$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft File: fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft (raw, json) Hash identifier: Vn6dL/EM350mwkBYg4LGUVYu5oLt/ZZ68rZeWVMxcPw= Subject key identifier: EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 Certificate issuer: /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Certificate serial: 1DDA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft Manifest number: 1DC8 Signing time: Sat 26 Apr 2025 13:10:56 +0000 Manifest this update: Sat 26 Apr 2025 13:10:56 +0000 Manifest next update: Sat 26 Apr 2025 19:10:56 +0000 Files and hashes: 1: 1D2UmyE5-gCb0damhvuEDH8YtAY.roa (hash: AMmfBM3qaK1itXqyZ4SgnT4JGnqlgrL/Gh5C0EIxR5E=) 2: CiBAH9JduuLsmuuCF8EVZqj7e_Y.roa (hash: bd7DjAkds7VcKmf/Fltkc6yJTfqF8NsglOW0Ic2RF7A=) 3: fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl (hash: hZuMXcYZ2V77qlU5tFBX8l59cKLGJ8oj2LhGK+ejnGs=) 4: i1vcqehnPWMsGkHyBt_JD5k4A6s.roa (hash: 7Vby9l7O2UfOHc1jCfza0GDpjmXF68GhT4vaR2Ve+lE=) 5: imU9bcBr7hgyeXFqfTZmnAeJlhU.roa (hash: PY4enp06hDmmPvbNRcj0KK93xTkmT6kRWJIbjK/rHGs=) 6: ql9qcTEflj32Qvouuf74e7XIVH0.roa (hash: J5GlJW+RyK4nchWDPsGIHuSYVc8CVW/wpZ54lJLJtnA=) 7: xhyJQ6fLIljnRE3vjXjVdtzD-60.roa (hash: pw3KaKc1CqxoWC2rbY7xD+pjw8LfXPIJcNclxnFFohI=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7642 (0x1dda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Validity Not Before: Apr 26 13:10:56 2025 GMT Not After : Apr 9 06:40:34 2026 GMT Subject: CN=ECD184153C40203BABD96D98CF4DA74F5A41A10E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:46:8a:79:8e:44:18:25:d7:0b:96:bf:57:a5: 15:1a:7b:81:3e:c9:c4:7b:f4:40:ec:ed:3f:05:e5: 44:ec:31:55:56:2a:65:a2:aa:0b:5d:8b:8c:1f:b1: b1:78:46:3d:1c:4d:7f:02:bb:8a:f0:a5:25:f5:59: 22:91:d6:a4:03:2d:ac:54:d7:2d:9b:3f:a1:15:5f: be:f7:c0:1b:04:54:f4:e7:6a:e4:00:53:38:62:31: 2f:32:8c:b4:a6:cd:58:f3:aa:1d:97:9b:e5:2b:a4: bd:42:98:18:08:dc:a2:fd:d0:80:41:98:8c:0c:97: 0c:3e:7c:6c:1f:0d:c3:71:ad:89:37:b7:a9:01:93: 4a:33:57:5a:44:6d:9c:bd:cd:63:9f:7b:a1:65:09: 34:c1:93:8f:6e:67:6e:4d:07:4a:dc:d1:4a:40:b4: d7:e3:41:cc:00:a3:b3:e5:3e:e8:0f:e1:0a:74:02: d6:79:f9:00:37:ea:8a:33:1a:42:4d:a5:c4:a5:e1: 21:3e:e3:bf:5b:4d:89:84:f1:9e:63:8a:a6:80:e5: 9c:46:da:9c:18:75:98:07:de:d8:58:27:f3:34:d7: c3:c9:14:65:5d:3a:e7:30:f7:b6:fb:66:76:9c:86: 30:7c:9b:fc:ba:4f:9a:2f:ec:04:48:50:1f:36:d7: 44:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E X509v3 Authority Key Identifier: keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:55:0b:50:5d:30:37:5e:4d:58:6d:3c:8d:23:6e:ff:10:bf: 5c:d6:a1:b8:22:2d:52:80:17:b4:0b:67:aa:c5:a9:ab:53:15: 17:7f:f3:4c:11:56:e8:fe:07:7c:35:9f:63:74:96:35:47:c0: 66:f9:c4:b6:26:e8:65:3b:a9:0b:bb:23:47:ca:f7:13:b9:37: d2:0a:71:2a:70:c9:64:ee:c3:df:de:d9:a8:2f:73:0b:e8:f0: 62:e8:88:17:82:9c:86:72:d5:5b:56:00:4c:31:1e:53:eb:44: 4b:8e:a8:00:47:6f:08:3c:2f:2b:a0:51:5c:88:1e:7d:d1:ab: 0a:99:c0:47:25:79:80:a8:d5:99:99:37:4d:6c:8d:6b:36:1d: 32:f8:86:e2:ef:50:1c:98:66:0c:1f:c3:5f:a3:13:5c:e9:0f: 40:ee:69:b4:94:1c:07:b3:57:f4:76:60:39:78:d4:93:cd:ae: b7:fc:f4:07:9d:cd:dc:c6:9e:82:1e:a7:54:43:c4:71:7e:a9: 33:28:d6:79:2f:94:a8:9e:e4:81:ea:42:93:c3:35:c2:50:0d: 67:a3:e2:3b:7c:be:86:12:1d:46:df:40:5a:d5:24:30:99:2b: 68:50:38:42:55:f7:9c:e7:bf:08:1a:af:c9:c9:11:13:9b:e6: 2c:8a:a8:6d -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICHdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0 MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNTA0MjYx MzEwNTZaFw0yNjA0MDkwNjQwMzRaMDMxMTAvBgNVBAMTKEVDRDE4NDE1M0M0MDIw M0JBQkQ5NkQ5OENGNERBNzRGNUE0MUExMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcRop5jkQYJdcLlr9XpRUae4E+ycR79EDs7T8F5UTsMVVWKmWi qgtdi4wfsbF4Rj0cTX8Cu4rwpSX1WSKR1qQDLaxU1y2bP6EVX773wBsEVPTnauQA UzhiMS8yjLSmzVjzqh2Xm+UrpL1CmBgI3KL90IBBmIwMlww+fGwfDcNxrYk3t6kB k0ozV1pEbZy9zWOfe6FlCTTBk49uZ25NB0rc0UpAtNfjQcwAo7PlPugP4Qp0AtZ5 +QA36oozGkJNpcSl4SE+479bTYmE8Z5jiqaA5ZxG2pwYdZgH3thYJ/M018PJFGVd Oucw97b7ZnachjB8m/y6T5ov7ARIUB8210TzAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU7NGEFTxAIDur2W2Yz02nT1pBoQ4wHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L2ZrQ3VrQUVBNHJsN01j NEFhUUx6SG4wZEt2SS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAOVQtQXTA3Xk1YbTyNI27/EL9c1qG4Ii1SgBe0C2eqxamrUxUXf/NMEVbo/gd8 NZ9jdJY1R8Bm+cS2JuhlO6kLuyNHyvcTuTfSCnEqcMlk7sPf3tmoL3ML6PBi6IgX gpyGctVbVgBMMR5T60RLjqgAR28IPC8roFFciB590asKmcBHJXmAqNWZmTdNbI1r Nh0y+Ibi71AcmGYMH8NfoxNc6Q9A7mm0lBwHs1f0dmA5eNSTza63/PQHnc3cxp6C HqdUQ8RxfqkzKNZ5L5SonuSB6kKTwzXCUA1no+I7fL6GEh1G30Ba1SQwmStoUDhC Vfec578IGq/JyRETm+Ysiqht -----END CERTIFICATE-----Generated at Sat Apr 26 15:11:56 2025 by rpki-client