$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft File: zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft (raw, json) Hash identifier: /kGG21Iujnmj3RSTxJ6/qEobJ67M0ECxz4OCbP3xy0c= Subject key identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 Authority key identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 Certificate issuer: /CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Certificate serial: 1483 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft Manifest number: 1483 Signing time: Sat 26 Apr 2025 11:07:38 +0000 Manifest this update: Sat 26 Apr 2025 11:07:38 +0000 Manifest next update: Sat 26 Apr 2025 17:07:38 +0000 Files and hashes: 1: zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl (hash: XEGLdzaLBKQactRWhmEhLh3L+7tiCOMGo2r/sB1geh4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5251 (0x1483) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7 Validity Not Before: Apr 26 11:07:38 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=2138FFFC8AF59D1AAB0DF92BBB31E23E8ACC5293 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:23:a3:31:f7:55:c2:81:3d:f1:f6:5d:15:b4: 1c:43:09:ec:a0:49:5e:74:40:a7:c8:4a:c8:bb:71: 1b:db:d5:a9:40:3b:f9:7a:60:6a:bb:84:8c:51:9c: fe:7a:94:61:a4:f6:5f:c7:c6:5e:9d:97:39:8a:71: be:e4:c6:0d:a5:d1:de:2a:1c:c3:56:fa:da:29:1a: fe:fb:49:f9:53:27:ee:40:8d:5b:50:2b:d7:af:3e: 4a:d9:36:ac:b3:f0:62:77:a9:2e:7e:07:bb:41:bd: b5:35:4a:bc:bd:78:35:13:4a:3e:15:d6:9e:13:58: bc:70:dd:fe:d2:ae:58:24:09:50:97:95:3f:53:4f: 07:dd:0e:e6:d8:14:4e:01:94:d5:4b:a4:ad:da:e6: a7:e6:9f:1c:ca:47:f9:1f:38:a2:fe:ff:a1:f0:41: 91:c9:8f:e5:07:9c:e9:49:33:3b:53:d7:d0:ef:91: 64:53:a6:d6:e4:9f:a7:52:cd:51:5a:b8:4f:eb:b6: da:9a:d3:f9:4d:de:9b:43:04:d8:ad:ed:50:c6:ff: 08:c4:a6:24:7e:4a:cb:72:5f:cf:6d:5c:8b:e4:34: 6e:1b:86:20:29:b7:e2:91:7f:ec:20:48:d0:e2:45: 4a:96:bf:b9:46:31:0f:1c:8b:b0:fe:e5:42:eb:fc: 2a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93 X509v3 Authority Key Identifier: keyid:CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:15:c9:7b:c1:90:8e:2a:41:52:4c:fa:f9:ae:d0:50:bf:16: ad:ea:51:6d:b6:d3:30:46:69:d0:d0:f1:33:0a:88:f9:d8:bd: 11:11:7f:a2:29:f2:e3:ff:ba:fd:13:bf:f7:8d:29:78:02:9a: 56:80:2f:d4:60:cb:30:6e:26:06:e6:ec:41:07:69:9f:20:7b: 03:86:58:ea:dd:ed:2f:1e:0c:81:90:58:b1:28:67:b5:a7:52: 2f:17:c2:93:db:71:b2:4b:a1:e3:e8:af:40:3e:14:eb:2d:54: f9:3d:39:3d:74:cf:a2:90:c7:84:e9:8a:a0:e3:21:08:26:7f: b9:48:48:9f:bb:b4:e2:0d:94:a8:6b:e6:fe:9b:e3:af:25:8e: e1:80:e7:bd:c5:75:91:fb:55:ea:b3:6f:b1:79:95:6e:eb:43: 2f:14:7b:79:57:bd:d6:9b:1b:ac:c1:e5:a6:01:0e:29:65:5a: ed:a3:61:8a:c1:6f:ef:e3:03:73:b7:69:13:45:ba:a6:27:3a: 4e:9b:e7:90:f1:3f:52:f3:fa:91:56:e7:96:4b:28:0c:80:c3: 15:04:83:ce:29:bc:f6:bc:44:f0:d2:54:87:81:c4:54:08:0f: f9:5a:80:67:20:a3:ab:67:b8:e8:a5:c6:17:0e:17:be:71:98: b8:59:0e:53 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NB M0E3MUQzMjY2RUVCRkU2RjE4OURFRUU0MjlFQTlFMDQzQTRFNzAeFw0yNTA0MjYx MTA3MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIxMzhGRkZDOEFGNTlE MUFBQjBERjkyQkJCMzFFMjNFOEFDQzUyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaI6Mx91XCgT3x9l0VtBxDCeygSV50QKfISsi7cRvb1alAO/l6 YGq7hIxRnP56lGGk9l/Hxl6dlzmKcb7kxg2l0d4qHMNW+topGv77SflTJ+5AjVtQ K9evPkrZNqyz8GJ3qS5+B7tBvbU1Sry9eDUTSj4V1p4TWLxw3f7SrlgkCVCXlT9T TwfdDubYFE4BlNVLpK3a5qfmnxzKR/kfOKL+/6HwQZHJj+UHnOlJMztT19DvkWRT ptbkn6dSzVFauE/rttqa0/lN3ptDBNit7VDG/wjEpiR+SstyX89tXIvkNG4bhiAp t+KRf+wgSNDiRUqWv7lGMQ8ci7D+5ULr/CpfAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUITj//Ir1nRqrDfkruzHiPorMUpMwHwYDVR0jBBgwFoAUzKOnHTJm7r/m8Yne 7kKeqeBDpOcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDcz L3pLT25IVEptN3JfbThZbmU3a0tlcWVCRHBPYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvektPbkhUSm03cl9tOFluZTdrS2VxZUJEcE9jLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDczL3pLT25IVEptN3JfbThZ bmU3a0tlcWVCRHBPYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQBPFcl7wZCOKkFSTPr5rtBQvxat6lFtttMwRmnQ0PEzCoj52L0REX+iKfLj/7r9 E7/3jSl4AppWgC/UYMswbiYG5uxBB2mfIHsDhljq3e0vHgyBkFixKGe1p1IvF8KT 23GyS6Hj6K9APhTrLVT5PTk9dM+ikMeE6Yqg4yEIJn+5SEifu7TiDZSoa+b+m+Ov JY7hgOe9xXWR+1Xqs2+xeZVu60MvFHt5V73WmxusweWmAQ4pZVrto2GKwW/v4wNz t2kTRbqmJzpOm+eQ8T9S8/qRVueWSygMgMMVBIPOKbz2vETw0lSHgcRUCA/5WoBn IKOrZ7jopcYXDhe+cZi4WQ5T -----END CERTIFICATE-----Generated at Sat Apr 26 14:28:46 2025 by rpki-client