$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft File: zdnD6A790w6RIRaPwiqlCoVA3f8.mft (raw, json) Hash identifier: S/hJOHi3kTVaNIrAlpwoXpdcL3UopjBHBH7vPm2x9N4= Subject key identifier: 18:A8:D9:43:81:90:4A:50:7E:3C:78:24:58:45:20:3A:C2:07:87:05 Authority key identifier: CD:D9:C3:E8:0E:FD:D3:0E:91:21:16:8F:C2:2A:A5:0A:85:40:DD:FF Certificate issuer: /CN=CDD9C3E80EFDD30E9121168FC22AA50A8540DDFF Certificate serial: 20AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zdnD6A790w6RIRaPwiqlCoVA3f8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft Manifest number: 20AA Signing time: Wed 13 Aug 2025 09:02:58 +0000 Manifest this update: Wed 13 Aug 2025 09:02:58 +0000 Manifest next update: Wed 13 Aug 2025 15:02:58 +0000 Files and hashes: 1: zdnD6A790w6RIRaPwiqlCoVA3f8.crl (hash: 14DDYaTH1OixSo5/sRl+n5Oh5L3hEkpM0j43uhfRLOs=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zdnD6A790w6RIRaPwiqlCoVA3f8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Aug 2025 15:02:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8362 (0x20aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDD9C3E80EFDD30E9121168FC22AA50A8540DDFF Validity Not Before: Aug 13 09:02:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=18A8D94381904A507E3C78245845203AC2078705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:3b:f5:af:e8:66:b2:be:d7:f0:c6:14:cc:d7: fd:4e:b1:f2:54:14:a0:87:1b:2c:92:4c:b9:de:93: 50:7a:a8:f7:d1:44:7a:a7:a1:bb:b7:45:7d:21:d9: 3e:fd:26:27:28:49:20:35:54:95:0f:19:7f:d3:8a: 08:d8:45:31:f7:5f:9e:37:36:84:76:6a:5a:76:0a: 0e:d2:37:d8:2d:ad:57:7c:bc:33:78:48:a8:15:c5: c7:2e:9e:d9:e0:a0:1c:fc:44:2e:02:73:94:5d:0e: 0a:ae:96:33:2c:87:2b:fb:b0:ee:f3:b6:be:6e:3d: 96:55:00:64:ef:b8:e3:40:09:da:66:7f:c9:df:de: dc:10:42:9c:5e:73:dc:d0:93:0f:3f:e2:55:63:b9: 5b:35:40:62:31:38:1c:0d:b5:9a:c6:5a:b7:fe:ec: 18:99:c6:5b:1d:34:60:a6:b5:cc:33:a3:87:dd:d5: 6b:bf:b4:80:59:fa:7d:c5:00:1a:39:5c:f8:33:d5: 20:45:d4:c1:d8:6e:75:d9:43:5b:26:80:a9:81:be: 1d:e1:97:9e:fb:0e:9c:78:f7:6d:af:02:24:9f:26: 6a:3f:26:09:2b:90:2e:56:fd:5d:8a:69:37:30:6a: 33:ab:92:ee:2f:1b:23:a8:34:e3:b8:de:ff:ae:df: 0e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:A8:D9:43:81:90:4A:50:7E:3C:78:24:58:45:20:3A:C2:07:87:05 X509v3 Authority Key Identifier: keyid:CD:D9:C3:E8:0E:FD:D3:0E:91:21:16:8F:C2:2A:A5:0A:85:40:DD:FF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zdnD6A790w6RIRaPwiqlCoVA3f8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8/zdnD6A790w6RIRaPwiqlCoVA3f8.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:29:a4:46:4e:45:ec:61:57:ed:48:cd:82:a4:dc:72:a3:f2: ed:55:82:eb:a0:69:ff:06:9e:13:a4:41:43:cb:f5:31:6f:b2: 3c:c5:cb:c3:87:d7:db:45:0d:aa:0e:d9:e0:68:c4:22:66:c6: 96:ca:e1:d4:8c:72:f2:b6:2b:35:8f:3e:f2:ec:a6:3e:0d:a3: 75:9a:21:3b:24:4a:5b:a9:76:e5:2f:08:30:18:67:31:c9:da: 44:79:c4:f2:fb:59:2f:aa:28:d3:cc:46:71:e7:9f:d3:69:7f: de:25:4a:72:14:23:0a:d3:55:8b:41:9a:2b:eb:c6:e0:08:03: e5:0b:76:d3:bb:42:e8:ce:5b:dd:76:f3:98:3b:fb:62:9c:5c: 2f:47:06:f0:9b:db:be:30:04:ec:0f:b5:7f:20:e9:b5:07:e4: 4f:65:98:e0:a5:09:9c:0a:37:0e:b7:6a:d1:db:26:75:e9:50: 63:e2:71:ae:cf:55:43:96:b2:f7:8e:85:e1:1e:4b:0a:7d:56: 51:7e:a1:01:ce:d5:b1:2c:fd:d7:ab:4e:59:6f:12:81:0b:6f: a3:f5:76:9c:44:bf:7f:fe:de:fd:04:23:5f:0a:2d:8a:4a:d4: 11:b7:8e:82:76:77:36:e4:6a:f5:a9:05:29:8a:c4:66:01:75: 0f:7d:db:8f -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgICIKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RE OUMzRTgwRUZERDMwRTkxMjExNjhGQzIyQUE1MEE4NTQwRERGRjAeFw0yNTA4MTMw OTAyNThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE4QThEOTQzODE5MDRB NTA3RTNDNzgyNDU4NDUyMDNBQzIwNzg3MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmO/Wv6GayvtfwxhTM1/1OsfJUFKCHGyySTLnek1B6qPfRRHqn obu3RX0h2T79JicoSSA1VJUPGX/TigjYRTH3X543NoR2alp2Cg7SN9gtrVd8vDN4 SKgVxccuntngoBz8RC4Cc5RdDgquljMshyv7sO7ztr5uPZZVAGTvuONACdpmf8nf 3twQQpxec9zQkw8/4lVjuVs1QGIxOBwNtZrGWrf+7BiZxlsdNGCmtcwzo4fd1Wu/ tIBZ+n3FABo5XPgz1SBF1MHYbnXZQ1smgKmBvh3hl577Dpx4922vAiSfJmo/Jgkr kC5W/V2KaTcwajOrku4vGyOoNOO43v+u3w61AgMBAAGjggIGMIICAjAdBgNVHQ4E FgQUGKjZQ4GQSlB+PHgkWEUgOsIHhwUwHwYDVR0jBBgwFoAUzdnD6A790w6RIRaP wiqlCoVA3f8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvOC96 ZG5ENkE3OTB3NlJJUmFQd2lxbENvVkEzZjguY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL3pkbkQ2QTc5MHc2UklSYVB3aXFsQ29WQTNmOC5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzgvemRuRDZBNzkwdzZSSVJhUHdp cWxDb1ZBM2Y4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAMwp pEZORexhV+1IzYKk3HKj8u1Vguugaf8GnhOkQUPL9TFvsjzFy8OH19tFDaoO2eBo xCJmxpbK4dSMcvK2KzWPPvLspj4No3WaITskSlupduUvCDAYZzHJ2kR5xPL7WS+q KNPMRnHnn9Npf94lSnIUIwrTVYtBmivrxuAIA+ULdtO7QujOW91285g7+2KcXC9H BvCb274wBOwPtX8g6bUH5E9lmOClCZwKNw63atHbJnXpUGPica7PVUOWsveOheEe Swp9VlF+oQHO1bEs/derTllvEoELb6P1dpxEv3/+3v0EI18KLYpK1BG3joJ2dzbk avWpBSmKxGYBdQ99248= -----END CERTIFICATE-----Generated at Wed Aug 13 09:49:22 2025 by rpki-client