$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft File: TnhsicjML72c4lQNmb4SziD2uLM.mft (raw, json) Hash identifier: 25rEKHtobSvjv8iLKFVx2psfOU0S//5coUKCVsbTiwQ= Subject key identifier: 9F:63:9C:D9:A3:0D:BF:38:00:4F:0F:8F:1F:47:30:E9:EE:E7:DD:4D Authority key identifier: 4E:78:6C:89:C8:CC:2F:BD:9C:E2:54:0D:99:BE:12:CE:20:F6:B8:B3 Certificate issuer: /CN=4E786C89C8CC2FBD9CE2540D99BE12CE20F6B8B3 Certificate serial: 1786 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft Manifest number: 1786 Signing time: Fri 20 Jun 2025 10:41:20 +0000 Manifest this update: Fri 20 Jun 2025 10:41:20 +0000 Manifest next update: Fri 20 Jun 2025 16:41:20 +0000 Files and hashes: 1: TnhsicjML72c4lQNmb4SziD2uLM.crl (hash: 2iPm5BLIsIaOWOEpvXD3OdJE4aSqlFh7AFv286uy01s=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 15:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6022 (0x1786) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E786C89C8CC2FBD9CE2540D99BE12CE20F6B8B3 Validity Not Before: Jun 20 10:41:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9F639CD9A30DBF38004F0F8F1F4730E9EEE7DD4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0a:d5:95:90:65:ec:e1:dd:9e:9c:49:5a:57: 6d:f6:b6:6a:3d:8d:6d:25:0e:d4:5d:f2:3e:77:48: 0f:c9:7d:ab:8a:44:55:7d:ae:fa:15:13:25:0b:42: 93:3f:09:bf:20:b6:4d:5f:be:ce:df:b8:0d:ac:55: 0a:07:5f:1b:cf:05:8b:c3:06:36:47:0b:9f:42:a7: 9f:b9:93:0b:e9:47:80:e8:59:b4:bf:72:85:f8:4a: a0:d9:50:87:7b:f1:77:ee:55:05:e8:ec:c5:74:b1: 9c:17:d4:bc:b1:74:4e:b5:a3:0a:10:f5:71:11:7b: 1b:43:d5:64:02:7b:d7:4e:59:ac:53:8c:ee:9e:c6: 93:27:16:5d:53:59:2b:f7:4e:6c:79:ce:72:3e:a7: 65:61:8b:75:41:12:f1:12:ab:51:8b:d9:b6:2a:d1: a4:9d:39:d2:7b:7d:11:e4:69:1a:4e:65:ce:0c:69: 57:b5:e5:da:d9:66:04:da:a2:4b:f3:ac:7d:3d:ee: 91:08:a6:31:16:7e:f6:97:d2:4b:28:6e:60:6d:8b: ab:89:73:f7:14:f2:64:4d:e2:5c:cb:cf:b2:e7:ca: 10:7a:e1:c7:1c:9f:66:76:9b:01:63:6f:56:80:af: ec:ab:e9:73:1d:11:d4:08:00:e4:96:27:06:a3:4e: 60:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:63:9C:D9:A3:0D:BF:38:00:4F:0F:8F:1F:47:30:E9:EE:E7:DD:4D X509v3 Authority Key Identifier: keyid:4E:78:6C:89:C8:CC:2F:BD:9C:E2:54:0D:99:BE:12:CE:20:F6:B8:B3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:ba:d9:6a:1e:88:0f:57:50:e8:f5:5c:c5:a1:fb:bb:e4:fa: cf:87:2a:a2:a4:f3:47:3a:44:86:c1:3d:a8:b2:de:04:5b:d7: 2b:0d:37:52:70:8d:40:fa:d5:50:c9:b6:41:8f:c6:a4:bf:f3: 1a:21:f2:fb:e7:95:49:a9:e4:38:98:ef:ae:b2:61:be:ca:2c: 5f:95:ce:bd:62:e0:fc:5a:1f:69:02:66:26:89:ad:03:d3:ab: b8:ec:3e:4b:93:d6:22:a3:75:cd:2c:e5:c4:d9:ad:9d:b0:51: 53:9c:87:cb:bb:8e:8f:9d:d1:fc:cd:22:11:3b:50:ea:2e:97: 64:55:99:fc:2a:78:59:7c:27:dd:75:38:ba:d7:06:d1:33:bb: 7a:f6:3d:a0:a9:11:33:39:34:3b:5d:46:84:c3:39:53:45:34: eb:f7:0e:a0:b9:23:23:9c:c0:18:f6:4e:7d:99:b9:f3:9b:9d: ef:4d:12:73:1c:31:2b:4f:5a:da:06:70:b7:84:f5:c2:4b:4f: a4:93:02:27:7f:6f:01:4f:c7:00:95:37:ad:32:d3:47:9c:8b: 33:8d:cb:76:3c:8e:84:a8:09:4f:0e:74:ec:2a:25:0a:2a:84: 66:7a:87:1a:b9:8b:3e:1a:39:bf:38:2a:c6:38:fa:74:96:6e: 6d:74:f1:96 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICF4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEU3 ODZDODlDOENDMkZCRDlDRTI1NDBEOTlCRTEyQ0UyMEY2QjhCMzAeFw0yNTA2MjAx MDQxMjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlGNjM5Q0Q5QTMwREJG MzgwMDRGMEY4RjFGNDczMEU5RUVFN0RENEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtCtWVkGXs4d2enElaV232tmo9jW0lDtRd8j53SA/JfauKRFV9 rvoVEyULQpM/Cb8gtk1fvs7fuA2sVQoHXxvPBYvDBjZHC59Cp5+5kwvpR4DoWbS/ coX4SqDZUId78XfuVQXo7MV0sZwX1LyxdE61owoQ9XERextD1WQCe9dOWaxTjO6e xpMnFl1TWSv3Tmx5znI+p2Vhi3VBEvESq1GL2bYq0aSdOdJ7fRHkaRpOZc4MaVe1 5drZZgTaokvzrH097pEIpjEWfvaX0ksobmBti6uJc/cU8mRN4lzLz7LnyhB64ccc n2Z2mwFjb1aAr+yr6XMdEdQIAOSWJwajTmBrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUn2Oc2aMNvzgATw+PH0cw6e7n3U0wHwYDVR0jBBgwFoAUTnhsicjML72c4lQN mb4SziD2uLMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L1RuaHNpY2pNTDcyYzRsUU5tYjRTemlEMnVMTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVG5oc2ljak1MNzJjNGxRTm1iNFN6aUQydUxNLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL1RuaHNpY2pNTDcyYzRs UU5tYjRTemlEMnVMTS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBcutlqHogPV1Do9VzFofu75PrPhyqipPNHOkSGwT2ost4EW9crDTdScI1A+tVQ ybZBj8akv/MaIfL755VJqeQ4mO+usmG+yixflc69YuD8Wh9pAmYmia0D06u47D5L k9Yio3XNLOXE2a2dsFFTnIfLu46PndH8zSIRO1DqLpdkVZn8KnhZfCfddTi61wbR M7t69j2gqREzOTQ7XUaEwzlTRTTr9w6guSMjnMAY9k59mbnzm53vTRJzHDErT1ra BnC3hPXCS0+kkwInf28BT8cAlTetMtNHnIszjct2PI6EqAlPDnTsKiUKKoRmeoca uYs+Gjm/OCrGOPp0lm5tdPGW -----END CERTIFICATE-----Generated at Fri Jun 20 14:14:11 2025 by rpki-client