$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft File: IGM8jmnuaH1MQSPQwJea0UTlXrc.mft (raw, json) Hash identifier: BGyEG3N3YjoedcPMVvJ7YfRIZTPGq3ktSeStGDV58Hg= Subject key identifier: 8A:73:24:BA:58:30:A5:5C:DA:6E:BE:7C:2F:41:0F:BC:89:0A:40:04 Authority key identifier: 20:63:3C:8E:69:EE:68:7D:4C:41:23:D0:C0:97:9A:D1:44:E5:5E:B7 Certificate issuer: /CN=20633C8E69EE687D4C4123D0C0979AD144E55EB7 Certificate serial: 54A9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IGM8jmnuaH1MQSPQwJea0UTlXrc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft Manifest number: 54A9 Signing time: Sat 23 Aug 2025 16:02:34 +0000 Manifest this update: Sat 23 Aug 2025 16:02:34 +0000 Manifest next update: Sat 23 Aug 2025 22:02:34 +0000 Files and hashes: 1: IGM8jmnuaH1MQSPQwJea0UTlXrc.crl (hash: hdSNaKN2Cq72ksPDvOzi6uGkDPs2bqn4kmncSC3Pz1c=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IGM8jmnuaH1MQSPQwJea0UTlXrc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 21:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21673 (0x54a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20633C8E69EE687D4C4123D0C0979AD144E55EB7 Validity Not Before: Aug 23 16:02:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8A7324BA5830A55CDA6EBE7C2F410FBC890A4004 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ab:60:9d:02:16:1f:62:3c:eb:5a:2b:b6:b8: f7:29:bc:cd:7e:af:3c:eb:15:1c:b0:23:41:af:c5: a1:d6:bd:a2:51:84:8e:75:24:28:c9:8b:dd:10:55: 35:51:72:b6:86:35:dc:47:8c:55:85:96:be:e2:fd: 92:d3:8f:b8:ed:f7:23:02:ec:f3:6c:d0:12:fa:26: b0:59:a5:a4:43:33:f9:1a:39:42:0b:97:62:9a:27: bf:42:79:32:2e:9e:8c:d8:09:45:03:93:4a:6e:93: 07:69:53:64:bc:61:96:2b:44:51:5b:39:ef:45:97: ec:47:cd:4c:55:99:99:1c:c0:b7:00:9f:0b:a2:80: d7:da:2d:b8:f6:05:6c:ac:40:f9:fb:13:31:27:65: 99:a6:29:19:4e:50:8e:e3:87:01:9e:ea:2f:5f:12: 58:39:0e:95:61:f3:27:52:7a:a6:27:0c:c9:16:46: 53:d9:de:02:b1:93:64:46:17:37:f6:06:10:e0:a7: 94:6a:75:78:62:a3:fa:5b:41:e7:35:8d:53:a9:5b: 14:0f:cc:44:2f:09:4b:fc:2c:ac:c5:77:33:78:10: c3:06:ed:f9:ef:e9:c0:ef:b4:9e:4f:82:f9:66:e4: 2d:37:53:91:e5:d4:0b:2c:14:74:0b:84:15:03:94: d8:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:73:24:BA:58:30:A5:5C:DA:6E:BE:7C:2F:41:0F:BC:89:0A:40:04 X509v3 Authority Key Identifier: keyid:20:63:3C:8E:69:EE:68:7D:4C:41:23:D0:C0:97:9A:D1:44:E5:5E:B7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IGM8jmnuaH1MQSPQwJea0UTlXrc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1382/IGM8jmnuaH1MQSPQwJea0UTlXrc.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:a6:5a:85:11:0a:a1:a7:16:76:68:a1:92:48:c4:3b:d5:9a: 06:e0:db:c9:e7:86:98:84:25:86:c1:2e:35:e1:2b:ce:63:b7: 6f:63:e7:97:36:86:ae:60:08:a3:bc:64:5b:7c:d1:be:aa:1a: f1:f5:b5:2e:b1:2f:10:c2:93:5f:35:d5:ea:1b:63:29:9c:4b: 67:dd:cf:e9:4d:ca:b8:9f:37:b2:b5:3d:b9:d1:e8:7e:b2:d3: c1:e8:8b:da:0e:71:d2:aa:ae:35:f6:20:e1:06:40:31:fe:e8: 83:51:b5:59:7b:65:5c:fa:33:15:4d:cd:82:3b:56:22:13:52: 94:19:ac:12:b0:50:bc:c2:12:37:0d:af:8c:4c:c7:ff:05:ce: 94:33:b1:14:7b:f6:f3:a4:c4:87:b0:d4:05:c3:99:40:7d:ca: 0c:d0:fa:89:73:4d:12:af:67:f3:7d:ec:7e:33:7a:2b:f2:8d: 66:c6:09:15:73:78:f1:6d:73:a6:ac:f6:41:4c:14:80:c9:f5: 36:db:c4:43:b5:2f:07:4e:60:24:d2:3a:95:a2:42:36:49:68: e7:36:73:e7:80:36:22:b1:6c:a8:3e:16:be:25:e4:64:6e:02: e7:cb:55:24:4d:ff:55:f4:6b:ee:f0:b1:7e:c3:83:2a:af:16: fb:be:b1:56 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICVKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjA2 MzNDOEU2OUVFNjg3RDRDNDEyM0QwQzA5NzlBRDE0NEU1NUVCNzAeFw0yNTA4MjMx NjAyMzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhBNzMyNEJBNTgzMEE1 NUNEQTZFQkU3QzJGNDEwRkJDODkwQTQwMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPq2CdAhYfYjzrWiu2uPcpvM1+rzzrFRywI0GvxaHWvaJRhI51 JCjJi90QVTVRcraGNdxHjFWFlr7i/ZLTj7jt9yMC7PNs0BL6JrBZpaRDM/kaOUIL l2KaJ79CeTIunozYCUUDk0pukwdpU2S8YZYrRFFbOe9Fl+xHzUxVmZkcwLcAnwui gNfaLbj2BWysQPn7EzEnZZmmKRlOUI7jhwGe6i9fElg5DpVh8ydSeqYnDMkWRlPZ 3gKxk2RGFzf2BhDgp5RqdXhio/pbQec1jVOpWxQPzEQvCUv8LKzFdzN4EMMG7fnv 6cDvtJ5Pgvlm5C03U5Hl1AssFHQLhBUDlNibAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUinMkulgwpVzabr58L0EPvIkKQAQwHwYDVR0jBBgwFoAUIGM8jmnuaH1MQSPQ wJea0UTlXrcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM4 Mi9JR004am1udWFIMU1RU1BRd0plYTBVVGxYcmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0lHTThqbW51YUgxTVFTUFF3SmVhMFVUbFhyYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzODIvSUdNOGptbnVhSDFN UVNQUXdKZWEwVVRsWHJjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAH2mWoURCqGnFnZooZJIxDvVmgbg28nnhpiEJYbBLjXhK85jt29j55c2hq5g CKO8ZFt80b6qGvH1tS6xLxDCk1811eobYymcS2fdz+lNyrifN7K1PbnR6H6y08Ho i9oOcdKqrjX2IOEGQDH+6INRtVl7ZVz6MxVNzYI7ViITUpQZrBKwULzCEjcNr4xM x/8FzpQzsRR79vOkxIew1AXDmUB9ygzQ+olzTRKvZ/N97H4zeivyjWbGCRVzePFt c6as9kFMFIDJ9TbbxEO1LwdOYCTSOpWiQjZJaOc2c+eANiKxbKg+Fr4l5GRuAufL VSRN/1X0a+7wsX7DgyqvFvu+sVY= -----END CERTIFICATE-----Generated at Sat Aug 23 20:41:42 2025 by rpki-client