$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft File: zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft (raw, json) Hash identifier: KuFA8ftC0G8qZwMCduhAljWsCnKn9D9lc4Ke/o7SzNI= Subject key identifier: 52:5E:66:19:12:15:EC:C0:61:97:4A:DA:55:D6:26:AC:F4:E5:D5:A7 Authority key identifier: CE:04:78:FA:BE:91:96:B5:4D:0B:D1:AA:84:CB:39:07:3D:6C:F9:F9 Certificate issuer: /CN=CE0478FABE9196B54D0BD1AA84CB39073D6CF9F9 Certificate serial: 0532 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft Manifest number: 0532 Signing time: Mon 11 Aug 2025 09:05:21 +0000 Manifest this update: Mon 11 Aug 2025 09:05:21 +0000 Manifest next update: Mon 11 Aug 2025 15:05:21 +0000 Files and hashes: 1: zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl (hash: hQtaC0cI/kC9fEknqBkYZmlclKwhGMSeTqizqhn+x/0=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1330 (0x532) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0478FABE9196B54D0BD1AA84CB39073D6CF9F9 Validity Not Before: Aug 11 09:05:21 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=525E66191215ECC061974ADA55D626ACF4E5D5A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:60:c6:7c:39:63:96:f1:d6:55:de:3a:6e:e7: d5:a7:5b:44:06:e6:54:93:82:46:5a:f7:cb:3d:fb: ba:4e:6c:47:e8:a4:84:dc:83:a3:3d:e1:bd:3d:8a: 38:9e:0c:98:eb:f0:da:e6:dd:b4:92:45:bc:c6:02: af:25:cb:91:01:db:b9:58:b8:0b:5d:bb:d4:e4:db: f0:02:b9:81:1c:bf:5f:d5:e4:7a:f3:fc:25:6b:76: 4d:e9:0e:72:0b:dc:f9:2b:7c:ad:d6:47:ac:ef:eb: b4:23:5d:bb:f9:cf:ef:ce:bf:53:24:20:7a:fb:15: 02:fc:d5:bb:c6:27:8b:e2:3b:ec:2f:43:94:8e:77: 56:f5:37:17:11:33:8f:e8:6d:af:92:0d:47:5d:e5: 75:08:ac:7b:05:30:51:d1:cc:dd:6e:ca:6c:cc:e7: 7e:15:16:d8:72:24:e1:f6:aa:77:21:69:46:75:10: 3f:ca:2f:06:51:60:63:96:3b:ac:38:78:a2:a3:93: 75:72:74:9f:2b:9f:b5:cd:de:0f:62:3e:7a:ad:bb: ac:c8:88:0d:73:ce:8b:f2:8a:96:14:28:07:91:fb: 0c:53:ee:e5:66:11:eb:40:96:72:23:8f:f5:e0:a8: a9:ae:2e:11:e8:7f:a9:bb:af:29:7f:a3:55:9b:2a: d3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:5E:66:19:12:15:EC:C0:61:97:4A:DA:55:D6:26:AC:F4:E5:D5:A7 X509v3 Authority Key Identifier: keyid:CE:04:78:FA:BE:91:96:B5:4D:0B:D1:AA:84:CB:39:07:3D:6C:F9:F9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:9b:dd:ef:f7:74:b1:df:b0:b1:f9:73:6a:99:14:6a:89:d8: dd:40:4e:ee:6a:c1:2a:75:b9:14:a0:70:7c:96:62:20:fe:89: 35:0e:60:d3:73:38:90:47:49:eb:47:d2:2a:e7:c1:07:31:27: 7d:f8:84:e6:22:25:32:bc:19:72:06:f7:ef:58:0a:44:c1:39: f7:20:d0:57:0a:ca:13:1e:d8:58:f8:b8:be:99:7a:6e:12:f6: 1b:cc:e3:3f:ec:b8:f1:71:11:c2:7a:c6:35:9f:07:ee:aa:56: 85:ee:c4:c1:06:09:66:30:93:29:30:dc:8f:96:36:2c:fb:36: 51:4f:f6:be:51:5c:fa:84:cf:38:ea:20:80:6b:7a:82:9b:3b: 9f:ba:2e:a0:3c:3f:63:19:d0:f6:cc:d3:61:97:2b:11:ee:15: 09:e3:1e:f0:11:7f:51:1d:31:bd:00:13:a9:d8:6f:0f:3b:98: fd:4c:74:69:d5:76:02:43:30:77:92:7c:92:43:58:b5:8e:00: 6e:6e:a6:51:79:a3:db:33:c3:5a:fb:30:4a:91:9c:cf:c2:42: 73:10:8c:d3:9b:7c:24:13:d3:5b:31:d4:ff:5c:f7:50:5e:50: c0:4c:75:ef:3c:9f:37:62:61:99:65:01:78:2a:bf:2b:a5:15: 7d:52:29:05 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBTIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw NDc4RkFCRTkxOTZCNTREMEJEMUFBODRDQjM5MDczRDZDRjlGOTAeFw0yNTA4MTEw OTA1MjFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUyNUU2NjE5MTIxNUVD QzA2MTk3NEFEQTU1RDYyNkFDRjRFNUQ1QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7YMZ8OWOW8dZV3jpu59WnW0QG5lSTgkZa98s9+7pObEfopITc g6M94b09ijieDJjr8Nrm3bSSRbzGAq8ly5EB27lYuAtdu9Tk2/ACuYEcv1/V5Hrz /CVrdk3pDnIL3PkrfK3WR6zv67QjXbv5z+/Ov1MkIHr7FQL81bvGJ4viO+wvQ5SO d1b1NxcRM4/oba+SDUdd5XUIrHsFMFHRzN1uymzM534VFthyJOH2qnchaUZ1ED/K LwZRYGOWO6w4eKKjk3VydJ8rn7XN3g9iPnqtu6zIiA1zzovyipYUKAeR+wxT7uVm EetAlnIjj/XgqKmuLhHof6m7ryl/o1WbKtPTAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUUl5mGRIV7MBhl0raVdYmrPTl1acwHwYDVR0jBBgwFoAUzgR4+r6RlrVNC9Gq hMs5Bz1s+fkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy OS96Z1I0LXI2UmxyVk5DOUdxaE1zNUJ6MXMtZmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3pnUjQtcjZSbHJWTkM5R3FoTXM1Qnoxcy1may5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjkvemdSNC1yNlJsclZO QzlHcWhNczVCejFzLWZrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAAOb3e/3dLHfsLH5c2qZFGqJ2N1ATu5qwSp1uRSgcHyWYiD+iTUOYNNzOJBH SetH0irnwQcxJ334hOYiJTK8GXIG9+9YCkTBOfcg0FcKyhMe2Fj4uL6Zem4S9hvM 4z/suPFxEcJ6xjWfB+6qVoXuxMEGCWYwkykw3I+WNiz7NlFP9r5RXPqEzzjqIIBr eoKbO5+6LqA8P2MZ0PbM02GXKxHuFQnjHvARf1EdMb0AE6nYbw87mP1MdGnVdgJD MHeSfJJDWLWOAG5uplF5o9szw1r7MEqRnM/CQnMQjNObfCQT01sx1P9c91BeUMBM de88nzdiYZllAXgqvyulFX1SKQU= -----END CERTIFICATE-----Generated at Mon Aug 11 10:43:14 2025 by rpki-client