$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft File: XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft (raw, json) Hash identifier: UTBMHLAUptVJcoME497BJlb8eRQctinm2+uXofGJgcA= Subject key identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 1F22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft Manifest number: 1F18 Signing time: Fri 04 Jul 2025 05:16:39 +0000 Manifest this update: Fri 04 Jul 2025 05:16:39 +0000 Manifest next update: Fri 04 Jul 2025 11:16:39 +0000 Files and hashes: 1: 6vSxA0diVCR8XMmvW-nu2EPxVx4.roa (hash: JVPAyeOrMTMc4c6qkPIL4jxz1GwHHYoSVQr8/TXy3C8=) 2: DxfIjbOOEwQlrzFpYd7_pZyLomY.roa (hash: H+2wDltBpsljHYGjKXHuiv3/rnGdiCmtbvwrJ+M6pEw=) 3: XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl (hash: CQRJQI1mgfpQ+c85eltok5LMEPIFBYvp/jcC43G1iz4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 11:16:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7970 (0x1f22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: Jul 4 05:16:39 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=287752BEC0FDA7B793BFEC2A92AF3F53F95AC430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f8:ef:96:ea:9c:43:2a:bf:98:64:05:ae:64: 1e:c6:6c:65:ad:d5:f8:e3:52:f4:94:f2:1a:da:83: 0a:2c:1d:b9:60:41:ff:38:8d:68:a3:92:ba:1b:a0: d0:9e:35:9c:66:1b:94:26:ad:7d:c6:77:03:d7:50: a9:7b:ce:83:b7:b6:d9:19:69:5d:3e:48:90:b0:e9: fc:cb:fd:94:5d:70:d7:dd:c6:4c:0b:0d:2d:59:d3: 4a:0e:c4:fa:00:47:0f:97:93:3b:4d:7b:31:f5:70: b4:f8:59:f1:84:fb:65:10:5b:2f:c4:cd:55:94:84: b6:a2:ae:3f:95:ab:66:3f:3e:77:c3:38:91:d8:ab: 00:c4:cf:73:33:7e:e4:47:16:f9:f2:ad:07:61:f3: 20:20:17:33:02:07:4a:fb:d5:cc:3c:e4:d9:ec:ca: 3c:0d:e0:30:da:fc:a2:26:e2:8d:bb:5e:61:5a:5b: c8:e3:56:9e:73:0a:72:a6:9d:f8:18:8b:f8:f7:92: 94:5a:54:98:53:56:bc:a9:81:4d:56:db:12:ae:19: 3d:11:1e:7d:b3:fb:70:08:9e:26:60:74:26:f2:72: 4a:cc:47:bc:f0:93:07:91:cf:f8:69:fe:ec:f7:3d: 09:64:0a:69:49:2e:98:94:b2:cc:72:e9:b4:62:a9: 93:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:77:52:BE:C0:FD:A7:B7:93:BF:EC:2A:92:AF:3F:53:F9:5A:C4:30 X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:73:85:4a:49:b0:17:1f:dd:86:3a:1b:84:85:63:07:af:3b: e4:a2:fd:ba:3e:d8:97:4b:55:3a:f4:de:db:7c:55:d7:2a:ab: 6f:81:4b:1a:58:ef:74:0e:95:95:07:75:75:ef:e6:26:51:fc: cc:94:ec:fb:9d:45:57:9c:62:08:21:5e:c8:7c:7a:4e:23:47: 44:d5:69:c2:fe:ea:bf:04:5d:83:46:a1:39:09:78:a7:1c:73: 51:8d:4a:66:98:b6:56:52:65:2f:61:c5:1e:ef:0f:1d:55:b8: e6:4d:aa:aa:53:cd:5d:b9:95:1d:d6:41:70:12:87:9e:64:5f: 1f:a5:08:90:8b:49:dc:45:3a:48:0c:ca:3b:74:12:84:c2:4b: 60:30:c5:04:54:ca:78:73:ff:4d:22:23:54:2f:90:0a:74:47: ec:ea:3d:bc:0f:65:12:3f:23:7a:16:38:7c:4d:87:30:fc:e7: 74:f9:f8:34:85:ad:ac:35:f5:cf:05:be:25:e2:5d:00:f5:3c: d9:36:1b:78:89:6b:74:db:c3:ed:b2:d5:2e:7b:a9:0f:01:9c: 68:52:aa:ae:0d:3b:88:e3:d1:3f:14:2b:8f:a6:d9:31:14:62: b1:1a:15:33:10:5c:8a:ce:55:79:07:d7:d0:92:e2:bd:1f:4c: da:1b:76:a2 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICHyIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNTA3MDQw NTE2MzlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI4Nzc1MkJFQzBGREE3 Qjc5M0JGRUMyQTkyQUYzRjUzRjk1QUM0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6+O+W6pxDKr+YZAWuZB7GbGWt1fjjUvSU8hragwosHblgQf84 jWijkroboNCeNZxmG5QmrX3GdwPXUKl7zoO3ttkZaV0+SJCw6fzL/ZRdcNfdxkwL DS1Z00oOxPoARw+XkztNezH1cLT4WfGE+2UQWy/EzVWUhLairj+Vq2Y/PnfDOJHY qwDEz3MzfuRHFvnyrQdh8yAgFzMCB0r71cw85NnsyjwN4DDa/KIm4o27XmFaW8jj Vp5zCnKmnfgYi/j3kpRaVJhTVrypgU1W2xKuGT0RHn2z+3AIniZgdCbyckrMR7zw kweRz/hp/uz3PQlkCmlJLpiUssxy6bRiqZN3AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUKHdSvsD9p7eTv+wqkq8/U/laxDAwHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvWGFDbDdNSVlMYkFP dUZ4aU1UMVh1V3RfMW80Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAF1zhUpJsBcf3YY6G4SFYwevO+Si/bo+2JdLVTr03tt8Vdcqq2+BSxpY73QO lZUHdXXv5iZR/MyU7PudRVecYgghXsh8ek4jR0TVacL+6r8EXYNGoTkJeKccc1GN SmaYtlZSZS9hxR7vDx1VuOZNqqpTzV25lR3WQXASh55kXx+lCJCLSdxFOkgMyjt0 EoTCS2AwxQRUynhz/00iI1QvkAp0R+zqPbwPZRI/I3oWOHxNhzD853T5+DSFraw1 9c8FviXiXQD1PNk2G3iJa3Tbw+2y1S57qQ8BnGhSqq4NO4jj0T8UK4+m2TEUYrEa FTMQXIrOVXkH19CS4r0fTNobdqI= -----END CERTIFICATE-----Generated at Fri Jul 4 11:15:21 2025 by rpki-client