$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft File: LiZtw-rYDrJdSYWKZNwe8cihuUI.mft (raw, json) Hash identifier: VhpBFYKxXE5oPzbTkBZDK4zJ+dRiq3n368GxdHqaR7M= Subject key identifier: 3D:AB:33:4D:EF:9E:C0:9F:69:7B:E2:E8:AA:96:12:66:37:E5:FE:2D Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 21EB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft Manifest number: 08E5 Signing time: Sat 21 Jun 2025 18:41:53 +0000 Manifest this update: Sat 21 Jun 2025 18:41:53 +0000 Manifest next update: Sun 22 Jun 2025 00:41:53 +0000 Files and hashes: 1: -GYOd-df_Oy-f0YGZ8QoXpE-KUY.roa (hash: XMRU4RMulafL9ykW2oShRAn56DaYEZ2ldVuJ0Q69omY=) 2: LiZtw-rYDrJdSYWKZNwe8cihuUI.crl (hash: 8w/Km8QwtUo81+j6cXc+HnYxd6SvSwMi7T63onBnhzg=) 3: N068Movxhd0HY-G9IlBTH0wcH-o.roa (hash: 52PacQFpyIpw+nFdeX2RQwEMG/bZk45cRChsSeSXizk=) 4: OjvJeSo6lsEg9uLCdozMhBG1wpM.roa (hash: o11AaYnXnEfRHY+f+c5bRhxX0vq/1+fUyNDi4psENWI=) 5: QGFGKzA3u0mHYmKHk-pZNq_XTU8.roa (hash: b2zaIGVd88Z0ni1da4t7uzWft4kSbhrpmuSfH7gVelU=) 6: ZIu2cDATC1fuyNWUre-4z8MdRJQ.roa (hash: FvWAWdHlZfe8cZsITf2/A06d9VsOp6LGA7o/YZd8tAI=) 7: kHETLM6cygeGpKKoqih1EPU7gmI.roa (hash: +LQA3OraGUIU6wW3F0A+ePFfIqnRqwHWcGXQxQ6FNG4=) 8: nHfB2GHYBmc8bX5DxbEirv_IKF0.roa (hash: 6zuNH+NuLOtHpcZwmZyV/YBPSvVE39rWVdrUOXiD83g=) 9: rP__sRnT4EnBrbyc6mCzD0ExQ9M.roa (hash: TPg1l6BFfnYtTcIocUXMFk5mlZl6ckDyZX8CQ64u7uk=) 10: x4Z4JFrGzN5jClvCafM07abz2VE.roa (hash: vn2m7130mvlaNGmdb8L3+zX2EoDz+25f8Tpv/s1220I=) 11: yVCeVSdYcGSgIEZ7ns34fALeY6w.roa (hash: 37YcQVfz5Xs12JKZlzGMhU0SATgmn3/Zn9Jnck5yiyU=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 23:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8683 (0x21eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Jun 21 18:41:53 2025 GMT Not After : Apr 9 06:33:21 2026 GMT Subject: CN=3DAB334DEF9EC09F697BE2E8AA96126637E5FE2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:04:1a:85:4f:41:aa:4f:1d:ad:88:bd:9e:28: 1f:ee:13:f9:de:f9:37:ac:78:ea:a9:b3:6d:4b:31: 54:0f:be:48:75:53:a3:bb:f9:eb:19:27:3a:cd:ad: bd:a9:d6:82:d8:76:ca:7c:31:80:53:db:5c:e5:b1: f6:b9:9b:5a:3d:24:8f:1c:9a:f4:2d:16:d4:8a:6f: 66:0a:db:b7:ec:fd:e8:9c:5f:5f:78:0c:ca:42:91: f4:9f:96:45:b8:19:f0:b7:90:92:8a:39:fc:85:bd: 15:1f:8a:72:49:91:41:25:30:2c:7a:c1:44:a5:98: bb:93:62:25:87:cf:11:46:0e:ec:f6:29:fd:8c:01: 40:d9:3b:5a:a4:53:d1:57:72:bd:85:81:3e:63:88: 9d:a0:cf:31:3e:50:6d:94:81:6e:96:bb:ba:09:e9: 32:3b:87:3e:2b:03:b4:36:c8:14:1a:45:4d:11:2c: 18:53:66:c7:b7:6b:7f:12:68:3e:e7:f6:e8:09:c6: c8:da:61:14:e1:8a:8a:37:bd:73:91:1e:83:1d:47: 77:e4:3c:59:07:32:ad:4c:47:e3:5a:ab:27:81:a8: f9:02:67:a1:4a:5b:cf:a9:de:68:a4:31:94:d8:be: e9:da:1f:83:f7:d2:26:6a:5f:cc:99:ba:40:62:01: 92:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:AB:33:4D:EF:9E:C0:9F:69:7B:E2:E8:AA:96:12:66:37:E5:FE:2D X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:e6:69:af:38:9c:66:43:30:5f:3b:dc:f5:12:2c:a1:d0:04: 58:66:79:06:67:58:68:f3:1a:e0:b7:bd:96:fb:31:59:9e:b7: 7b:a7:ad:d5:d8:97:a9:e0:fe:7e:0f:76:61:00:3b:44:60:3d: a4:ca:ef:79:19:cc:6c:e6:74:f1:23:43:21:8c:d5:12:f2:28: 1a:30:7a:e5:f9:81:72:67:b5:cb:de:60:73:48:50:7c:9d:d7: 39:ed:3e:da:ff:51:00:ea:c7:41:c8:d7:6b:f9:a9:ed:be:7f: 52:f4:02:12:42:16:28:5e:67:e9:d4:90:af:07:2d:46:8b:d4: 34:46:9e:7d:1a:ef:c1:3e:28:94:a2:48:94:74:78:9c:e9:4f: fc:f4:eb:f2:3c:8b:62:61:a5:9b:3a:70:d8:69:36:7d:34:59: 00:c8:c3:b6:7c:83:ae:08:76:ab:b1:cc:a0:5e:e2:21:1d:42: 66:70:dc:71:98:00:51:0f:ca:93:ee:76:e3:32:a3:75:2b:89: f9:19:4d:0e:d2:8b:a0:02:e2:03:25:91:14:29:df:11:ad:05: a5:7a:c4:b5:c8:73:23:c6:fe:70:63:bc:64:52:52:92:0d:dd: b4:ce:91:e8:68:f4:84:5f:db:90:d7:59:40:e2:43:c6:87:6d: d2:49:32:dc -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgICIeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEx ODQxNTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNEQUIzMzRERUY5RUMw OUY2OTdCRTJFOEFBOTYxMjY2MzdFNUZFMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+BBqFT0GqTx2tiL2eKB/uE/ne+TeseOqps21LMVQPvkh1U6O7 +esZJzrNrb2p1oLYdsp8MYBT21zlsfa5m1o9JI8cmvQtFtSKb2YK27fs/eicX194 DMpCkfSflkW4GfC3kJKKOfyFvRUfinJJkUElMCx6wUSlmLuTYiWHzxFGDuz2Kf2M AUDZO1qkU9FXcr2FgT5jiJ2gzzE+UG2UgW6Wu7oJ6TI7hz4rA7Q2yBQaRU0RLBhT Zse3a38SaD7n9ugJxsjaYRThioo3vXORHoMdR3fkPFkHMq1MR+NaqyeBqPkCZ6FK W8+p3mikMZTYvunaH4P30iZqX8yZukBiAZJZAgMBAAGjggIIMIICBDAdBgNVHQ4E FgQUPaszTe+ewJ9pe+LoqpYSZjfl/i0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MaVp0dy1yWURySmRTWVdL Wk53ZThjaWh1VUkubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA O+ZprzicZkMwXzvc9RIsodAEWGZ5BmdYaPMa4Le9lvsxWZ63e6et1diXqeD+fg92 YQA7RGA9pMrveRnMbOZ08SNDIYzVEvIoGjB65fmBcme1y95gc0hQfJ3XOe0+2v9R AOrHQcjXa/mp7b5/UvQCEkIWKF5n6dSQrwctRovUNEaefRrvwT4olKJIlHR4nOlP /PTr8jyLYmGlmzpw2Gk2fTRZAMjDtnyDrgh2q7HMoF7iIR1CZnDccZgAUQ/Kk+52 4zKjdSuJ+RlNDtKLoALiAyWRFCnfEa0FpXrEtchzI8b+cGO8ZFJSkg3dtM6R6Gj0 hF/bkNdZQOJDxodt0kky3A== -----END CERTIFICATE-----Generated at Sat Jun 21 20:04:46 2025 by rpki-client