$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft File: 17ShZ52D0ID8_qOSpk1CSkdVt4A.mft (raw, json) Hash identifier: zk9LO4uFxCcO3kL4TWnFKLjUU8LLx0odLTF/DoBXUYc= Subject key identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC Authority key identifier: D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 Certificate issuer: /CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Certificate serial: 0369 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft Manifest number: 0369 Signing time: Wed 13 Aug 2025 01:01:50 +0000 Manifest this update: Wed 13 Aug 2025 01:01:50 +0000 Manifest next update: Wed 13 Aug 2025 07:01:50 +0000 Files and hashes: 1: 17ShZ52D0ID8_qOSpk1CSkdVt4A.crl (hash: 7RNH9xdvpQvrXmDWwozlwv0Gr81ZSY2aqacBu0Jso2c=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 07:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 873 (0x369) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Validity Not Before: Aug 13 01:01:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=784771EF7C83CCDF499C7D42EA01D3B75ECF4CDC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0b:88:43:47:11:66:8a:5c:73:9b:37:4f:cb: a5:99:bd:12:6e:cd:51:bd:7e:6f:16:fd:6b:0f:0e: 19:cf:a2:f5:f0:3f:54:d4:4d:e8:9b:1f:74:f9:19: f6:02:9d:39:d8:20:d0:58:dd:2e:e5:23:63:4c:d2: 25:b5:d4:3b:9f:f7:ff:bf:08:2e:3b:5f:1c:e8:08: b6:70:35:5a:25:8b:76:be:20:be:a0:c1:1e:7c:7a: 26:9c:bf:9f:5c:25:3e:03:18:c0:fb:ae:1b:34:c1: 0c:ff:80:24:ca:d4:2f:96:a7:47:7d:c2:26:68:b8: e3:c7:0a:2b:6c:91:52:36:26:a9:e8:c7:af:ec:4a: a1:26:c3:28:ea:b1:26:17:8d:02:62:ae:7f:88:6e: d3:d8:ee:77:52:27:72:c3:64:05:b2:fa:5e:ce:20: aa:c4:9b:e8:79:c2:a3:28:1e:c5:54:09:ce:fa:bf: 67:5b:86:b5:eb:51:34:86:54:8d:12:db:0c:81:ec: 4c:68:43:b6:a4:c7:02:a6:10:a9:0b:b8:8c:72:db: f7:b6:e5:98:45:27:31:23:22:ef:53:d0:12:15:26: 9d:00:a6:19:03:fe:c0:a4:dd:51:66:b7:99:93:96: 3a:df:bd:8c:06:61:ae:b8:cd:b6:a9:26:8e:9c:c1: 06:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC X509v3 Authority Key Identifier: keyid:D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:57:81:2e:6f:79:37:ea:6d:cc:ac:dd:54:88:57:bf:ad:e5: 21:e2:9a:7e:d4:0d:0a:98:9a:ae:70:1f:c1:54:95:9a:69:0a: 9a:09:4e:e0:00:dc:ef:29:32:b1:3d:42:ea:1a:1f:99:5b:d8: f7:14:e9:92:ee:77:4d:65:cd:a4:8e:72:55:e2:79:83:fe:ff: b6:0c:14:b3:48:d2:e9:42:78:83:6b:e1:ad:8f:f4:0b:0e:e6: 10:56:89:a3:59:fd:e0:97:48:25:9a:90:e0:6a:a3:aa:1e:fc: 5b:48:11:99:a5:4b:54:9c:7f:37:52:21:77:3b:31:9f:1c:9f: f5:26:8d:37:e8:f8:c3:a0:84:7e:2d:c4:b7:a4:85:28:c4:c0: 05:41:f2:c7:7d:c4:1e:69:6b:73:b4:c9:88:68:c5:63:6c:57: 46:51:d9:cf:da:62:03:60:94:48:3c:c2:c2:4e:e9:89:2f:db: 5b:85:15:0f:b1:dd:99:6e:10:9f:c1:96:51:a1:25:fa:cd:54: b1:32:1c:1c:08:36:23:1a:3d:bc:00:01:c1:04:71:87:6d:98: b7:7a:7e:e9:78:17:3f:ad:85:4a:0b:6c:d7:7d:76:4f:da:d2: bd:b8:22:a9:cd:8f:74:13:43:73:06:97:ff:ae:83:c0:eb:ab: 54:49:75:d6 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICA2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDdC NEExNjc5RDgzRDA4MEZDRkVBMzkyQTY0RDQyNEE0NzU1Qjc4MDAeFw0yNTA4MTMw MTAxNTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc4NDc3MUVGN0M4M0ND REY0OTlDN0Q0MkVBMDFEM0I3NUVDRjRDREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTC4hDRxFmilxzmzdPy6WZvRJuzVG9fm8W/WsPDhnPovXwP1TU TeibH3T5GfYCnTnYINBY3S7lI2NM0iW11Duf9/+/CC47XxzoCLZwNVoli3a+IL6g wR58eiacv59cJT4DGMD7rhs0wQz/gCTK1C+Wp0d9wiZouOPHCitskVI2Jqnox6/s SqEmwyjqsSYXjQJirn+IbtPY7ndSJ3LDZAWy+l7OIKrEm+h5wqMoHsVUCc76v2db hrXrUTSGVI0S2wyB7ExoQ7akxwKmEKkLuIxy2/e25ZhFJzEjIu9T0BIVJp0AphkD /sCk3VFmt5mTljrfvYwGYa64zbapJo6cwQavAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUeEdx73yDzN9JnH1C6gHTt17PTNwwHwYDVR0jBBgwFoAU17ShZ52D0ID8/qOS pk1CSkdVt4AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1 MS8xN1NoWjUyRDBJRDhfcU9TcGsxQ1NrZFZ0NEEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzE3U2haNTJEMElEOF9xT1NwazFDU2tkVnQ0QS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTEvMTdTaFo1MkQwSUQ4 X3FPU3BrMUNTa2RWdDRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBADNXgS5veTfqbcys3VSIV7+t5SHimn7UDQqYmq5wH8FUlZppCpoJTuAA3O8p MrE9QuoaH5lb2PcU6ZLud01lzaSOclXieYP+/7YMFLNI0ulCeINr4a2P9AsO5hBW iaNZ/eCXSCWakOBqo6oe/FtIEZmlS1ScfzdSIXc7MZ8cn/UmjTfo+MOghH4txLek hSjEwAVB8sd9xB5pa3O0yYhoxWNsV0ZR2c/aYgNglEg8wsJO6Ykv21uFFQ+x3Zlu EJ/BllGhJfrNVLEyHBwINiMaPbwAAcEEcYdtmLd6ful4Fz+thUoLbNd9dk/a0r24 IqnNj3QTQ3MGl/+ug8Drq1RJddY= -----END CERTIFICATE-----Generated at Wed Aug 13 05:53:10 2025 by rpki-client