$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft File: OCdChXYoqbKyIFmuiEdvIwYL6tA.mft (raw, json) Hash identifier: rvnHfdFngseKxGx0J6utipQ0sEjs+O5bu8RRjfPpU5I= Subject key identifier: 28:21:5B:26:84:B2:51:CB:C1:6E:81:F4:5A:46:65:8D:87:98:73:05 Authority key identifier: 38:27:42:85:76:28:A9:B2:B2:20:59:AE:88:47:6F:23:06:0B:EA:D0 Certificate issuer: /CN=382742857628A9B2B22059AE88476F23060BEAD0 Certificate serial: 0324 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft Manifest number: 0324 Signing time: Sat 26 Apr 2025 08:38:47 +0000 Manifest this update: Sat 26 Apr 2025 08:38:47 +0000 Manifest next update: Sat 26 Apr 2025 14:38:47 +0000 Files and hashes: 1: OCdChXYoqbKyIFmuiEdvIwYL6tA.crl (hash: 4C6OpMIDce4rpQThbNFQ3K3Dmi4EYan0Y7PbSykcpLY=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:38:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 804 (0x324) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=382742857628A9B2B22059AE88476F23060BEAD0 Validity Not Before: Apr 26 08:38:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=28215B2684B251CBC16E81F45A46658D87987305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:26:72:d5:94:16:40:a9:56:11:27:83:ad:c9: ac:73:2e:26:c8:68:e4:37:1c:e2:b9:5d:8a:dc:5d: 52:91:42:3b:2e:de:b3:6e:fb:38:6c:62:43:f2:65: fe:2d:44:45:7d:02:5c:fb:a1:47:11:13:de:41:4b: e9:61:23:81:c1:3c:01:8c:a8:0c:1b:2b:47:6e:19: 76:95:78:de:65:db:39:ce:e0:22:0e:f5:e1:af:50: 40:ed:f6:61:24:bf:62:9f:a0:eb:d9:b4:02:f1:ea: 85:d3:3d:5e:85:3b:d0:19:a7:a5:e5:cc:a8:12:69: a0:7b:a1:8b:61:e3:bc:89:4a:5e:8a:2b:eb:9c:90: c5:6c:a9:6b:a7:08:2b:86:ba:2e:62:d7:77:ef:ab: 37:a1:fa:a1:c6:27:4e:8f:b0:83:bb:7a:98:51:bd: d9:c4:aa:06:f2:99:ec:0a:ac:d2:44:d7:21:1d:80: f3:d8:6a:3f:70:e1:2f:01:12:2e:8c:85:b2:f7:0e: f7:d9:ae:c6:09:03:cd:cd:05:0b:24:bb:11:96:78: 38:bb:bd:68:67:78:5d:33:a8:1e:f6:97:cc:61:ec: a5:11:dc:9e:e2:70:3c:31:72:f5:59:be:13:fe:f5: 5c:38:80:94:e7:6d:06:32:ca:d6:37:3a:eb:b5:19: b9:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:21:5B:26:84:B2:51:CB:C1:6E:81:F4:5A:46:65:8D:87:98:73:05 X509v3 Authority Key Identifier: keyid:38:27:42:85:76:28:A9:B2:B2:20:59:AE:88:47:6F:23:06:0B:EA:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:29:5d:70:7e:46:8d:12:6d:12:a3:5d:b1:5a:3c:77:da:5f: fb:2a:1f:63:50:d6:2f:c4:55:e3:ff:0b:05:91:e2:fa:a0:59: 81:70:18:99:c1:5b:b7:38:6d:7d:73:bd:70:46:ce:96:0b:ad: 17:10:0a:ad:00:2a:5e:c7:00:c8:48:6f:8d:d3:8b:9b:2c:d1: 45:d6:ab:1a:0e:ad:92:b2:0a:b7:e4:e9:40:09:c6:5c:bd:29: 7d:51:1f:10:72:5c:26:a4:8e:0f:26:05:1b:29:b6:6b:bb:ec: 56:76:37:99:e3:05:1e:0b:4b:08:87:10:22:25:8d:10:fe:0b: f7:bb:72:64:a6:80:85:51:cd:3c:7b:6d:e3:ff:1b:19:90:d4: 24:88:b3:87:4f:ed:e5:aa:8f:42:37:90:8c:3d:50:ea:64:1e: 26:af:87:b3:02:e8:db:c2:ce:a5:a9:d6:cc:89:5a:d2:2d:da: 8d:e8:00:b3:9b:c6:29:0f:94:60:72:4a:46:ff:54:15:19:0e: 75:3d:61:4f:49:64:7e:94:59:2f:d1:43:13:37:e5:79:9d:d6: 4d:7f:3e:50:50:3c:f6:32:93:2e:8e:8d:ff:06:fe:48:d9:32: c2:c4:df:2e:53:c3:0f:9d:57:d1:9f:94:27:20:04:f3:40:50: 6f:9a:53:e0 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAyQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzgy NzQyODU3NjI4QTlCMkIyMjA1OUFFODg0NzZGMjMwNjBCRUFEMDAeFw0yNTA0MjYw ODM4NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI4MjE1QjI2ODRCMjUx Q0JDMTZFODFGNDVBNDY2NThEODc5ODczMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdJnLVlBZAqVYRJ4OtyaxzLibIaOQ3HOK5XYrcXVKRQjsu3rNu +zhsYkPyZf4tREV9Alz7oUcRE95BS+lhI4HBPAGMqAwbK0duGXaVeN5l2znO4CIO 9eGvUEDt9mEkv2KfoOvZtALx6oXTPV6FO9AZp6XlzKgSaaB7oYth47yJSl6KK+uc kMVsqWunCCuGui5i13fvqzeh+qHGJ06PsIO7ephRvdnEqgbymewKrNJE1yEdgPPY aj9w4S8BEi6MhbL3DvfZrsYJA83NBQskuxGWeDi7vWhneF0zqB72l8xh7KUR3J7i cDwxcvVZvhP+9Vw4gJTnbQYyytY3Ouu1Gbn9AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKCFbJoSyUcvBboH0WkZljYeYcwUwHwYDVR0jBBgwFoAUOCdChXYoqbKyIFmu iEdvIwYL6tAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy OC9PQ2RDaFhZb3FiS3lJRm11aUVkdkl3WUw2dEEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09DZENoWFlvcWJLeUlGbXVpRWR2SXdZTDZ0QS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjgvT0NkQ2hYWW9xYkt5 SUZtdWlFZHZJd1lMNnRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBABspXXB+Ro0SbRKjXbFaPHfaX/sqH2NQ1i/EVeP/CwWR4vqgWYFwGJnBW7c4 bX1zvXBGzpYLrRcQCq0AKl7HAMhIb43Ti5ss0UXWqxoOrZKyCrfk6UAJxly9KX1R HxByXCakjg8mBRsptmu77FZ2N5njBR4LSwiHECIljRD+C/e7cmSmgIVRzTx7beP/ GxmQ1CSIs4dP7eWqj0I3kIw9UOpkHiavh7MC6NvCzqWp1syJWtIt2o3oALObxikP lGBySkb/VBUZDnU9YU9JZH6UWS/RQxM35Xmd1k1/PlBQPPYyky6Ojf8G/kjZMsLE 3y5Tww+dV9GflCcgBPNAUG+aU+A= -----END CERTIFICATE-----Generated at Sat Apr 26 14:08:12 2025 by rpki-client