$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3335/dLHNkLnEHIANH1u3AQiWQC4auU4.mft File: dLHNkLnEHIANH1u3AQiWQC4auU4.mft (raw, json) Hash identifier: MOePfnIkhLJ2WwCNAgTVSBpvkI1M4IsslKabyza5uO4= Subject key identifier: B0:54:D2:70:E7:FB:43:E0:C7:77:B3:3D:79:CA:A9:F9:0E:52:26:B0 Authority key identifier: 74:B1:CD:90:B9:C4:1C:80:0D:1F:5B:B7:01:08:96:40:2E:1A:B9:4E Certificate issuer: /CN=74B1CD90B9C41C800D1F5BB7010896402E1AB94E Certificate serial: 02CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dLHNkLnEHIANH1u3AQiWQC4auU4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/dLHNkLnEHIANH1u3AQiWQC4auU4.mft Manifest number: 02CA Signing time: Sat 26 Apr 2025 08:38:56 +0000 Manifest this update: Sat 26 Apr 2025 08:38:56 +0000 Manifest next update: Sat 26 Apr 2025 14:38:56 +0000 Files and hashes: 1: dLHNkLnEHIANH1u3AQiWQC4auU4.crl (hash: 1HmkUk+b3TgbgDR6DRQScIB13S9DmNAzNHH9JEJ22JA=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/dLHNkLnEHIANH1u3AQiWQC4auU4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/dLHNkLnEHIANH1u3AQiWQC4auU4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dLHNkLnEHIANH1u3AQiWQC4auU4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:38:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 714 (0x2ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74B1CD90B9C41C800D1F5BB7010896402E1AB94E Validity Not Before: Apr 26 08:38:56 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B054D270E7FB43E0C777B33D79CAA9F90E5226B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:83:0f:2d:e4:fc:fd:40:e6:c9:69:06:2c:d0: 63:f2:39:94:44:ab:77:3a:54:18:e1:c0:8b:d4:20: b5:d0:43:40:59:34:7a:aa:f6:39:9f:1e:33:db:12: ee:50:c0:ca:13:fc:45:b1:1d:b7:34:16:6d:80:c6: 5d:34:23:6d:aa:00:3b:ec:a7:1a:3c:5c:ac:75:3b: a9:01:17:f5:1f:18:2e:25:84:b9:d7:6b:4e:9c:10: 87:af:01:0b:e7:59:73:8c:28:a9:50:67:22:9a:cd: 72:96:01:0c:11:76:26:c0:92:aa:9b:34:5d:30:1e: 39:13:38:e1:1c:c6:1c:6e:11:34:f4:ad:4a:e1:13: 04:5e:12:53:7d:59:9c:7f:06:60:84:25:be:29:49: ae:e5:d2:fe:0c:5d:57:0b:7a:ed:33:47:1c:a8:ce: ef:03:5a:09:66:d1:a3:61:45:fa:d1:16:80:84:6d: 04:bf:e8:8f:a1:7a:70:d2:a9:96:dc:48:df:2b:b5: 04:a6:94:f3:4f:30:bb:68:5c:f0:06:6b:8b:88:4f: 60:80:e3:8a:b7:ee:8e:d7:88:58:0a:65:12:73:ae: a1:65:8b:b6:03:f7:c9:08:1c:e7:93:51:38:98:0c: 1d:ef:03:ac:63:26:e3:fd:e3:36:8e:25:6d:83:1f: 50:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:54:D2:70:E7:FB:43:E0:C7:77:B3:3D:79:CA:A9:F9:0E:52:26:B0 X509v3 Authority Key Identifier: keyid:74:B1:CD:90:B9:C4:1C:80:0D:1F:5B:B7:01:08:96:40:2E:1A:B9:4E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/dLHNkLnEHIANH1u3AQiWQC4auU4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dLHNkLnEHIANH1u3AQiWQC4auU4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3335/dLHNkLnEHIANH1u3AQiWQC4auU4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:e2:6c:79:17:a5:7e:b3:ee:a9:6c:7f:a5:c4:b3:fb:68:b5: a1:30:b7:2a:1f:b5:26:12:9e:75:e4:26:46:0b:49:dd:86:0e: 22:7e:fc:7e:17:d7:aa:51:1c:09:a3:80:81:9c:63:2c:7b:6b: 31:4d:4e:81:b4:85:32:ad:a6:78:37:6f:8f:0f:7a:26:9e:cd: ff:f5:6e:e2:44:3c:55:22:96:3f:97:8f:9a:64:8c:a5:02:4d: 9f:74:10:08:40:78:39:9b:17:5d:c4:1c:f4:2c:b4:54:8f:61: a5:e1:b2:23:13:ef:f4:95:4b:4c:2c:ab:87:53:25:ff:6a:02: ce:8a:75:ab:e4:06:92:ec:ca:ee:ee:62:9d:ab:98:70:95:0f: 7c:e1:7e:75:4b:7d:24:4d:c4:41:84:75:93:69:89:f3:1a:64: ca:f7:36:8f:2b:68:0e:87:79:ed:1c:0f:4a:85:f5:b5:34:ea: 2c:33:d5:cc:17:96:ba:01:f5:e2:ef:01:f5:d2:3c:50:e1:61: ae:55:8f:9b:a7:25:ec:c7:08:e4:a7:ee:16:1d:86:48:4b:79: 8c:12:a7:5c:48:ef:5d:dd:79:8b:e4:cd:dd:e1:56:ae:ae:04: a8:ee:e8:87:7e:4e:bb:bd:7b:eb:7c:c3:02:40:2e:7b:5e:ee: 58:f0:85:0c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzRC MUNEOTBCOUM0MUM4MDBEMUY1QkI3MDEwODk2NDAyRTFBQjk0RTAeFw0yNTA0MjYw ODM4NTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIwNTREMjcwRTdGQjQz RTBDNzc3QjMzRDc5Q0FBOUY5MEU1MjI2QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1gw8t5Pz9QObJaQYs0GPyOZREq3c6VBjhwIvUILXQQ0BZNHqq 9jmfHjPbEu5QwMoT/EWxHbc0Fm2Axl00I22qADvspxo8XKx1O6kBF/UfGC4lhLnX a06cEIevAQvnWXOMKKlQZyKazXKWAQwRdibAkqqbNF0wHjkTOOEcxhxuETT0rUrh EwReElN9WZx/BmCEJb4pSa7l0v4MXVcLeu0zRxyozu8DWglm0aNhRfrRFoCEbQS/ 6I+henDSqZbcSN8rtQSmlPNPMLtoXPAGa4uIT2CA44q37o7XiFgKZRJzrqFli7YD 98kIHOeTUTiYDB3vA6xjJuP94zaOJW2DH1AjAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUsFTScOf7Q+DHd7M9ecqp+Q5SJrAwHwYDVR0jBBgwFoAUdLHNkLnEHIANH1u3 AQiWQC4auU4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz NS9kTEhOa0xuRUhJQU5IMXUzQVFpV1FDNGF1VTQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2RMSE5rTG5FSElBTkgxdTNBUWlXUUM0YXVVNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMzUvZExITmtMbkVISUFO SDF1M0FRaVdRQzRhdVU0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBACPibHkXpX6z7qlsf6XEs/totaEwtyoftSYSnnXkJkYLSd2GDiJ+/H4X16pR HAmjgIGcYyx7azFNToG0hTKtpng3b48Peiaezf/1buJEPFUilj+Xj5pkjKUCTZ90 EAhAeDmbF13EHPQstFSPYaXhsiMT7/SVS0wsq4dTJf9qAs6KdavkBpLsyu7uYp2r mHCVD3zhfnVLfSRNxEGEdZNpifMaZMr3No8raA6Hee0cD0qF9bU06iwz1cwXlroB 9eLvAfXSPFDhYa5Vj5unJezHCOSn7hYdhkhLeYwSp1xI713deYvkzd3hVq6uBKju 6Id+Tru9e+t8wwJALnte7ljwhQw= -----END CERTIFICATE-----Generated at Sat Apr 26 14:37:01 2025 by rpki-client