$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft File: zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft (raw, json) Hash identifier: jucMmBwhkNtOLJO8K3FCIAOQ0gDF7RWkYWgOT842xfs= Subject key identifier: 52:5E:66:19:12:15:EC:C0:61:97:4A:DA:55:D6:26:AC:F4:E5:D5:A7 Authority key identifier: CE:04:78:FA:BE:91:96:B5:4D:0B:D1:AA:84:CB:39:07:3D:6C:F9:F9 Certificate issuer: /CN=CE0478FABE9196B54D0BD1AA84CB39073D6CF9F9 Certificate serial: 0323 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft Manifest number: 0323 Signing time: Sat 26 Apr 2025 13:09:40 +0000 Manifest this update: Sat 26 Apr 2025 13:09:40 +0000 Manifest next update: Sat 26 Apr 2025 19:09:40 +0000 Files and hashes: 1: zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl (hash: rpTzuQuQtmXNbc9Ovqw4Ea8cz0egnqWN8AmXGDHJd0c=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 17:09:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 803 (0x323) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0478FABE9196B54D0BD1AA84CB39073D6CF9F9 Validity Not Before: Apr 26 13:09:40 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=525E66191215ECC061974ADA55D626ACF4E5D5A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:60:c6:7c:39:63:96:f1:d6:55:de:3a:6e:e7: d5:a7:5b:44:06:e6:54:93:82:46:5a:f7:cb:3d:fb: ba:4e:6c:47:e8:a4:84:dc:83:a3:3d:e1:bd:3d:8a: 38:9e:0c:98:eb:f0:da:e6:dd:b4:92:45:bc:c6:02: af:25:cb:91:01:db:b9:58:b8:0b:5d:bb:d4:e4:db: f0:02:b9:81:1c:bf:5f:d5:e4:7a:f3:fc:25:6b:76: 4d:e9:0e:72:0b:dc:f9:2b:7c:ad:d6:47:ac:ef:eb: b4:23:5d:bb:f9:cf:ef:ce:bf:53:24:20:7a:fb:15: 02:fc:d5:bb:c6:27:8b:e2:3b:ec:2f:43:94:8e:77: 56:f5:37:17:11:33:8f:e8:6d:af:92:0d:47:5d:e5: 75:08:ac:7b:05:30:51:d1:cc:dd:6e:ca:6c:cc:e7: 7e:15:16:d8:72:24:e1:f6:aa:77:21:69:46:75:10: 3f:ca:2f:06:51:60:63:96:3b:ac:38:78:a2:a3:93: 75:72:74:9f:2b:9f:b5:cd:de:0f:62:3e:7a:ad:bb: ac:c8:88:0d:73:ce:8b:f2:8a:96:14:28:07:91:fb: 0c:53:ee:e5:66:11:eb:40:96:72:23:8f:f5:e0:a8: a9:ae:2e:11:e8:7f:a9:bb:af:29:7f:a3:55:9b:2a: d3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:5E:66:19:12:15:EC:C0:61:97:4A:DA:55:D6:26:AC:F4:E5:D5:A7 X509v3 Authority Key Identifier: keyid:CE:04:78:FA:BE:91:96:B5:4D:0B:D1:AA:84:CB:39:07:3D:6C:F9:F9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:50:df:77:1f:3f:89:6a:c0:49:1e:6b:52:ab:60:4b:31:bd: 13:44:3e:88:9b:02:de:86:7e:a5:b5:f1:91:9a:3b:cb:79:b7: 7d:e3:f4:3b:2e:25:52:f7:94:fc:bc:65:35:2b:e5:dd:35:68: b3:0e:8b:a4:f5:aa:f5:03:08:82:50:58:36:3c:1f:73:b7:ac: 33:7e:98:b6:b6:d4:18:38:0a:09:0c:c5:78:a4:74:a5:cf:e6: 7e:8d:d2:ac:59:2d:33:ff:b9:b8:ab:f3:7d:b9:3c:7f:a7:20: b0:3b:8c:4f:24:03:52:2d:5d:05:26:00:f6:93:97:58:cc:0a: 9f:f5:91:99:d9:58:ae:4f:04:5e:8f:e8:d2:44:f2:75:31:ef: a1:85:6c:99:cd:db:1c:2d:e8:f6:6b:b2:02:e7:56:78:dd:77: c6:39:e7:cd:b1:ed:5f:69:50:28:e2:7c:f9:8c:b8:cb:78:a5: 63:e2:0c:19:e8:d4:e3:85:0b:01:3f:a0:3d:33:0c:48:12:8d: 62:7c:bd:27:d4:a0:b2:d2:8d:9a:7f:a4:48:58:35:2f:99:65: 67:05:bd:95:88:4f:41:a6:6d:87:98:74:80:1f:c8:30:8e:b9: 08:59:67:40:74:21:cd:25:a7:14:9f:2f:fc:e0:c8:0d:f6:28: 92:56:38:37 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAyMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw NDc4RkFCRTkxOTZCNTREMEJEMUFBODRDQjM5MDczRDZDRjlGOTAeFw0yNTA0MjYx MzA5NDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUyNUU2NjE5MTIxNUVD QzA2MTk3NEFEQTU1RDYyNkFDRjRFNUQ1QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7YMZ8OWOW8dZV3jpu59WnW0QG5lSTgkZa98s9+7pObEfopITc g6M94b09ijieDJjr8Nrm3bSSRbzGAq8ly5EB27lYuAtdu9Tk2/ACuYEcv1/V5Hrz /CVrdk3pDnIL3PkrfK3WR6zv67QjXbv5z+/Ov1MkIHr7FQL81bvGJ4viO+wvQ5SO d1b1NxcRM4/oba+SDUdd5XUIrHsFMFHRzN1uymzM534VFthyJOH2qnchaUZ1ED/K LwZRYGOWO6w4eKKjk3VydJ8rn7XN3g9iPnqtu6zIiA1zzovyipYUKAeR+wxT7uVm EetAlnIjj/XgqKmuLhHof6m7ryl/o1WbKtPTAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUUl5mGRIV7MBhl0raVdYmrPTl1acwHwYDVR0jBBgwFoAUzgR4+r6RlrVNC9Gq hMs5Bz1s+fkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy OS96Z1I0LXI2UmxyVk5DOUdxaE1zNUJ6MXMtZmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3pnUjQtcjZSbHJWTkM5R3FoTXM1Qnoxcy1may5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjkvemdSNC1yNlJsclZO QzlHcWhNczVCejFzLWZrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAIxQ33cfP4lqwEkea1KrYEsxvRNEPoibAt6GfqW18ZGaO8t5t33j9DsuJVL3 lPy8ZTUr5d01aLMOi6T1qvUDCIJQWDY8H3O3rDN+mLa21Bg4CgkMxXikdKXP5n6N 0qxZLTP/ubir8325PH+nILA7jE8kA1ItXQUmAPaTl1jMCp/1kZnZWK5PBF6P6NJE 8nUx76GFbJnN2xwt6PZrsgLnVnjdd8Y5582x7V9pUCjifPmMuMt4pWPiDBno1OOF CwE/oD0zDEgSjWJ8vSfUoLLSjZp/pEhYNS+ZZWcFvZWIT0GmbYeYdIAfyDCOuQhZ Z0B0Ic0lpxSfL/zgyA32KJJWODc= -----END CERTIFICATE-----Generated at Sat Apr 26 17:05:03 2025 by rpki-client