$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft File: 17ShZ52D0ID8_qOSpk1CSkdVt4A.mft (raw, json) Hash identifier: /4eAQmFYDqMZGkGySGwEZMZnF7vtDXj8J3s+xDAK/Zw= Subject key identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC Authority key identifier: D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 Certificate issuer: /CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Certificate serial: 014C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft Manifest number: 014C Signing time: Sat 26 Apr 2025 08:36:26 +0000 Manifest this update: Sat 26 Apr 2025 08:36:26 +0000 Manifest next update: Sat 26 Apr 2025 14:36:26 +0000 Files and hashes: 1: 17ShZ52D0ID8_qOSpk1CSkdVt4A.crl (hash: Nrv4GSbG5KVwRJU0BMH1UPqqvnmy2ieTOjxLUylzsso=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 332 (0x14c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Validity Not Before: Apr 26 08:36:26 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=784771EF7C83CCDF499C7D42EA01D3B75ECF4CDC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0b:88:43:47:11:66:8a:5c:73:9b:37:4f:cb: a5:99:bd:12:6e:cd:51:bd:7e:6f:16:fd:6b:0f:0e: 19:cf:a2:f5:f0:3f:54:d4:4d:e8:9b:1f:74:f9:19: f6:02:9d:39:d8:20:d0:58:dd:2e:e5:23:63:4c:d2: 25:b5:d4:3b:9f:f7:ff:bf:08:2e:3b:5f:1c:e8:08: b6:70:35:5a:25:8b:76:be:20:be:a0:c1:1e:7c:7a: 26:9c:bf:9f:5c:25:3e:03:18:c0:fb:ae:1b:34:c1: 0c:ff:80:24:ca:d4:2f:96:a7:47:7d:c2:26:68:b8: e3:c7:0a:2b:6c:91:52:36:26:a9:e8:c7:af:ec:4a: a1:26:c3:28:ea:b1:26:17:8d:02:62:ae:7f:88:6e: d3:d8:ee:77:52:27:72:c3:64:05:b2:fa:5e:ce:20: aa:c4:9b:e8:79:c2:a3:28:1e:c5:54:09:ce:fa:bf: 67:5b:86:b5:eb:51:34:86:54:8d:12:db:0c:81:ec: 4c:68:43:b6:a4:c7:02:a6:10:a9:0b:b8:8c:72:db: f7:b6:e5:98:45:27:31:23:22:ef:53:d0:12:15:26: 9d:00:a6:19:03:fe:c0:a4:dd:51:66:b7:99:93:96: 3a:df:bd:8c:06:61:ae:b8:cd:b6:a9:26:8e:9c:c1: 06:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC X509v3 Authority Key Identifier: keyid:D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:2a:30:1d:fa:a5:76:d8:64:cd:78:43:57:04:8b:0b:d9:40: df:07:52:6e:91:f1:18:e6:0d:62:1d:39:8f:fb:bb:db:df:61: 36:20:99:ac:5d:bd:94:eb:5b:63:8e:6d:1b:03:1b:3c:06:61: 26:79:dd:f9:14:47:f9:fd:25:a8:59:9a:3c:8e:ea:0e:cd:46: 1d:47:6a:33:f6:e3:82:a5:80:fb:99:65:02:eb:73:4b:d2:00: aa:75:25:7d:8c:ed:66:be:e3:f3:69:48:0b:2a:ea:3c:fd:43: eb:20:8a:be:1a:95:0b:66:7a:23:2d:77:fa:e3:de:db:57:d3: 3f:c0:2c:bb:16:3f:c9:24:50:2b:97:f5:e7:c3:ea:6d:29:b0: 77:b6:03:13:52:6d:9c:08:58:ed:f9:8b:ba:00:9d:c9:3b:76: 86:6b:33:8d:51:c6:1b:cb:7b:96:25:c2:d2:d4:9c:3b:10:cc: 27:54:b2:b5:f8:a6:78:3c:61:5c:a8:1a:20:15:f7:e7:0d:41: 7e:52:fc:9f:ac:32:67:b0:2b:0f:50:c0:94:6d:25:41:2b:5c: 91:3c:b0:e5:35:97:71:37:10:5c:61:a7:9b:72:7c:ba:5f:73: dd:08:1d:a8:6d:e3:70:1b:69:87:3e:d8:a9:1d:d6:c5:15:d6: e1:1d:4a:90 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAUwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDdC NEExNjc5RDgzRDA4MEZDRkVBMzkyQTY0RDQyNEE0NzU1Qjc4MDAeFw0yNTA0MjYw ODM2MjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc4NDc3MUVGN0M4M0ND REY0OTlDN0Q0MkVBMDFEM0I3NUVDRjRDREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTC4hDRxFmilxzmzdPy6WZvRJuzVG9fm8W/WsPDhnPovXwP1TU TeibH3T5GfYCnTnYINBY3S7lI2NM0iW11Duf9/+/CC47XxzoCLZwNVoli3a+IL6g wR58eiacv59cJT4DGMD7rhs0wQz/gCTK1C+Wp0d9wiZouOPHCitskVI2Jqnox6/s SqEmwyjqsSYXjQJirn+IbtPY7ndSJ3LDZAWy+l7OIKrEm+h5wqMoHsVUCc76v2db hrXrUTSGVI0S2wyB7ExoQ7akxwKmEKkLuIxy2/e25ZhFJzEjIu9T0BIVJp0AphkD /sCk3VFmt5mTljrfvYwGYa64zbapJo6cwQavAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUeEdx73yDzN9JnH1C6gHTt17PTNwwHwYDVR0jBBgwFoAU17ShZ52D0ID8/qOS pk1CSkdVt4AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1 MS8xN1NoWjUyRDBJRDhfcU9TcGsxQ1NrZFZ0NEEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzE3U2haNTJEMElEOF9xT1NwazFDU2tkVnQ0QS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTEvMTdTaFo1MkQwSUQ4 X3FPU3BrMUNTa2RWdDRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFIqMB36pXbYZM14Q1cEiwvZQN8HUm6R8RjmDWIdOY/7u9vfYTYgmaxdvZTr W2OObRsDGzwGYSZ53fkUR/n9JahZmjyO6g7NRh1HajP244KlgPuZZQLrc0vSAKp1 JX2M7Wa+4/NpSAsq6jz9Q+sgir4alQtmeiMtd/rj3ttX0z/ALLsWP8kkUCuX9efD 6m0psHe2AxNSbZwIWO35i7oAnck7doZrM41RxhvLe5YlwtLUnDsQzCdUsrX4png8 YVyoGiAV9+cNQX5S/J+sMmewKw9QwJRtJUErXJE8sOU1l3E3EFxhp5tyfLpfc90I Haht43AbaYc+2Kkd1sUV1uEdSpA= -----END CERTIFICATE-----Generated at Sat Apr 26 13:57:47 2025 by rpki-client