$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft File: zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft (raw, json) Hash identifier: SvEJjn+VnnlCQ7giRFQI+0JztPigg1B/NTpTXz04NkA= Subject key identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 Authority key identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 Certificate issuer: /CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Certificate serial: 169F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft Manifest number: 169F Signing time: Wed 13 Aug 2025 16:03:07 +0000 Manifest this update: Wed 13 Aug 2025 16:03:07 +0000 Manifest next update: Wed 13 Aug 2025 22:03:07 +0000 Files and hashes: 1: zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl (hash: YIgmQrk0pKQwVbJ/RCXgwvUtQH3G2tjdTYxJi3FKUt8=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 22:03:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5791 (0x169f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Validity Not Before: Aug 13 16:03:07 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2138FFFC8AF59D1AAB0DF92BBB31E23E8ACC5293 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:23:a3:31:f7:55:c2:81:3d:f1:f6:5d:15:b4: 1c:43:09:ec:a0:49:5e:74:40:a7:c8:4a:c8:bb:71: 1b:db:d5:a9:40:3b:f9:7a:60:6a:bb:84:8c:51:9c: fe:7a:94:61:a4:f6:5f:c7:c6:5e:9d:97:39:8a:71: be:e4:c6:0d:a5:d1:de:2a:1c:c3:56:fa:da:29:1a: fe:fb:49:f9:53:27:ee:40:8d:5b:50:2b:d7:af:3e: 4a:d9:36:ac:b3:f0:62:77:a9:2e:7e:07:bb:41:bd: b5:35:4a:bc:bd:78:35:13:4a:3e:15:d6:9e:13:58: bc:70:dd:fe:d2:ae:58:24:09:50:97:95:3f:53:4f: 07:dd:0e:e6:d8:14:4e:01:94:d5:4b:a4:ad:da:e6: a7:e6:9f:1c:ca:47:f9:1f:38:a2:fe:ff:a1:f0:41: 91:c9:8f:e5:07:9c:e9:49:33:3b:53:d7:d0:ef:91: 64:53:a6:d6:e4:9f:a7:52:cd:51:5a:b8:4f:eb:b6: da:9a:d3:f9:4d:de:9b:43:04:d8:ad:ed:50:c6:ff: 08:c4:a6:24:7e:4a:cb:72:5f:cf:6d:5c:8b:e4:34: 6e:1b:86:20:29:b7:e2:91:7f:ec:20:48:d0:e2:45: 4a:96:bf:b9:46:31:0f:1c:8b:b0:fe:e5:42:eb:fc: 2a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 X509v3 Authority Key Identifier: keyid:CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:11:5e:40:f4:48:4d:ea:82:d8:84:b6:c7:c8:ec:d5:46:c5: 92:af:d1:59:da:2b:7b:d5:9c:ac:1e:5e:76:49:12:35:ea:5b: 8c:af:30:53:86:61:e5:fd:86:39:70:2a:69:15:8a:a4:0c:39: fd:e7:54:e4:b8:d4:83:cc:68:3d:1b:12:55:78:6c:18:2a:e3: 2d:59:10:77:0d:f7:a8:1e:85:ee:28:a5:42:ad:f5:ec:64:77: 28:7c:d6:3e:8f:5b:3e:a1:20:69:4f:6e:13:ae:38:32:4b:b2: 3d:d2:50:2d:19:3d:b2:bb:ff:07:96:14:26:2c:7e:21:df:df: 86:28:53:79:18:f4:89:51:19:ab:9b:af:cb:cc:45:f0:92:51: 33:0c:b6:97:84:01:77:bb:ff:2e:e6:4c:33:be:ba:6f:f3:92: 24:83:cf:44:67:cd:7d:70:8a:18:e9:a9:4a:5b:77:f7:79:28: 77:f3:02:e2:b2:35:1d:41:f7:4a:cf:7e:21:7c:6c:d3:6a:b5: c2:85:4a:df:55:1d:9f:fe:f5:ce:9b:3e:70:d6:bb:6e:14:e8: 08:da:38:58:e3:7e:eb:6b:ba:33:40:1a:79:fb:18:b1:c8:a0: a5:04:3c:26:31:e3:41:d0:96:7c:78:d1:f9:6a:47:86:a9:43: ad:fc:ad:dd -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NB M0E3MUQzMjY2RUVCRkU2RjE4OURFRUU0MjlFQTlFMDQzQTRFNzAeFw0yNTA4MTMx NjAzMDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIxMzhGRkZDOEFGNTlE MUFBQjBERjkyQkJCMzFFMjNFOEFDQzUyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaI6Mx91XCgT3x9l0VtBxDCeygSV50QKfISsi7cRvb1alAO/l6 YGq7hIxRnP56lGGk9l/Hxl6dlzmKcb7kxg2l0d4qHMNW+topGv77SflTJ+5AjVtQ K9evPkrZNqyz8GJ3qS5+B7tBvbU1Sry9eDUTSj4V1p4TWLxw3f7SrlgkCVCXlT9T TwfdDubYFE4BlNVLpK3a5qfmnxzKR/kfOKL+/6HwQZHJj+UHnOlJMztT19DvkWRT ptbkn6dSzVFauE/rttqa0/lN3ptDBNit7VDG/wjEpiR+SstyX89tXIvkNG4bhiAp t+KRf+wgSNDiRUqWv7lGMQ8ci7D+5ULr/CpfAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUITj//Ir1nRqrDfkruzHiPorMUpMwHwYDVR0jBBgwFoAUzKOnHTJm7r/m8Yne 7kKeqeBDpOcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDcz L3pLT25IVEptN3JfbThZbmU3a0tlcWVCRHBPYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvektPbkhUSm03cl9tOFluZTdrS2VxZUJEcE9jLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDczL3pLT25IVEptN3JfbThZ bmU3a0tlcWVCRHBPYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBpEV5A9EhN6oLYhLbHyOzVRsWSr9FZ2it71ZysHl52SRI16luMrzBThmHl/YY5 cCppFYqkDDn951TkuNSDzGg9GxJVeGwYKuMtWRB3DfeoHoXuKKVCrfXsZHcofNY+ j1s+oSBpT24TrjgyS7I90lAtGT2yu/8HlhQmLH4h39+GKFN5GPSJURmrm6/LzEXw klEzDLaXhAF3u/8u5kwzvrpv85Ikg89EZ819cIoY6alKW3f3eSh38wLisjUdQfdK z34hfGzTarXChUrfVR2f/vXOmz5w1rtuFOgI2jhY437ra7ozQBp5+xixyKClBDwm MeNB0JZ8eNH5akeGqUOt/K3d -----END CERTIFICATE-----Generated at Wed Aug 13 20:22:50 2025 by rpki-client