$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft (raw, json) Hash identifier: jf7YydzstkzNGX0zoBmTHHWfX6/oOH+i7ulyR1tefZQ= Subject key identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 1E34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft Manifest number: 1E2A Signing time: Sat 17 May 2025 03:12:09 +0000 Manifest this update: Sat 17 May 2025 03:12:09 +0000 Manifest next update: Sat 17 May 2025 09:12:09 +0000 Files and hashes: 1: 6vSxA0diVCR8XMmvW-nu2EPxVx4.roa (hash: JVPAyeOrMTMc4c6qkPIL4jxz1GwHHYoSVQr8/TXy3C8=) 2: DxfIjbOOEwQlrzFpYd7_pZyLomY.roa (hash: H+2wDltBpsljHYGjKXHuiv3/rnGdiCmtbvwrJ+M6pEw=) 3: XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl (hash: fHXWWwJCCOpdJG/lI/XGj7CPVTMRWCiV4bSNb+U2kk4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 06:09:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7732 (0x1e34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: May 17 03:12:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=287752BEC0FDA7B793BFEC2A92AF3F53F95AC430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f8:ef:96:ea:9c:43:2a:bf:98:64:05:ae:64: 1e:c6:6c:65:ad:d5:f8:e3:52:f4:94:f2:1a:da:83: 0a:2c:1d:b9:60:41:ff:38:8d:68:a3:92:ba:1b:a0: d0:9e:35:9c:66:1b:94:26:ad:7d:c6:77:03:d7:50: a9:7b:ce:83:b7:b6:d9:19:69:5d:3e:48:90:b0:e9: fc:cb:fd:94:5d:70:d7:dd:c6:4c:0b:0d:2d:59:d3: 4a:0e:c4:fa:00:47:0f:97:93:3b:4d:7b:31:f5:70: b4:f8:59:f1:84:fb:65:10:5b:2f:c4:cd:55:94:84: b6:a2:ae:3f:95:ab:66:3f:3e:77:c3:38:91:d8:ab: 00:c4:cf:73:33:7e:e4:47:16:f9:f2:ad:07:61:f3: 20:20:17:33:02:07:4a:fb:d5:cc:3c:e4:d9:ec:ca: 3c:0d:e0:30:da:fc:a2:26:e2:8d:bb:5e:61:5a:5b: c8:e3:56:9e:73:0a:72:a6:9d:f8:18:8b:f8:f7:92: 94:5a:54:98:53:56:bc:a9:81:4d:56:db:12:ae:19: 3d:11:1e:7d:b3:fb:70:08:9e:26:60:74:26:f2:72: 4a:cc:47:bc:f0:93:07:91:cf:f8:69:fe:ec:f7:3d: 09:64:0a:69:49:2e:98:94:b2:cc:72:e9:b4:62:a9: 93:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:53:4f:6f:a8:f7:34:6d:a1:77:21:d0:87:11:10:39:00:32: 68:09:0a:e6:e1:ed:0a:82:6f:cb:3d:fd:b5:0a:e7:48:4e:fe: f0:a6:2a:0a:6a:84:97:4b:3d:99:b2:a4:a4:68:19:0a:68:81: 4d:19:f4:be:c2:74:9f:d8:02:42:9b:f9:26:8a:5d:fa:5f:a8: ef:01:bc:81:f4:c5:18:e2:06:aa:3a:77:1f:70:f1:6c:c5:35: 43:2c:6c:79:e4:20:9e:8a:ab:9e:e6:13:aa:b5:fa:90:eb:a9: 1f:db:da:9e:b9:f2:63:f0:61:e6:f4:ec:6b:9a:46:03:7f:c6: 59:8e:3f:00:99:6f:f0:4e:62:01:0c:95:93:cd:01:20:c3:cd: 4f:e8:99:96:7a:f1:7e:39:79:4a:87:20:57:ad:48:a4:97:1f: c4:a5:5d:4d:c2:e0:aa:4e:96:2f:f0:55:14:db:8c:46:2a:32: 03:73:7a:0e:63:4e:59:b6:f3:d4:58:65:19:10:64:50:a9:ca: 12:e2:25:13:d3:97:06:b0:48:d2:98:87:bb:ae:e2:2e:2d:1d: d9:0e:1d:75:2e:04:b5:9f:76:d7:e8:07:27:dc:49:31:95:54: 51:97:41:e0:a3:d4:82:36:32:74:03:27:39:b7:3f:2f:79:b3: 9f:d2:76:2c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNTA1MTcw MzEyMDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI4Nzc1MkJFQzBGREE3 Qjc5M0JGRUMyQTkyQUYzRjUzRjk1QUM0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6+O+W6pxDKr+YZAWuZB7GbGWt1fjjUvSU8hragwosHblgQf84 jWijkroboNCeNZxmG5QmrX3GdwPXUKl7zoO3ttkZaV0+SJCw6fzL/ZRdcNfdxkwL DS1Z00oOxPoARw+XkztNezH1cLT4WfGE+2UQWy/EzVWUhLairj+Vq2Y/PnfDOJHY qwDEz3MzfuRHFvnyrQdh8yAgFzMCB0r71cw85NnsyjwN4DDa/KIm4o27XmFaW8jj Vp5zCnKmnfgYi/j3kpRaVJhTVrypgU1W2xKuGT0RHn2z+3AIniZgdCbyckrMR7zw kweRz/hp/uz3PQlkCmlJLpiUssxy6bRiqZN3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKHdSvsD9p7eTv+wqkq8/U/laxDAwHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvWGFDbDdNSVlMYkFP dUZ4aU1UMVh1V3RfMW80Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAHJTT2+o9zRtoXch0IcREDkAMmgJCubh7QqCb8s9/bUK50hO/vCmKgpqhJdL PZmypKRoGQpogU0Z9L7CdJ/YAkKb+SaKXfpfqO8BvIH0xRjiBqo6dx9w8WzFNUMs bHnkIJ6Kq57mE6q1+pDrqR/b2p658mPwYeb07GuaRgN/xlmOPwCZb/BOYgEMlZPN ASDDzU/omZZ68X45eUqHIFetSKSXH8SlXU3C4KpOli/wVRTbjEYqMgNzeg5jTlm2 89RYZRkQZFCpyhLiJRPTlwawSNKYh7uu4i4tHdkOHXUuBLWfdtfoByfcSTGVVFGX QeCj1II2MnQDJzm3Py95s5/Sdiw= -----END CERTIFICATE-----Generated at Sat May 17 05:43:28 2025 by rpki-client