$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft File: OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft (raw, json) Hash identifier: WVgozO23vEQB25uqjMWdGcMtxaoE1lSHUuoCcUGksus= Subject key identifier: A2:B1:0D:87:B2:0C:1D:01:60:A4:67:5C:11:BF:53:A0:49:28:C5:23 Authority key identifier: 39:D2:89:C2:10:E0:ED:08:BD:30:06:0E:C8:FD:CE:6D:68:EE:69:95 Certificate issuer: /CN=39D289C210E0ED08BD30060EC8FDCE6D68EE6995 Certificate serial: 1599 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft Manifest number: 1599 Signing time: Sat 21 Jun 2025 11:13:28 +0000 Manifest this update: Sat 21 Jun 2025 11:13:28 +0000 Manifest next update: Sat 21 Jun 2025 17:13:28 +0000 Files and hashes: 1: OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl (hash: qjIP4wJXm8K5YVmPiCPJBGyUXz8NMDzV7YsLQ+jTiWc=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 14:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5529 (0x1599) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39D289C210E0ED08BD30060EC8FDCE6D68EE6995 Validity Not Before: Jun 21 11:13:28 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A2B10D87B20C1D0160A4675C11BF53A04928C523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f5:0f:57:bf:fd:7f:fc:57:01:e7:d8:db:f1: 33:81:b6:c1:f4:14:a7:56:4d:ca:ab:f7:58:59:e2: 9c:ad:d5:06:0a:9d:1d:7d:8e:79:3e:65:bd:2f:15: f0:d5:85:04:0b:c5:d0:fe:54:e4:6a:41:ee:79:d1: 1a:15:91:74:c2:9d:94:81:82:9d:ca:0a:3b:c2:b5: 6f:6b:50:ff:db:03:c5:02:e8:d1:4b:43:e9:84:ca: fd:cf:93:a1:d2:ba:14:1d:79:ca:4f:87:dd:56:a8: 2a:6e:be:46:0a:78:f4:86:5d:3f:a4:8c:b0:4b:3a: ef:1e:e6:c2:ca:e5:84:a3:1b:34:4f:8c:03:9f:09: 6a:b8:c2:ed:33:29:ee:7b:a0:ac:77:13:53:6b:4d: fa:db:c5:49:1c:6e:c0:47:cb:45:15:b9:8b:ae:b1: 9a:4e:93:c4:7e:d0:46:63:e0:3e:25:bd:f0:3e:3c: ad:30:ec:f0:a9:32:96:bb:ac:fa:64:6d:a6:0e:87: 22:20:90:96:a4:6d:c8:2f:ad:27:2a:ef:c4:9d:08: d7:38:a3:52:f2:10:44:5c:33:be:16:86:c9:d7:07: ac:82:5b:53:fb:9b:45:4c:91:80:fd:04:5f:2b:cc: 74:30:5c:7f:8c:cf:dd:71:2d:a0:2d:45:46:6b:48: 3c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:B1:0D:87:B2:0C:1D:01:60:A4:67:5C:11:BF:53:A0:49:28:C5:23 X509v3 Authority Key Identifier: keyid:39:D2:89:C2:10:E0:ED:08:BD:30:06:0E:C8:FD:CE:6D:68:EE:69:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:42:15:1f:4e:27:e6:ad:fb:a0:66:30:ba:6a:1c:6e:93:f0: 40:f8:7f:60:19:08:48:04:1f:f9:f8:d9:ab:1f:4e:02:33:96: 86:3e:01:7f:9a:39:36:40:83:9f:1a:31:74:44:a6:b3:d2:41: 9b:27:55:f0:78:cd:cf:a2:b9:b8:7f:f7:9c:68:1b:9f:c0:98: d1:87:3f:b6:02:23:18:49:93:2e:df:18:aa:1f:2b:8f:75:d7: 9e:e0:65:cd:18:7e:4d:4a:89:d3:21:31:b5:0c:d8:22:a0:34: ba:19:5f:d1:54:e1:68:01:ac:e9:b3:87:63:9b:01:df:17:c2: 39:05:dc:d8:af:5b:ab:98:2e:07:58:43:27:86:69:08:78:6d: 82:40:e1:e9:7a:07:b0:b8:04:b9:03:68:6f:8c:23:8e:ff:62: 92:74:9f:90:e5:af:85:85:4b:56:e6:00:56:58:b9:6b:38:69: 42:9f:31:16:f6:c4:02:be:b4:6f:2f:8e:4f:6e:d1:10:3e:f7: ae:be:5d:c1:d7:a1:e5:c6:03:96:c0:34:8d:ad:45:b2:64:25: 7a:00:f0:46:24:33:a0:a8:fa:d2:38:d4:f0:4d:21:34:da:22: 9c:ca:cb:4f:2f:e6:8d:88:f2:a4:5b:47:5e:ce:5e:06:aa:93: 1d:fc:09:15 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgICFZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlE Mjg5QzIxMEUwRUQwOEJEMzAwNjBFQzhGRENFNkQ2OEVFNjk5NTAeFw0yNTA2MjEx MTEzMjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEEyQjEwRDg3QjIwQzFE MDE2MEE0Njc1QzExQkY1M0EwNDkyOEM1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe9Q9Xv/1//FcB59jb8TOBtsH0FKdWTcqr91hZ4pyt1QYKnR19 jnk+Zb0vFfDVhQQLxdD+VORqQe550RoVkXTCnZSBgp3KCjvCtW9rUP/bA8UC6NFL Q+mEyv3Pk6HSuhQdecpPh91WqCpuvkYKePSGXT+kjLBLOu8e5sLK5YSjGzRPjAOf CWq4wu0zKe57oKx3E1NrTfrbxUkcbsBHy0UVuYuusZpOk8R+0EZj4D4lvfA+PK0w 7PCpMpa7rPpkbaYOhyIgkJakbcgvrScq78SdCNc4o1LyEERcM74WhsnXB6yCW1P7 m0VMkYD9BF8rzHQwXH+Mz91xLaAtRUZrSDx1AgMBAAGjggIIMIICBDAdBgNVHQ4E FgQUorENh7IMHQFgpGdcEb9ToEkoxSMwHwYDVR0jBBgwFoAUOdKJwhDg7Qi9MAYO yP3ObWjuaZUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTAv T2RLSndoRGc3UWk5TUFZT3lQM09iV2p1YVpVLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9PZEtKd2hEZzdRaTlNQVlPeVAzT2JXanVhWlUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81MC9PZEtKd2hEZzdRaTlNQVlP eVAzT2JXanVhWlUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA BkIVH04n5q37oGYwumocbpPwQPh/YBkISAQf+fjZqx9OAjOWhj4Bf5o5NkCDnxox dESms9JBmydV8HjNz6K5uH/3nGgbn8CY0Yc/tgIjGEmTLt8Yqh8rj3XXnuBlzRh+ TUqJ0yExtQzYIqA0uhlf0VThaAGs6bOHY5sB3xfCOQXc2K9bq5guB1hDJ4ZpCHht gkDh6XoHsLgEuQNob4wjjv9iknSfkOWvhYVLVuYAVli5azhpQp8xFvbEAr60by+O T27RED73rr5dwdeh5cYDlsA0ja1FsmQlegDwRiQzoKj60jjU8E0hNNoinMrLTy/m jYjypFtHXs5eBqqTHfwJFQ== -----END CERTIFICATE-----Generated at Sat Jun 21 13:39:21 2025 by rpki-client