$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft File: TnhsicjML72c4lQNmb4SziD2uLM.mft (raw, json) Hash identifier: kArXrG7nNd5Xfs9M60z9xryhSXUYpmzG02ha7E3LiBo= Subject key identifier: 9F:63:9C:D9:A3:0D:BF:38:00:4F:0F:8F:1F:47:30:E9:EE:E7:DD:4D Authority key identifier: 4E:78:6C:89:C8:CC:2F:BD:9C:E2:54:0D:99:BE:12:CE:20:F6:B8:B3 Certificate issuer: /CN=4E786C89C8CC2FBD9CE2540D99BE12CE20F6B8B3 Certificate serial: 1888 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft Manifest number: 1888 Signing time: Mon 11 Aug 2025 09:02:10 +0000 Manifest this update: Mon 11 Aug 2025 09:02:10 +0000 Manifest next update: Mon 11 Aug 2025 15:02:10 +0000 Files and hashes: 1: TnhsicjML72c4lQNmb4SziD2uLM.crl (hash: ZuCyKUplg+5WZc2wJ7qdxOJYN84gcNCxFa7VLqFpSmc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6280 (0x1888) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E786C89C8CC2FBD9CE2540D99BE12CE20F6B8B3 Validity Not Before: Aug 11 09:02:10 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9F639CD9A30DBF38004F0F8F1F4730E9EEE7DD4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0a:d5:95:90:65:ec:e1:dd:9e:9c:49:5a:57: 6d:f6:b6:6a:3d:8d:6d:25:0e:d4:5d:f2:3e:77:48: 0f:c9:7d:ab:8a:44:55:7d:ae:fa:15:13:25:0b:42: 93:3f:09:bf:20:b6:4d:5f:be:ce:df:b8:0d:ac:55: 0a:07:5f:1b:cf:05:8b:c3:06:36:47:0b:9f:42:a7: 9f:b9:93:0b:e9:47:80:e8:59:b4:bf:72:85:f8:4a: a0:d9:50:87:7b:f1:77:ee:55:05:e8:ec:c5:74:b1: 9c:17:d4:bc:b1:74:4e:b5:a3:0a:10:f5:71:11:7b: 1b:43:d5:64:02:7b:d7:4e:59:ac:53:8c:ee:9e:c6: 93:27:16:5d:53:59:2b:f7:4e:6c:79:ce:72:3e:a7: 65:61:8b:75:41:12:f1:12:ab:51:8b:d9:b6:2a:d1: a4:9d:39:d2:7b:7d:11:e4:69:1a:4e:65:ce:0c:69: 57:b5:e5:da:d9:66:04:da:a2:4b:f3:ac:7d:3d:ee: 91:08:a6:31:16:7e:f6:97:d2:4b:28:6e:60:6d:8b: ab:89:73:f7:14:f2:64:4d:e2:5c:cb:cf:b2:e7:ca: 10:7a:e1:c7:1c:9f:66:76:9b:01:63:6f:56:80:af: ec:ab:e9:73:1d:11:d4:08:00:e4:96:27:06:a3:4e: 60:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:63:9C:D9:A3:0D:BF:38:00:4F:0F:8F:1F:47:30:E9:EE:E7:DD:4D X509v3 Authority Key Identifier: keyid:4E:78:6C:89:C8:CC:2F:BD:9C:E2:54:0D:99:BE:12:CE:20:F6:B8:B3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TnhsicjML72c4lQNmb4SziD2uLM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/TnhsicjML72c4lQNmb4SziD2uLM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:29:0a:60:7b:14:78:a0:bb:5a:e7:73:6c:16:34:36:7c:34: 12:20:45:c1:02:65:ee:4b:f9:e0:2c:74:93:35:5f:6e:c3:47: 92:7c:7f:f9:d9:13:28:17:1f:56:9d:8b:e5:97:79:c9:68:a7: 4f:39:d6:83:80:aa:02:be:4f:b4:56:1c:2b:dc:20:5b:c1:11: 05:26:54:e8:2e:1a:37:e0:7c:0b:50:0b:c0:6d:39:77:d3:4a: fa:a8:dc:e1:e3:55:51:cb:ff:fe:20:90:4c:39:84:78:70:a8: ee:8e:6c:a9:e2:2f:3c:61:95:c3:9c:64:6b:f6:19:f7:b2:2e: 97:0b:ec:91:a5:9a:3b:07:bf:2b:ca:e8:26:38:7f:d8:fe:1e: 74:3d:06:17:75:f0:2c:a1:05:f4:cb:4c:fd:71:40:b6:34:ae: bd:63:c5:c5:12:68:7f:43:04:24:58:35:da:8f:ca:e4:14:10: 0f:6a:da:48:9c:8f:96:7e:e8:9a:83:a2:28:a7:3f:38:82:f0: 62:a1:b9:4a:1b:58:ef:f3:1c:e5:4a:87:86:2a:72:1a:5a:09: df:7e:91:c8:31:f7:b7:c5:e2:23:cf:35:65:49:fe:e3:af:01: a1:7c:0c:c0:3c:3c:6d:71:fa:8d:d4:73:2a:3d:ea:66:ec:71: 69:ae:43:80 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEU3 ODZDODlDOENDMkZCRDlDRTI1NDBEOTlCRTEyQ0UyMEY2QjhCMzAeFw0yNTA4MTEw OTAyMTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlGNjM5Q0Q5QTMwREJG MzgwMDRGMEY4RjFGNDczMEU5RUVFN0RENEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtCtWVkGXs4d2enElaV232tmo9jW0lDtRd8j53SA/JfauKRFV9 rvoVEyULQpM/Cb8gtk1fvs7fuA2sVQoHXxvPBYvDBjZHC59Cp5+5kwvpR4DoWbS/ coX4SqDZUId78XfuVQXo7MV0sZwX1LyxdE61owoQ9XERextD1WQCe9dOWaxTjO6e xpMnFl1TWSv3Tmx5znI+p2Vhi3VBEvESq1GL2bYq0aSdOdJ7fRHkaRpOZc4MaVe1 5drZZgTaokvzrH097pEIpjEWfvaX0ksobmBti6uJc/cU8mRN4lzLz7LnyhB64ccc n2Z2mwFjb1aAr+yr6XMdEdQIAOSWJwajTmBrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUn2Oc2aMNvzgATw+PH0cw6e7n3U0wHwYDVR0jBBgwFoAUTnhsicjML72c4lQN mb4SziD2uLMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L1RuaHNpY2pNTDcyYzRsUU5tYjRTemlEMnVMTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVG5oc2ljak1MNzJjNGxRTm1iNFN6aUQydUxNLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL1RuaHNpY2pNTDcyYzRs UU5tYjRTemlEMnVMTS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAcKQpgexR4oLta53NsFjQ2fDQSIEXBAmXuS/ngLHSTNV9uw0eSfH/52RMoFx9W nYvll3nJaKdPOdaDgKoCvk+0Vhwr3CBbwREFJlToLho34HwLUAvAbTl300r6qNzh 41VRy//+IJBMOYR4cKjujmyp4i88YZXDnGRr9hn3si6XC+yRpZo7B78ryugmOH/Y /h50PQYXdfAsoQX0y0z9cUC2NK69Y8XFEmh/QwQkWDXaj8rkFBAPatpInI+Wfuia g6Iopz84gvBioblKG1jv8xzlSoeGKnIaWgnffpHIMfe3xeIjzzVlSf7jrwGhfAzA PDxtcfqN1HMqPepm7HFprkOA -----END CERTIFICATE-----Generated at Mon Aug 11 13:11:46 2025 by rpki-client