$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft File: TKnrtNTELADG1a1ccPtrRXZYMXc.mft (raw, json) Hash identifier: ktWRgK5H0FWKo2sGDBSSbboRHbtFiVA0AB1KfHhBBd4= Subject key identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 Authority key identifier: 4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 Certificate issuer: /CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Certificate serial: 8F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft Manifest number: 8F Signing time: Wed 18 Jun 2025 11:23:14 +0000 Manifest this update: Wed 18 Jun 2025 11:23:14 +0000 Manifest next update: Wed 18 Jun 2025 17:23:14 +0000 Files and hashes: 1: TKnrtNTELADG1a1ccPtrRXZYMXc.crl (hash: SU303e1aQVaeFTW77XPorg3zeAMUBhtQaYEt+OUBQWQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 17:23:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 143 (0x8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CA9EBB4D4C42C00C6D5AD5C70FB6B4576583177 Validity Not Before: Jun 18 11:23:14 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=ADD23BB7E03D1C252CA7A0EDD28753CBC17D8662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3c:7c:2a:59:0b:f4:f7:2c:ae:6f:07:1c:0a: ec:1a:4f:06:d5:0b:eb:2f:f0:a3:4d:9c:9e:a9:d4: ba:04:ba:01:35:0d:73:ff:81:12:ad:6d:0e:a8:0e: 73:2e:15:25:a1:54:eb:18:25:de:b1:25:6c:de:be: b0:b3:7c:7d:b4:46:d3:04:f9:6a:b0:6e:b7:3d:87: a6:6c:e7:49:d4:59:5a:77:f5:4b:96:8a:3e:31:da: 1a:15:dc:be:14:a6:74:74:a6:a0:83:0d:f4:a3:1b: db:2f:eb:55:c5:0f:84:b6:bf:de:96:a8:4d:c4:46: ca:35:3b:18:89:b4:9f:74:3b:23:20:fa:9c:61:0f: a4:58:5b:61:57:4d:88:ba:59:5e:b2:18:ad:96:eb: 10:15:b7:2b:a5:6a:3d:21:e2:70:19:ea:58:29:db: 00:fd:a1:4e:cc:27:5a:05:a9:91:38:ec:d7:f7:41: a2:f9:df:c0:d7:b4:dc:50:1a:b5:fb:cd:9c:a3:e9: c0:a3:89:17:dc:ff:1e:cd:f3:c6:a7:9d:0f:f5:c9: 66:fc:a9:99:b5:5a:88:26:7f:2e:b0:43:a1:0e:84: 80:a4:68:c2:b5:42:07:ca:14:b8:ee:49:b3:48:22: 36:59:b9:ae:40:25:6a:1f:44:34:91:af:30:68:64: ae:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:D2:3B:B7:E0:3D:1C:25:2C:A7:A0:ED:D2:87:53:CB:C1:7D:86:62 X509v3 Authority Key Identifier: keyid:4C:A9:EB:B4:D4:C4:2C:00:C6:D5:AD:5C:70:FB:6B:45:76:58:31:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TKnrtNTELADG1a1ccPtrRXZYMXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TKnrtNTELADG1a1ccPtrRXZYMXc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:75:d6:14:63:79:ca:bd:80:bd:64:d6:a3:9d:59:a6:e4:ab: 4a:f5:64:a4:07:b7:45:b7:27:fc:81:4f:28:eb:fb:58:63:6f: 57:a4:6e:01:c9:38:25:75:2a:b1:a8:fe:6d:42:96:a9:44:c9: e9:18:91:d0:80:d2:65:72:d6:fd:65:c7:82:bc:36:82:b6:0d: 7d:69:1f:03:b4:32:21:17:3e:7a:9f:f5:75:14:ca:af:78:25: 75:3e:8a:e6:00:72:4e:8c:f4:39:60:03:4d:ac:3c:70:92:35: 6a:de:2e:60:e5:74:13:2b:c1:d4:f5:a8:89:87:5f:e0:3a:0b: 23:5e:db:f0:e0:0a:b1:27:35:dc:25:6d:7f:c3:06:a1:c6:1c: b5:ca:6d:25:88:ce:bf:dc:3e:a2:bf:05:e2:d7:3a:e8:c6:ad: 89:59:28:96:fd:b9:a0:68:27:69:d8:8b:36:2a:fb:b9:a7:04: 58:c6:92:12:e4:35:62:a1:c4:44:e0:49:6d:41:d9:e8:51:8d: 2e:c9:b5:db:d7:d9:66:33:98:38:52:0a:10:2d:80:a0:05:77: 88:f6:91:93:5b:5a:0a:a9:96:7a:42:d1:eb:07:01:db:11:9e: 3f:0a:14:8a:44:88:8e:75:f8:42:91:4d:e1:17:3e:6c:13:d1: 9b:b0:72:41 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENB OUVCQjRENEM0MkMwMEM2RDVBRDVDNzBGQjZCNDU3NjU4MzE3NzAeFw0yNTA2MTgx MTIzMTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFERDIzQkI3RTAzRDFD MjUyQ0E3QTBFREQyODc1M0NCQzE3RDg2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJPHwqWQv09yyubwccCuwaTwbVC+sv8KNNnJ6p1LoEugE1DXP/ gRKtbQ6oDnMuFSWhVOsYJd6xJWzevrCzfH20RtME+Wqwbrc9h6Zs50nUWVp39UuW ij4x2hoV3L4UpnR0pqCDDfSjG9sv61XFD4S2v96WqE3ERso1OxiJtJ90OyMg+pxh D6RYW2FXTYi6WV6yGK2W6xAVtyulaj0h4nAZ6lgp2wD9oU7MJ1oFqZE47Nf3QaL5 38DXtNxQGrX7zZyj6cCjiRfc/x7N88annQ/1yWb8qZm1Wogmfy6wQ6EOhICkaMK1 QgfKFLjuSbNIIjZZua5AJWofRDSRrzBoZK7TAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUrdI7t+A9HCUsp6Dt0odTy8F9hmIwHwYDVR0jBBgwFoAUTKnrtNTELADG1a1c cPtrRXZYMXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9US25ydE5URUxBREcxYTFjY1B0clJYWllNWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RLbnJ0TlRFTEFERzFhMWNjUHRyUlhaWU1YYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvVEtucnROVEVMQURH MWExY2NQdHJSWFpZTVhjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJp11hRjecq9gL1k1qOdWabkq0r1ZKQHt0W3J/yBTyjr+1hjb1ekbgHJOCV1 KrGo/m1ClqlEyekYkdCA0mVy1v1lx4K8NoK2DX1pHwO0MiEXPnqf9XUUyq94JXU+ iuYAck6M9DlgA02sPHCSNWreLmDldBMrwdT1qImHX+A6CyNe2/DgCrEnNdwlbX/D BqHGHLXKbSWIzr/cPqK/BeLXOujGrYlZKJb9uaBoJ2nYizYq+7mnBFjGkhLkNWKh xETgSW1B2ehRjS7JtdvX2WYzmDhSChAtgKAFd4j2kZNbWgqplnpC0esHAdsRnj8K FIpEiI51+EKRTeEXPmwT0ZuwckE= -----END CERTIFICATE-----Generated at Wed Jun 18 15:08:48 2025 by rpki-client