$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft File: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft (raw, json) Hash identifier: LemwtSNZNmFIQkSWaMhvehjbFlKmHccoGOp567GQC2U= Subject key identifier: 94:4E:1C:38:AF:E2:E2:30:95:2C:64:88:E7:63:4B:3C:0D:46:DA:AE Authority key identifier: 0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E Certificate issuer: /CN=0F28658359C977322171F402332342C31DD7C56E Certificate serial: 06FF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft Manifest number: 06FF Signing time: Sat 21 Jun 2025 15:44:59 +0000 Manifest this update: Sat 21 Jun 2025 15:44:59 +0000 Manifest next update: Sat 21 Jun 2025 21:44:59 +0000 Files and hashes: 1: Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl (hash: GYhPXpQNc6kuL6MVzm1QTLo+dbvL4ZvO2FduLLZaIPI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1791 (0x6ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0F28658359C977322171F402332342C31DD7C56E Validity Not Before: Jun 21 15:44:59 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=944E1C38AFE2E230952C6488E7634B3C0D46DAAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b2:bf:39:ef:ea:19:21:97:bf:5d:97:ce:93: 81:d6:bf:9d:4a:29:d2:34:01:33:c8:a7:bb:48:af: f2:bb:99:a9:7a:70:87:2e:53:bb:e2:64:38:38:ec: 52:08:cf:bd:d5:5e:8d:25:e0:84:7f:a1:07:46:1c: 32:52:cf:d6:e0:b3:ba:d5:f0:18:49:16:0d:ce:5d: e2:ea:f5:b3:6a:28:c8:31:d1:04:b5:cf:2f:05:30: 93:4c:9c:21:98:42:d9:a2:35:08:65:c8:3b:02:20: ba:01:e2:31:80:ee:1c:2d:50:1b:d9:18:e3:cb:42: 7a:ed:40:66:2d:b6:04:f7:06:a4:f2:df:a7:d4:d2: 47:af:a9:8b:72:90:bd:77:b9:92:e0:31:65:01:ad: 57:e8:be:7e:f6:0c:73:d5:39:e7:6b:2f:8a:52:50: 4d:7e:25:ba:da:e8:e4:94:03:8c:15:e0:ed:d8:27: df:cf:40:c0:12:69:ed:58:fe:cc:8f:89:28:96:a9: fd:46:15:0e:bd:40:b0:a8:d5:6e:b6:f4:51:7f:84: 53:f0:ca:fc:1d:7b:6e:09:71:67:bc:b6:b4:ab:3b: cc:42:df:c3:23:1c:53:0e:09:8d:0a:f3:e5:ba:a1: d3:f9:2d:22:6b:6e:27:41:91:44:20:85:96:3c:9d: cf:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:4E:1C:38:AF:E2:E2:30:95:2C:64:88:E7:63:4B:3C:0D:46:DA:AE X509v3 Authority Key Identifier: keyid:0F:28:65:83:59:C9:77:32:21:71:F4:02:33:23:42:C3:1D:D7:C5:6E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3296/Dyhlg1nJdzIhcfQCMyNCwx3XxW4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:da:1f:89:e7:c7:65:f7:a6:ce:8f:bb:48:79:51:f1:d2:14: e6:17:ab:f0:c0:0b:6f:95:57:d5:7f:8f:16:cc:dd:09:11:02: 27:4a:93:58:d7:a3:15:31:dd:e0:be:3c:b0:41:80:96:f9:a8: a6:ec:36:2f:45:ce:ba:b6:0e:b6:2d:0c:97:fa:f2:ff:52:39: fc:07:01:e4:d3:d8:5b:78:0b:d1:ef:cf:9d:d4:3e:b5:91:35: 52:46:92:20:5b:1a:69:1a:77:c3:f5:dc:18:48:08:a3:f1:11: db:d8:63:fd:26:f2:61:ca:53:dc:42:d3:1c:b0:10:f4:d6:44: f2:db:2e:28:d0:f5:e2:4b:12:2d:fb:21:fd:66:da:42:2a:f0: 53:8c:c1:3e:42:f8:a1:b1:89:8d:3b:22:98:fc:59:c8:2f:ef: 7a:4a:5f:46:cf:30:b7:02:f8:92:06:a2:58:9d:85:6a:f8:0f: ea:4b:e3:b3:7d:f8:42:c2:8e:de:53:a7:0f:a8:1b:b1:35:2f: b4:3e:d4:b5:76:59:a8:ee:06:2e:db:31:b4:37:a1:26:47:c3: b6:c8:90:0a:c1:60:ab:b5:11:ca:34:b6:2f:e4:48:b6:7e:21: 93:50:ba:5b:75:36:f4:1b:2d:f7:fa:2f:d1:e9:7a:a3:93:89: 1e:18:82:1d -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEYy ODY1ODM1OUM5NzczMjIxNzFGNDAyMzMyMzQyQzMxREQ3QzU2RTAeFw0yNTA2MjEx NTQ0NTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk0NEUxQzM4QUZFMkUy MzA5NTJDNjQ4OEU3NjM0QjNDMEQ0NkRBQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrsr857+oZIZe/XZfOk4HWv51KKdI0ATPIp7tIr/K7mal6cIcu U7viZDg47FIIz73VXo0l4IR/oQdGHDJSz9bgs7rV8BhJFg3OXeLq9bNqKMgx0QS1 zy8FMJNMnCGYQtmiNQhlyDsCILoB4jGA7hwtUBvZGOPLQnrtQGYttgT3BqTy36fU 0kevqYtykL13uZLgMWUBrVfovn72DHPVOedrL4pSUE1+Jbra6OSUA4wV4O3YJ9/P QMASae1Y/syPiSiWqf1GFQ69QLCo1W629FF/hFPwyvwde24JcWe8trSrO8xC38Mj HFMOCY0K8+W6odP5LSJrbidBkUQghZY8nc/ZAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlE4cOK/i4jCVLGSI52NLPA1G2q4wHwYDVR0jBBgwFoAUDyhlg1nJdzIhcfQC MyNCwx3XxW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI5 Ni9EeWhsZzFuSmR6SWhjZlFDTXlOQ3d4M1h4VzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0R5aGxnMW5KZHpJaGNmUUNNeU5Dd3gzWHhXNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyOTYvRHlobGcxbkpkeklo Y2ZRQ015TkN3eDNYeFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAEXaH4nnx2X3ps6Pu0h5UfHSFOYXq/DAC2+VV9V/jxbM3QkRAidKk1jXoxUx 3eC+PLBBgJb5qKbsNi9Fzrq2DrYtDJf68v9SOfwHAeTT2Ft4C9Hvz53UPrWRNVJG kiBbGmkad8P13BhICKPxEdvYY/0m8mHKU9xC0xywEPTWRPLbLijQ9eJLEi37If1m 2kIq8FOMwT5C+KGxiY07Ipj8Wcgv73pKX0bPMLcC+JIGolidhWr4D+pL47N9+ELC jt5Tpw+oG7E1L7Q+1LV2WajuBi7bMbQ3oSZHw7bIkArBYKu1Eco0ti/kSLZ+IZNQ ult1NvQbLff6L9HpeqOTiR4Ygh0= -----END CERTIFICATE-----Generated at Sat Jun 21 18:35:19 2025 by rpki-client