$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft File: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft (raw, json) Hash identifier: I6B+9wr0FQyLreDUSX2LJXFTr195qSLLJwg2xtfcQ6Y= Subject key identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 Authority key identifier: 0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 Certificate issuer: /CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Certificate serial: 1BAE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft Manifest number: 1BAE Signing time: Sat 26 Apr 2025 08:38:05 +0000 Manifest this update: Sat 26 Apr 2025 08:38:05 +0000 Manifest next update: Sat 26 Apr 2025 14:38:05 +0000 Files and hashes: 1: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl (hash: na09hdpw5Zvm1d/cU16x1Wx33l1niXTx/U/hW70vBKo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:38:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7086 (0x1bae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74 Validity Not Before: Apr 26 08:38:05 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5C648233F6748FCBACF142D46BE96E4F03962A68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:fe:be:28:bc:e8:92:51:ab:b2:1b:df:f9:86: 30:13:3c:b6:06:e1:aa:a8:65:99:2d:88:d4:d5:a3: 2c:7b:4d:1d:c6:03:6e:7b:0a:f9:be:24:d6:f4:e1: 6e:b9:73:f2:b9:37:30:dd:bc:a8:a5:ab:65:f0:72: ce:42:40:b2:e4:57:09:70:ba:f6:02:ea:c4:5b:d3: 78:b0:f9:45:c2:43:eb:e5:6f:6f:ac:b9:71:a8:5f: 86:fb:bc:5a:40:fc:e7:34:21:96:7f:e9:53:a3:49: 69:21:42:4d:0e:f2:ec:b0:48:6c:4f:93:67:97:fc: 45:86:cd:e4:3b:13:a9:a7:46:9a:32:8c:44:3f:84: 21:18:21:86:30:e6:71:31:cc:47:0d:d7:8b:7c:a8: 9e:7d:70:74:56:4b:6c:92:9d:51:24:b9:7f:61:7f: 28:b6:69:8b:fe:29:be:33:2f:2a:87:b1:e5:76:a7: 8f:a3:72:7f:6d:e1:bf:8d:71:1b:dd:91:73:92:16: 3b:17:a6:7c:eb:47:39:aa:2b:65:0f:d0:94:82:33: 90:37:f4:32:d0:8c:72:86:17:12:4b:74:82:9b:32: 07:93:12:3b:c7:c5:84:c2:2f:71:47:aa:af:cc:4d: 17:7d:17:2f:12:e8:cb:84:ed:de:fd:d4:e1:03:45: 7b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68 X509v3 Authority Key Identifier: keyid:0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:b7:04:b4:44:9d:9a:36:42:b7:40:40:3d:15:aa:0a:99:c2: 45:32:42:85:6f:6a:54:c9:59:b1:89:05:a5:20:c7:41:00:64: fa:d8:5e:66:a9:ca:a7:27:88:b1:8d:ae:58:75:4a:f8:cf:9a: c6:ac:1a:d2:0a:80:27:8b:55:2f:e1:b5:3d:df:a3:e2:f7:4e: 82:94:d4:bb:54:37:9b:97:94:df:30:38:ca:a0:35:03:b6:6a: be:a4:e6:93:9a:bb:d2:7e:db:55:cc:6f:2d:0f:6f:16:7a:ad: 9d:7a:d3:eb:22:75:e5:ec:07:8a:06:d2:ff:b9:44:ab:97:4d: 69:43:07:46:91:ec:c9:4d:ae:63:f2:55:a0:00:14:7d:ed:a3: 41:bc:a1:b4:24:e8:50:0f:c9:11:96:9e:1f:5d:6d:56:97:43: 7c:03:74:7b:6f:70:f4:b2:9b:8b:a4:e3:87:b6:e0:8a:9b:56: 3a:59:8c:16:72:98:c0:f1:a4:5a:71:f6:c3:17:5e:94:fa:e3: 50:31:a1:7a:af:9a:8b:82:fd:ca:59:b1:cf:48:e1:40:ae:20: c5:be:1e:44:5e:55:6c:88:b1:9d:48:ce:db:45:75:f0:52:8e: af:c5:a5:bd:6d:83:ce:6f:db:3b:3c:57:e9:b6:49:fc:18:21: d0:f7:b3:7d -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICG64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ0 QTNCNjIxNDA3OENBNDhFNjZGM0I4QzU0RjFDNUZEQkM5REU3NDAeFw0yNTA0MjYw ODM4MDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVDNjQ4MjMzRjY3NDhG Q0JBQ0YxNDJENDZCRTk2RTRGMDM5NjJBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe/r4ovOiSUauyG9/5hjATPLYG4aqoZZktiNTVoyx7TR3GA257 Cvm+JNb04W65c/K5NzDdvKilq2Xwcs5CQLLkVwlwuvYC6sRb03iw+UXCQ+vlb2+s uXGoX4b7vFpA/Oc0IZZ/6VOjSWkhQk0O8uywSGxPk2eX/EWGzeQ7E6mnRpoyjEQ/ hCEYIYYw5nExzEcN14t8qJ59cHRWS2ySnVEkuX9hfyi2aYv+Kb4zLyqHseV2p4+j cn9t4b+NcRvdkXOSFjsXpnzrRzmqK2UP0JSCM5A39DLQjHKGFxJLdIKbMgeTEjvH xYTCL3FHqq/MTRd9Fy8S6MuE7d791OEDRXvdAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUXGSCM/Z0j8us8ULUa+luTwOWKmgwHwYDVR0jBBgwFoAUDUo7YhQHjKSOZvO4 xU8cX9vJ3nQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1 L0RVbzdZaFFIaktTT1p2TzR4VThjWDl2SjNuUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRFVvN1loUUhqS1NPWnZPNHhVOGNYOXZKM25RLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0RVbzdZaFFIaktTT1p2 TzR4VThjWDl2SjNuUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAJtwS0RJ2aNkK3QEA9FaoKmcJFMkKFb2pUyVmxiQWlIMdBAGT62F5mqcqnJ4ix ja5YdUr4z5rGrBrSCoAni1Uv4bU936Pi906ClNS7VDebl5TfMDjKoDUDtmq+pOaT mrvSfttVzG8tD28Weq2detPrInXl7AeKBtL/uUSrl01pQwdGkezJTa5j8lWgABR9 7aNBvKG0JOhQD8kRlp4fXW1Wl0N8A3R7b3D0spuLpOOHtuCKm1Y6WYwWcpjA8aRa cfbDF16U+uNQMaF6r5qLgv3KWbHPSOFAriDFvh5EXlVsiLGdSM7bRXXwUo6vxaW9 bYPOb9s7PFfptkn8GCHQ97N9 -----END CERTIFICATE-----Generated at Sat Apr 26 12:38:31 2025 by rpki-client