C7596189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fe:f4:b4:fc:14:06:23:af:c2:7f:14:0d:38: 0c:fa:8f:a1:9f:f8:90:2d:50:98:3c:36:e2:7a:9e: 07:98:0c:ec:e3:4b:b0:7c:f6:62:11:04:69:1b:2b: 39:07:4d:56:32:8f:78:5c:53:35:eb:b1:24:d1:cd: 74:3f:1c:33:ec:0e:b5:1c:f2:ea:24:02:65:29:54: 9a:20:01:8e:25:a7:90:a0:1d:dc:6c:9c:b5:71:fd: af:cf:07:dd:0e:5d:13:d1:7b:cd:5d:f0:d5:aa:67: 82:8e:db:33:c0:b2:99:6a:93:53:e4:da:7e:2c:a5: 5b:05:94:38:51:fc:96:7c:2b:6f:c9:3a:9e:95:05: ef:90:9d:13:de:47:31:13:cf:dc:dd:bb:02:a1:f4: 6a:93:a8:67:3b:da:05:ba:6b:e5:b7:09:54:c8:10: 04:80:59:11:39:be:fb:d9:51:cf:d5:b4:bb:1e:3a: f4:8d:ba:02:7b:9d:a9:93:6e:8d:ed:a9:f3:dc:97: ef:ac:17:ad:e0:17:be:22:24:b8:0a:60:e7:8c:f9: e0:ab:58:cf:be:b3:fd:c8:b7:04:8b:df:3b:26:bf: 7e:79:78:e0:fd:f6:e0:fb:79:ee:88:52:dc:aa:23: 1c:53:f2:83:a0:a9:7b:ca:10:00:1a:5b:72:e9:09: 13:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:B8:B3:1D:70:A0:9D:50:14:14:79:71:2B:74:C8:29:C7:59:61:89 X509v3 Authority Key Identifier: keyid:2A:22:67:AD:E0:ED:86:4B:E9:F6:82:C3:A5:ED:AA:15:1B:BA:86:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KiJnreDthkvp9oLDpe2qFRu6hmQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3269/KiJnreDthkvp9oLDpe2qFRu6hmQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:69:2d:3c:9f:75:06:d0:4e:d8:60:4e:06:a4:1c:9c:af:d9: f2:62:4f:72:46:a7:3b:df:14:84:bd:64:c9:8e:5e:f5:b4:11: 5b:60:05:4e:56:46:2f:28:be:08:52:ab:19:eb:f7:e1:9c:fa: 44:f5:f1:bc:9e:fd:1f:6d:5c:48:d9:21:b0:0f:b3:8f:08:85: 8e:21:87:ba:77:9d:4f:a0:11:cc:02:31:98:e5:37:27:1f:e1: e9:c2:46:bf:b0:08:53:8a:9f:67:cd:d2:e2:d3:f8:86:73:6b: 21:18:7b:29:d9:f3:9e:4d:19:ac:eb:40:c0:1b:38:a1:86:6d: 21:ce:71:06:68:f3:1a:14:5b:a8:e5:51:3c:ba:39:16:ad:07: d5:7e:79:d2:42:5a:a3:7b:78:be:77:a8:90:e8:5e:d6:db:01: e3:64:43:9b:6a:c2:03:9e:48:2c:99:1b:80:7a:2d:06:65:d7: 79:72:74:84:94:59:b7:25:9c:c5:a0:90:d2:c8:bb:b6:99:b6: 2e:77:5e:09:57:89:3a:7f:e4:75:20:49:c2:94:a0:fa:5c:c2: 59:8a:80:7a:ea:41:e0:a5:10:9e:3c:73:73:53:2d:ff:12:fa: 47:da:4b:6a:00:05:f9:6e:37:39:af:9c:3d:27:08:4d:27:79: e6:61:4d:13 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkEy MjY3QURFMEVEODY0QkU5RjY4MkMzQTVFREFBMTUxQkJBODY2NDAeFw0yNTA2MjEx MTE1MTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlEQjhCMzFENzBBMDlE NTAxNDE0Nzk3MTJCNzRDODI5Qzc1OTYxODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDr/vS0/BQGI6/CfxQNOAz6j6Gf+JAtUJg8NuJ6ngeYDOzjS7B8 9mIRBGkbKzkHTVYyj3hcUzXrsSTRzXQ/HDPsDrUc8uokAmUpVJogAY4lp5CgHdxs nLVx/a/PB90OXRPRe81d8NWqZ4KO2zPAsplqk1Pk2n4spVsFlDhR/JZ8K2/JOp6V Be+QnRPeRzETz9zduwKh9GqTqGc72gW6a+W3CVTIEASAWRE5vvvZUc/VtLseOvSN ugJ7namTbo3tqfPcl++sF63gF74iJLgKYOeM+eCrWM++s/3ItwSL3zsmv355eOD9 9uD7ee6IUtyqIxxT8oOgqXvKEAAaW3LpCRMVAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUnbizHXCgnVAUFHlxK3TIKcdZYYkwHwYDVR0jBBgwFoAUKiJnreDthkvp9oLD pe2qFRu6hmQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 OS9LaUpucmVEdGhrdnA5b0xEcGUycUZSdTZobVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0tpSm5yZUR0aGt2cDlvTERwZTJxRlJ1NmhtUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjkvS2lKbnJlRHRoa3Zw OW9MRHBlMnFGUnU2aG1RLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABxpLTyfdQbQTthgTgakHJyv2fJiT3JGpzvfFIS9ZMmOXvW0EVtgBU5WRi8o vghSqxnr9+Gc+kT18bye/R9tXEjZIbAPs48IhY4hh7p3nU+gEcwCMZjlNycf4enC Rr+wCFOKn2fN0uLT+IZzayEYeynZ855NGazrQMAbOKGGbSHOcQZo8xoUW6jlUTy6 ORatB9V+edJCWqN7eL53qJDoXtbbAeNkQ5tqwgOeSCyZG4B6LQZl13lydISUWbcl nMWgkNLIu7aZti53XglXiTp/5HUgScKUoPpcwlmKgHrqQeClEJ48c3NTLf8S+kfa S2oABfluNzmvnD0nCE0neeZhTRM= -----END CERTIFICATE-----Generated at Sat Jun 21 15:33:53 2025 by rpki-client