$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft File: kXok3C9fwHVc6sn-HMXExV183fo.mft (raw, json) Hash identifier: b2eKZkxQyjmgZWNNq84Q69CwMyYV5eDdtBBHRyBgt7M= Subject key identifier: 35:6B:69:02:74:63:F8:A7:68:3B:39:60:AD:61:9D:11:CA:B7:44:44 Authority key identifier: 91:7A:24:DC:2F:5F:C0:75:5C:EA:C9:FE:1C:C5:C4:C5:5D:7C:DD:FA Certificate issuer: /CN=917A24DC2F5FC0755CEAC9FE1CC5C4C55D7CDDFA Certificate serial: 08BC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft Manifest number: 08BC Signing time: Mon 11 Aug 2025 08:03:41 +0000 Manifest this update: Mon 11 Aug 2025 08:03:41 +0000 Manifest next update: Mon 11 Aug 2025 14:03:41 +0000 Files and hashes: 1: kXok3C9fwHVc6sn-HMXExV183fo.crl (hash: oVpyNWfkUyqEHE88cYk1wU1l0bSs68mdtnW1DfOuJIM=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2236 (0x8bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=917A24DC2F5FC0755CEAC9FE1CC5C4C55D7CDDFA Validity Not Before: Aug 11 08:03:41 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=356B69027463F8A7683B3960AD619D11CAB74444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:4e:45:4c:b3:46:df:85:b4:aa:ff:bd:44:49: ae:dc:9f:f2:13:71:46:0e:08:9b:42:64:81:38:a0: 3c:6c:13:19:02:51:5c:45:34:75:ca:8a:74:b0:f5: ec:f9:8b:a6:7f:dd:78:c5:93:3d:5b:31:2c:d1:98: 22:f0:6e:7d:e6:42:15:97:11:7e:b3:da:11:e4:20: c1:6e:64:fb:7a:05:49:2e:6a:20:56:05:a5:60:fd: bd:ab:0d:d4:e2:9b:97:e7:f9:25:ea:f0:d5:18:3c: 5e:2e:e7:ed:f3:f8:ac:f2:0d:90:40:dc:31:12:a2: e6:de:a0:e7:3b:55:1e:92:4d:17:37:df:53:18:21: 13:15:87:ab:bd:8d:c7:24:0a:f0:23:ee:c4:ea:03: 55:8a:6d:16:c3:13:86:61:e1:43:08:2f:8b:70:ff: 72:63:c7:a8:68:f4:a4:6f:09:7c:91:b6:9a:0a:b3: b7:68:29:45:96:5d:17:8f:84:9f:19:05:78:d4:76: 0a:d8:9f:50:c9:5e:88:fc:e4:89:95:c1:33:b8:ec: 41:bf:55:53:b3:93:ce:b4:7b:b1:19:af:fa:d3:e7: 91:07:67:26:35:ce:74:70:27:ff:47:59:61:79:7e: b6:8e:fb:c8:a1:9e:7d:5e:84:75:cd:cb:20:d5:98: 30:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:6B:69:02:74:63:F8:A7:68:3B:39:60:AD:61:9D:11:CA:B7:44:44 X509v3 Authority Key Identifier: keyid:91:7A:24:DC:2F:5F:C0:75:5C:EA:C9:FE:1C:C5:C4:C5:5D:7C:DD:FA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kXok3C9fwHVc6sn-HMXExV183fo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3284/kXok3C9fwHVc6sn-HMXExV183fo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:d1:f4:5f:6b:4e:19:77:c7:cd:0f:f9:f1:92:6a:6a:20:40: f8:0f:ed:41:44:4e:68:b2:05:5a:51:bf:cd:1b:b1:42:30:c8: bf:5b:ec:7e:6a:12:10:6b:0a:bb:54:b9:75:54:20:a4:fb:cf: 7d:f9:4f:09:43:d9:de:5b:15:78:36:11:98:d3:54:cd:1b:21: 8e:64:6f:60:db:97:a4:d5:03:7f:95:19:e1:c8:bc:24:85:bf: b3:8d:bc:98:59:01:7c:2d:0d:5a:d5:f7:4b:29:a9:30:a1:47: be:2c:03:6c:57:01:bd:5e:14:e1:90:fc:61:c3:38:59:51:39: f3:b8:78:09:18:76:17:16:01:85:6b:47:8c:e7:1e:c0:b3:56: a7:62:c6:52:ea:11:6e:6e:58:e7:7a:ad:f1:18:a2:02:5e:f6: 8f:2a:71:1c:50:e1:b8:fc:b2:48:67:bd:a1:35:8a:15:69:1f: 2f:3a:a0:69:84:b7:6a:3b:e1:8c:1c:a9:97:fb:63:1a:4f:30: 7f:c8:f1:84:f1:31:fd:47:78:e3:89:ad:7a:66:64:a2:2e:7d: 51:5d:81:99:68:4b:f2:d0:43:fc:45:0c:d8:f0:e1:c8:83:74: eb:a0:29:be:0a:f7:f5:bf:e6:b1:b8:73:e8:b3:f8:7e:56:1f: b2:de:7b:c1 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTE3 QTI0REMyRjVGQzA3NTVDRUFDOUZFMUNDNUM0QzU1RDdDRERGQTAeFw0yNTA4MTEw ODAzNDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM1NkI2OTAyNzQ2M0Y4 QTc2ODNCMzk2MEFENjE5RDExQ0FCNzQ0NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrTkVMs0bfhbSq/71ESa7cn/ITcUYOCJtCZIE4oDxsExkCUVxF NHXKinSw9ez5i6Z/3XjFkz1bMSzRmCLwbn3mQhWXEX6z2hHkIMFuZPt6BUkuaiBW BaVg/b2rDdTim5fn+SXq8NUYPF4u5+3z+KzyDZBA3DESoubeoOc7VR6STRc331MY IRMVh6u9jcckCvAj7sTqA1WKbRbDE4Zh4UMIL4tw/3Jjx6ho9KRvCXyRtpoKs7do KUWWXRePhJ8ZBXjUdgrYn1DJXoj85ImVwTO47EG/VVOzk860e7EZr/rT55EHZyY1 znRwJ/9HWWF5fraO+8ihnn1ehHXNyyDVmDADAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUNWtpAnRj+KdoOzlgrWGdEcq3REQwHwYDVR0jBBgwFoAUkXok3C9fwHVc6sn+ HMXExV183fowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 NC9rWG9rM0M5ZndIVmM2c24tSE1YRXhWMTgzZm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tYb2szQzlmd0hWYzZzbi1ITVhFeFYxODNmby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODQva1hvazNDOWZ3SFZj NnNuLUhNWEV4VjE4M2ZvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABfR9F9rThl3x80P+fGSamogQPgP7UFETmiyBVpRv80bsUIwyL9b7H5qEhBr CrtUuXVUIKT7z335TwlD2d5bFXg2EZjTVM0bIY5kb2Dbl6TVA3+VGeHIvCSFv7ON vJhZAXwtDVrV90spqTChR74sA2xXAb1eFOGQ/GHDOFlROfO4eAkYdhcWAYVrR4zn HsCzVqdixlLqEW5uWOd6rfEYogJe9o8qcRxQ4bj8skhnvaE1ihVpHy86oGmEt2o7 4YwcqZf7YxpPMH/I8YTxMf1HeOOJrXpmZKIufVFdgZloS/LQQ/xFDNjw4ciDdOug Kb4K9/W/5rG4c+iz+H5WH7Lee8E= -----END CERTIFICATE-----Generated at Mon Aug 11 11:58:06 2025 by rpki-client