$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft File: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft (raw, json) Hash identifier: Uk8iXLXEpJWqYQDk2EGUVIUQgd1cduweLsGqDo+dQfU= Subject key identifier: 94:4E:1C:38:AF:E2:E2:30:95:2C:64:88:E7:63:4B:3C:0D:46:DA:AE Authority key identifier: 0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E Certificate issuer: /CN=0F28658359C977322171F402332342C31DD7C56E Certificate serial: 05E9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft Manifest number: 05E9 Signing time: Sat 26 Apr 2025 08:38:31 +0000 Manifest this update: Sat 26 Apr 2025 08:38:31 +0000 Manifest next update: Sat 26 Apr 2025 14:38:31 +0000 Files and hashes: 1: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl (hash: KhRzLUSp8EexcBXUFyUFBhNbh9dG6e7PwOj3/6/N4Ik=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:38:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1513 (0x5e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0F28658359C977322171F402332342C31DD7C56E Validity Not Before: Apr 26 08:38:31 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=944E1C38AFE2E230952C6488E7634B3C0D46DAAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b2:bf:39:ef:ea:19:21:97:bf:5d:97:ce:93: 81:d6:bf:9d:4a:29:d2:34:01:33:c8:a7:bb:48:af: f2:bb:99:a9:7a:70:87:2e:53:bb:e2:64:38:38:ec: 52:08:cf:bd:d5:5e:8d:25:e0:84:7f:a1:07:46:1c: 32:52:cf:d6:e0:b3:ba:d5:f0:18:49:16:0d:ce:5d: e2:ea:f5:b3:6a:28:c8:31:d1:04:b5:cf:2f:05:30: 93:4c:9c:21:98:42:d9:a2:35:08:65:c8:3b:02:20: ba:01:e2:31:80:ee:1c:2d:50:1b:d9:18:e3:cb:42: 7a:ed:40:66:2d:b6:04:f7:06:a4:f2:df:a7:d4:d2: 47:af:a9:8b:72:90:bd:77:b9:92:e0:31:65:01:ad: 57:e8:be:7e:f6:0c:73:d5:39:e7:6b:2f:8a:52:50: 4d:7e:25:ba:da:e8:e4:94:03:8c:15:e0:ed:d8:27: df:cf:40:c0:12:69:ed:58:fe:cc:8f:89:28:96:a9: fd:46:15:0e:bd:40:b0:a8:d5:6e:b6:f4:51:7f:84: 53:f0:ca:fc:1d:7b:6e:09:71:67:bc:b6:b4:ab:3b: cc:42:df:c3:23:1c:53:0e:09:8d:0a:f3:e5:ba:a1: d3:f9:2d:22:6b:6e:27:41:91:44:20:85:96:3c:9d: cf:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:4E:1C:38:AF:E2:E2:30:95:2C:64:88:E7:63:4B:3C:0D:46:DA:AE X509v3 Authority Key Identifier: keyid:0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:82:07:2c:17:ab:f3:e8:ed:ad:31:ba:c5:2a:0b:25:4f:1a: 75:33:81:99:b6:f6:66:43:c7:76:f1:67:38:d4:2d:91:51:d6: ad:b6:03:ce:03:24:09:9b:5a:49:4f:35:d4:9e:49:0f:92:3a: 7f:53:5a:38:80:27:6f:2d:e0:7d:7b:89:57:8e:96:ed:aa:84: 1a:1f:45:02:80:44:fa:d4:8a:2f:a2:0b:12:aa:22:5f:62:1e: c3:bb:f4:45:d2:03:e4:8a:35:ea:0d:6d:73:de:d0:13:74:af: e2:6f:4a:de:7b:91:33:e2:24:02:2b:34:15:79:3a:a2:ae:ec: 7b:8b:8f:55:92:4e:b4:0d:44:36:df:00:a7:08:a9:66:0e:62: 9c:7c:b4:4d:90:82:eb:d4:30:7f:a5:3b:f7:61:e1:95:63:35: bb:1d:b4:66:b8:01:f8:87:de:89:e7:b7:55:94:fa:d4:99:4f: 58:d8:f8:65:79:b8:2d:36:7a:fe:a0:78:6b:dc:64:1d:4b:56: f1:b0:f2:8a:d7:a1:d1:38:3c:a7:db:5b:12:9f:47:25:f7:62: be:34:ee:0b:fc:44:76:c9:75:65:4f:27:04:66:ab:01:47:9e: 5b:d3:6c:35:a5:c3:81:52:56:5a:b6:32:09:dc:52:02:41:00: a3:b6:86:9c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEYy ODY1ODM1OUM5NzczMjIxNzFGNDAyMzMyMzQyQzMxREQ3QzU2RTAeFw0yNTA0MjYw ODM4MzFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk0NEUxQzM4QUZFMkUy MzA5NTJDNjQ4OEU3NjM0QjNDMEQ0NkRBQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrsr857+oZIZe/XZfOk4HWv51KKdI0ATPIp7tIr/K7mal6cIcu U7viZDg47FIIz73VXo0l4IR/oQdGHDJSz9bgs7rV8BhJFg3OXeLq9bNqKMgx0QS1 zy8FMJNMnCGYQtmiNQhlyDsCILoB4jGA7hwtUBvZGOPLQnrtQGYttgT3BqTy36fU 0kevqYtykL13uZLgMWUBrVfovn72DHPVOedrL4pSUE1+Jbra6OSUA4wV4O3YJ9/P QMASae1Y/syPiSiWqf1GFQ69QLCo1W629FF/hFPwyvwde24JcWe8trSrO8xC38Mj HFMOCY0K8+W6odP5LSJrbidBkUQghZY8nc/ZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlE4cOK/i4jCVLGSI52NLPA1G2q4wHwYDVR0jBBgwFoAUDyhlg1nJdzIhcfQC MyNCwx3XxW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI5 Ni9EeWhsZzFuSmR6SWhjZlFDTXlOQ3d4M1h4VzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0R5aGxnMW5KZHpJaGNmUUNNeU5Dd3gzWHhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyOTYvRHlobGcxbkpkeklo Y2ZRQ015TkN3eDNYeFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABeCBywXq/Po7a0xusUqCyVPGnUzgZm29mZDx3bxZzjULZFR1q22A84DJAmb WklPNdSeSQ+SOn9TWjiAJ28t4H17iVeOlu2qhBofRQKARPrUii+iCxKqIl9iHsO7 9EXSA+SKNeoNbXPe0BN0r+JvSt57kTPiJAIrNBV5OqKu7HuLj1WSTrQNRDbfAKcI qWYOYpx8tE2QguvUMH+lO/dh4ZVjNbsdtGa4AfiH3onnt1WU+tSZT1jY+GV5uC02 ev6geGvcZB1LVvGw8orXodE4PKfbWxKfRyX3Yr407gv8RHbJdWVPJwRmqwFHnlvT bDWlw4FSVlq2MgncUgJBAKO2hpw= -----END CERTIFICATE-----Generated at Sat Apr 26 14:36:52 2025 by rpki-client