$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft File: fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft (raw, json) Hash identifier: lP2APv5PBe//mZvLqfqxKBx3ufh2QAGjtHj9u1ABoZM= Subject key identifier: EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 Certificate issuer: /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Certificate serial: 1FF4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft Manifest number: 1FE2 Signing time: Wed 13 Aug 2025 16:05:48 +0000 Manifest this update: Wed 13 Aug 2025 16:05:48 +0000 Manifest next update: Wed 13 Aug 2025 22:05:48 +0000 Files and hashes: 1: 1D2UmyE5-gCb0damhvuEDH8YtAY.roa (hash: AMmfBM3qaK1itXqyZ4SgnT4JGnqlgrL/Gh5C0EIxR5E=) 2: CiBAH9JduuLsmuuCF8EVZqj7e_Y.roa (hash: bd7DjAkds7VcKmf/Fltkc6yJTfqF8NsglOW0Ic2RF7A=) 3: fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl (hash: hU5o1+gtzhzo2gAnaUm3HjuA3ac8z3lTFgov7Lba2Tw=) 4: i1vcqehnPWMsGkHyBt_JD5k4A6s.roa (hash: 7Vby9l7O2UfOHc1jCfza0GDpjmXF68GhT4vaR2Ve+lE=) 5: imU9bcBr7hgyeXFqfTZmnAeJlhU.roa (hash: PY4enp06hDmmPvbNRcj0KK93xTkmT6kRWJIbjK/rHGs=) 6: ql9qcTEflj32Qvouuf74e7XIVH0.roa (hash: J5GlJW+RyK4nchWDPsGIHuSYVc8CVW/wpZ54lJLJtnA=) 7: xhyJQ6fLIljnRE3vjXjVdtzD-60.roa (hash: pw3KaKc1CqxoWC2rbY7xD+pjw8LfXPIJcNclxnFFohI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 20:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8180 (0x1ff4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Validity Not Before: Aug 13 16:05:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=ECD184153C40203BABD96D98CF4DA74F5A41A10E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:46:8a:79:8e:44:18:25:d7:0b:96:bf:57:a5: 15:1a:7b:81:3e:c9:c4:7b:f4:40:ec:ed:3f:05:e5: 44:ec:31:55:56:2a:65:a2:aa:0b:5d:8b:8c:1f:b1: b1:78:46:3d:1c:4d:7f:02:bb:8a:f0:a5:25:f5:59: 22:91:d6:a4:03:2d:ac:54:d7:2d:9b:3f:a1:15:5f: be:f7:c0:1b:04:54:f4:e7:6a:e4:00:53:38:62:31: 2f:32:8c:b4:a6:cd:58:f3:aa:1d:97:9b:e5:2b:a4: bd:42:98:18:08:dc:a2:fd:d0:80:41:98:8c:0c:97: 0c:3e:7c:6c:1f:0d:c3:71:ad:89:37:b7:a9:01:93: 4a:33:57:5a:44:6d:9c:bd:cd:63:9f:7b:a1:65:09: 34:c1:93:8f:6e:67:6e:4d:07:4a:dc:d1:4a:40:b4: d7:e3:41:cc:00:a3:b3:e5:3e:e8:0f:e1:0a:74:02: d6:79:f9:00:37:ea:8a:33:1a:42:4d:a5:c4:a5:e1: 21:3e:e3:bf:5b:4d:89:84:f1:9e:63:8a:a6:80:e5: 9c:46:da:9c:18:75:98:07:de:d8:58:27:f3:34:d7: c3:c9:14:65:5d:3a:e7:30:f7:b6:fb:66:76:9c:86: 30:7c:9b:fc:ba:4f:9a:2f:ec:04:48:50:1f:36:d7: 44:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E X509v3 Authority Key Identifier: keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:04:7a:0e:03:ff:7e:88:4f:4b:18:2e:44:9f:d9:e1:ef:af: 0d:61:e9:57:a3:a5:97:7d:72:66:e2:b5:b7:25:2a:2e:52:82: c5:73:fa:e0:87:03:17:54:85:e0:62:0e:f7:d6:57:39:bc:bc: 10:19:eb:75:67:cd:2f:dd:65:c2:62:4f:01:e1:4a:10:a2:0f: 9a:1f:1b:7b:5f:45:ad:0c:b4:af:6c:89:5e:98:08:0e:e3:bc: ba:8e:fe:39:25:7f:b7:19:dc:77:59:98:1b:08:15:9c:f7:84: 67:56:fc:31:61:d0:5e:88:64:c5:b2:b1:d1:65:67:fb:5d:ba: eb:a8:b8:7f:33:38:05:81:db:56:59:6f:9e:ab:3f:31:b9:00: 56:c2:1c:45:e1:62:03:75:a3:47:f1:8f:f5:e8:bd:7a:0d:77: 59:6e:93:28:63:59:a3:ae:fa:64:98:8f:3a:94:76:9b:4a:0a: 64:12:7b:76:c3:8a:3c:6b:b8:4d:af:9c:0d:76:47:9d:20:3c: 3c:7e:ad:f2:93:2d:8f:39:eb:1b:98:2d:ca:e5:2c:53:81:b9: c3:57:f0:61:1b:0f:63:3c:2e:48:f7:68:9b:3a:79:4d:d4:7c: be:ba:dd:06:ca:18:fc:05:e6:81:f9:1a:0a:13:c2:38:82:03: aa:14:da:e9 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICH/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0 MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNTA4MTMx NjA1NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVDRDE4NDE1M0M0MDIw M0JBQkQ5NkQ5OENGNERBNzRGNUE0MUExMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcRop5jkQYJdcLlr9XpRUae4E+ycR79EDs7T8F5UTsMVVWKmWi qgtdi4wfsbF4Rj0cTX8Cu4rwpSX1WSKR1qQDLaxU1y2bP6EVX773wBsEVPTnauQA UzhiMS8yjLSmzVjzqh2Xm+UrpL1CmBgI3KL90IBBmIwMlww+fGwfDcNxrYk3t6kB k0ozV1pEbZy9zWOfe6FlCTTBk49uZ25NB0rc0UpAtNfjQcwAo7PlPugP4Qp0AtZ5 +QA36oozGkJNpcSl4SE+479bTYmE8Z5jiqaA5ZxG2pwYdZgH3thYJ/M018PJFGVd Oucw97b7ZnachjB8m/y6T5ov7ARIUB8210TzAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU7NGEFTxAIDur2W2Yz02nT1pBoQ4wHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L2ZrQ3VrQUVBNHJsN01j NEFhUUx6SG4wZEt2SS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQDHBHoOA/9+iE9LGC5En9nh768NYelXo6WXfXJm4rW3JSouUoLFc/rghwMXVIXg Yg731lc5vLwQGet1Z80v3WXCYk8B4UoQog+aHxt7X0WtDLSvbIlemAgO47y6jv45 JX+3Gdx3WZgbCBWc94RnVvwxYdBeiGTFsrHRZWf7XbrrqLh/MzgFgdtWWW+eqz8x uQBWwhxF4WIDdaNH8Y/16L16DXdZbpMoY1mjrvpkmI86lHabSgpkEnt2w4o8a7hN r5wNdkedIDw8fq3yky2POesbmC3K5SxTgbnDV/BhGw9jPC5I92ibOnlN1Hy+ut0G yhj8BeaB+RoKE8I4ggOqFNrp -----END CERTIFICATE-----Generated at Wed Aug 13 19:16:39 2025 by rpki-client