$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft File: 2wnDhcqGTQSV-VGV_38HvFdh4XY.mft (raw, json) Hash identifier: 7b6YwzeqFUGJoX5x0mCQAXDVsUn+CHZ50Bn7pWBe/5s= Subject key identifier: 04:1A:A5:E8:17:43:B7:42:48:C3:C1:96:FF:3D:92:37:B7:68:7F:F7 Authority key identifier: DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 Certificate issuer: /CN=DB09C385CA864D0495F95195FF7F07BC5761E176 Certificate serial: 03D9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft Manifest number: 03D9 Signing time: Sat 21 Jun 2025 15:45:25 +0000 Manifest this update: Sat 21 Jun 2025 15:45:25 +0000 Manifest next update: Sat 21 Jun 2025 21:45:25 +0000 Files and hashes: 1: 2wnDhcqGTQSV-VGV_38HvFdh4XY.crl (hash: SnkQMWnLkCEIKJpR7qiJp6X4PZUwW1/zltyQBMluGkA=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 985 (0x3d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DB09C385CA864D0495F95195FF7F07BC5761E176 Validity Not Before: Jun 21 15:45:25 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=041AA5E81743B74248C3C196FF3D9237B7687FF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0e:76:e4:6b:ce:10:9a:1b:62:cc:f1:71:7e: 61:36:c7:6b:20:47:da:a5:25:c4:bc:d0:40:10:60: 35:fd:34:4c:6b:c5:32:bf:8b:d8:d4:36:a3:2a:63: 51:5a:a4:3f:a8:d8:71:40:65:03:dc:8d:bc:4f:7f: 4a:aa:8c:80:55:83:73:ef:9a:4e:92:94:1d:b4:bd: eb:37:17:2c:32:a1:35:26:32:fc:aa:00:cf:9d:d3: 49:74:19:ca:0d:92:0d:29:b5:f8:ad:88:67:db:3a: 92:17:68:83:a9:dc:51:09:5f:f6:5d:7c:b1:34:37: f4:73:d9:01:14:88:09:e0:94:f4:59:f2:8a:01:98: 36:20:d7:59:9c:65:e5:4a:20:b6:e8:47:fb:ea:c6: cc:13:56:a1:a0:63:d5:d4:13:e8:6e:86:04:cb:4e: f2:0a:5d:27:82:4c:16:86:7d:b4:87:b3:aa:49:48: df:a0:d3:20:29:9f:08:fc:64:79:84:22:16:50:d0: 63:ea:89:4d:d1:08:87:13:04:7a:17:4e:97:fc:e7: 5d:14:6d:af:83:03:16:b3:7e:23:58:a9:7e:b5:12: ae:4b:b3:74:84:fd:7b:6a:c0:f4:49:7c:e3:d6:66: 54:b9:d7:dd:44:50:85:04:8e:78:5a:ed:2c:04:96: 0a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:1A:A5:E8:17:43:B7:42:48:C3:C1:96:FF:3D:92:37:B7:68:7F:F7 X509v3 Authority Key Identifier: keyid:DB:09:C3:85:CA:86:4D:04:95:F9:51:95:FF:7F:07:BC:57:61:E1:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2wnDhcqGTQSV-VGV_38HvFdh4XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3337/2wnDhcqGTQSV-VGV_38HvFdh4XY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:0a:b6:a4:24:5d:08:6e:eb:29:e0:60:13:fb:da:d2:27:47: 9e:0b:3a:ba:db:b0:a2:b2:6b:e6:63:ff:f2:7b:ce:5e:bf:94: 86:5c:fe:a8:9e:60:ae:5b:45:8b:7b:f2:1e:bf:82:ff:25:89: c6:79:c5:ac:5f:5c:8b:6f:68:5a:3c:db:d7:d5:f9:e6:a5:63: b2:b0:c6:9f:1b:b4:ce:27:a2:d4:12:a3:bc:d5:5c:4d:f7:74: 9d:19:02:09:8a:02:fb:66:c8:4e:3a:67:ac:45:84:66:21:01: f6:bb:5d:fc:b2:b2:25:75:1d:31:b7:23:a0:33:ee:bd:72:41: a2:13:32:8d:61:44:c9:e4:e9:e2:e9:21:e8:06:14:8a:8e:13: 95:d0:47:31:7a:83:76:d4:d1:4b:40:9d:d1:fb:27:5b:e6:dc: 3d:ae:75:82:bb:b5:ad:1c:98:8b:8f:d5:d5:f1:ae:14:13:63: 67:2c:c1:75:98:0d:64:da:76:f1:98:65:58:6a:13:b3:39:f1: 36:ab:88:2c:f7:ec:ea:e2:64:2e:97:c8:61:cd:83:81:31:ae: 29:78:10:48:1f:c6:55:96:eb:35:ad:12:5e:a7:75:df:6a:63: 3c:66:ee:8a:18:dd:a3:a7:5e:15:65:7b:e2:a3:13:b8:b0:5f: cf:db:55:d9 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICA9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREIw OUMzODVDQTg2NEQwNDk1Rjk1MTk1RkY3RjA3QkM1NzYxRTE3NjAeFw0yNTA2MjEx NTQ1MjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA0MUFBNUU4MTc0M0I3 NDI0OEMzQzE5NkZGM0Q5MjM3Qjc2ODdGRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqDnbka84QmhtizPFxfmE2x2sgR9qlJcS80EAQYDX9NExrxTK/ i9jUNqMqY1FapD+o2HFAZQPcjbxPf0qqjIBVg3Pvmk6SlB20ves3FywyoTUmMvyq AM+d00l0GcoNkg0ptfitiGfbOpIXaIOp3FEJX/ZdfLE0N/Rz2QEUiAnglPRZ8ooB mDYg11mcZeVKILboR/vqxswTVqGgY9XUE+huhgTLTvIKXSeCTBaGfbSHs6pJSN+g 0yApnwj8ZHmEIhZQ0GPqiU3RCIcTBHoXTpf8510Uba+DAxazfiNYqX61Eq5Ls3SE /XtqwPRJfOPWZlS5191EUIUEjnha7SwElgotAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUBBql6BdDt0JIw8GW/z2SN7dof/cwHwYDVR0jBBgwFoAU2wnDhcqGTQSV+VGV /38HvFdh4XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz Ny8yd25EaGNxR1RRU1YtVkdWXzM4SHZGZGg0WFkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzJ3bkRoY3FHVFFTVi1WR1ZfMzhIdkZkaDRYWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMzcvMnduRGhjcUdUUVNW LVZHVl8zOEh2RmRoNFhZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAD4KtqQkXQhu6yngYBP72tInR54LOrrbsKKya+Zj//J7zl6/lIZc/qieYK5b RYt78h6/gv8licZ5xaxfXItvaFo829fV+ealY7Kwxp8btM4notQSo7zVXE33dJ0Z AgmKAvtmyE46Z6xFhGYhAfa7XfyysiV1HTG3I6Az7r1yQaITMo1hRMnk6eLpIegG FIqOE5XQRzF6g3bU0UtAndH7J1vm3D2udYK7ta0cmIuP1dXxrhQTY2cswXWYDWTa dvGYZVhqE7M58TariCz37OriZC6XyGHNg4Exril4EEgfxlWW6zWtEl6ndd9qYzxm 7ooY3aOnXhVle+KjE7iwX8/bVdk= -----END CERTIFICATE-----Generated at Sat Jun 21 17:36:08 2025 by rpki-client