$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.mft File: YVvOj3-Kg9uTmuD0L6BUE7KFGB4.mft (raw, json) Hash identifier: HKbrnZ/ok3EUT+3QPko+EN7xcqWIihH69XF6F0TS5aE= Subject key identifier: ED:23:7B:79:59:A2:7F:5B:DF:B8:CE:97:8E:E2:B5:50:34:03:80:39 Authority key identifier: 61:5B:CE:8F:7F:8A:83:DB:93:9A:E0:F4:2F:A0:54:13:B2:85:18:1E Certificate issuer: /CN=615BCE8F7F8A83DB939AE0F42FA05413B285181E Certificate serial: 157C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.mft Manifest number: 1574 Signing time: Sat 26 Apr 2025 11:07:58 +0000 Manifest this update: Sat 26 Apr 2025 11:07:58 +0000 Manifest next update: Sat 26 Apr 2025 17:07:58 +0000 Files and hashes: 1: KtkKTWtPNj5wHFjwBkJUsLLPtIY.roa (hash: VueTaTS6ACWPKbz+D/qnweeOLK3EFD2lyW+Z38+Z/7Q=) 2: YVvOj3-Kg9uTmuD0L6BUE7KFGB4.crl (hash: gXXnYdZ2ZHkeeSBnU4bzx7dqrco+bDl4hcMP6ohBOm4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5500 (0x157c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=615BCE8F7F8A83DB939AE0F42FA05413B285181E Validity Not Before: Apr 26 11:07:58 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=ED237B7959A27F5BDFB8CE978EE2B55034038039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:6e:a0:22:5a:c4:f8:55:eb:26:40:78:97:1a: 25:53:eb:52:1f:70:45:64:cd:44:4d:14:15:83:e3: 8b:d3:48:e9:a9:e1:dd:2c:7b:d5:ae:6e:2f:9d:09: 4c:45:f1:7f:45:fd:89:62:a4:11:52:c5:cc:87:28: f6:50:9a:a8:67:87:90:c5:11:d7:05:b2:49:4f:cd: 70:52:63:4b:d3:88:b6:71:56:18:0d:eb:2b:ad:62: 49:00:2e:95:8d:99:37:16:bd:fb:71:ad:db:f4:0b: ca:80:ae:7e:15:0e:82:b5:0d:f9:ce:e2:3d:81:aa: a1:f4:10:f1:b9:2b:1c:cd:bc:a0:22:6a:65:2a:66: 82:86:09:85:2c:83:3d:a4:ce:57:49:c4:26:5e:25: dc:13:c9:08:6d:af:c8:6a:e5:41:55:57:1e:32:c2: 47:db:5b:1d:36:f4:8a:90:5f:86:b6:63:44:60:cd: 4f:5e:3a:00:6b:c3:8c:8d:98:5a:ae:5b:ad:82:6d: b2:99:32:3e:04:28:4a:d9:0c:3f:97:c2:0d:43:9e: 61:dc:c6:c0:71:82:5a:d7:b1:bc:6f:a1:46:08:b5: b1:c8:06:f9:1f:6c:48:32:d2:0b:d7:1b:96:39:62: 91:70:8b:00:10:2d:0e:e9:de:de:b1:e7:a0:b9:8b: 31:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:23:7B:79:59:A2:7F:5B:DF:B8:CE:97:8E:E2:B5:50:34:03:80:39 X509v3 Authority Key Identifier: keyid:61:5B:CE:8F:7F:8A:83:DB:93:9A:E0:F4:2F:A0:54:13:B2:85:18:1E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:e2:e8:d0:ab:bb:05:65:a9:98:e7:d6:5c:47:70:f2:3e:e1: 47:f3:73:5e:f3:7a:6c:79:89:da:e7:b8:03:85:81:aa:a5:f3: 52:73:e1:74:a9:cd:9e:35:ec:01:51:80:98:95:01:fe:d9:4d: 9f:7b:92:0b:eb:ba:6d:64:6b:19:d9:b7:ec:0a:25:e2:7f:50: 36:6d:72:e5:1a:14:a4:69:5a:68:fd:88:6c:31:04:fa:ef:02: 66:b0:fd:6c:07:aa:d4:f8:4d:75:65:e0:8b:ce:04:12:3d:54: 31:89:34:ca:76:6f:14:12:2b:37:71:6f:81:a2:50:a0:52:aa: ff:61:cc:24:d1:6a:3f:8a:64:6b:f3:e2:68:04:43:90:f3:1e: 1a:51:04:ce:46:2f:62:67:f5:f5:8b:20:ea:3e:3e:09:0b:86: 49:72:69:8b:64:67:f5:34:27:9d:72:68:4e:de:7c:a2:09:63: f1:1e:7b:20:93:8e:bd:96:47:58:ce:e9:9f:f5:8e:e3:43:49: 53:49:03:bf:60:e0:55:d0:8a:b0:2d:b1:84:5d:5d:60:e3:b7: 09:9e:ec:d0:27:52:59:4c:b2:80:80:b5:70:6b:3b:01:9c:2b: 65:4a:bf:03:78:b7:5f:f0:c8:95:4b:e1:fd:a7:d8:e5:b4:18: 55:a7:9d:ba -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1 QkNFOEY3RjhBODNEQjkzOUFFMEY0MkZBMDU0MTNCMjg1MTgxRTAeFw0yNTA0MjYx MTA3NThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVEMjM3Qjc5NTlBMjdG NUJERkI4Q0U5NzhFRTJCNTUwMzQwMzgwMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSbqAiWsT4VesmQHiXGiVT61IfcEVkzURNFBWD44vTSOmp4d0s e9Wubi+dCUxF8X9F/YlipBFSxcyHKPZQmqhnh5DFEdcFsklPzXBSY0vTiLZxVhgN 6yutYkkALpWNmTcWvftxrdv0C8qArn4VDoK1DfnO4j2BqqH0EPG5KxzNvKAiamUq ZoKGCYUsgz2kzldJxCZeJdwTyQhtr8hq5UFVVx4ywkfbWx029IqQX4a2Y0RgzU9e OgBrw4yNmFquW62CbbKZMj4EKErZDD+Xwg1DnmHcxsBxglrXsbxvoUYItbHIBvkf bEgy0gvXG5Y5YpFwiwAQLQ7p3t6x56C5izFbAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQU7SN7eVmif1vfuM6XjuK1UDQDgDkwHwYDVR0jBBgwFoAUYVvOj3+Kg9uTmuD0 L6BUE7KFGB4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODYx L1lWdk9qMy1LZzl1VG11RDBMNkJVRTdLRkdCNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWVZ2T2ozLUtnOXVUbXVEMEw2QlVFN0tGR0I0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODYxL1lWdk9qMy1LZzl1VG11 RDBMNkJVRTdLRkdCNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQAi4ujQq7sFZamY59ZcR3DyPuFH83Ne83pseYna57gDhYGqpfNSc+F0qc2eNewB UYCYlQH+2U2fe5IL67ptZGsZ2bfsCiXif1A2bXLlGhSkaVpo/YhsMQT67wJmsP1s B6rU+E11ZeCLzgQSPVQxiTTKdm8UEis3cW+BolCgUqr/Ycwk0Wo/imRr8+JoBEOQ 8x4aUQTORi9iZ/X1iyDqPj4JC4ZJcmmLZGf1NCedcmhO3nyiCWPxHnsgk469lkdY zumf9Y7jQ0lTSQO/YOBV0IqwLbGEXV1g47cJnuzQJ1JZTLKAgLVwazsBnCtlSr8D eLdf8MiVS+H9p9jltBhVp526 -----END CERTIFICATE-----Generated at Sat Apr 26 14:31:45 2025 by rpki-client