$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.mft File: 6CKHu1b6yOZ1Or3jaztqk5y1mlM.mft (raw, json) Hash identifier: 0fhW/xm1h8/H/0AU5Z6OUorDOKv23YMdU+AuOgh+Ads= Subject key identifier: 95:04:C6:72:57:F7:D1:E8:BD:CA:CE:86:67:6A:E2:6E:D0:1C:E8:D0 Authority key identifier: E8:22:87:BB:56:FA:C8:E6:75:3A:BD:E3:6B:3B:6A:93:9C:B5:9A:53 Certificate issuer: /CN=E82287BB56FAC8E6753ABDE36B3B6A939CB59A53 Certificate serial: 20B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.mft Manifest number: 20AB Signing time: Fri 04 Jul 2025 05:15:06 +0000 Manifest this update: Fri 04 Jul 2025 05:15:06 +0000 Manifest next update: Fri 04 Jul 2025 11:15:06 +0000 Files and hashes: 1: 6CKHu1b6yOZ1Or3jaztqk5y1mlM.crl (hash: wG3wIr5vlNUjkQMjGmrmiuZlcgq4cSqDdqGj0zy7Ecw=) 2: S2bjNQej-REqHgT0YrR_t7OF0FY.roa (hash: JxMODKuWSwr6iH8TL8EdeU0qcY/yfLIHP/GxfzV8PUw=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 11:15:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8369 (0x20b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E82287BB56FAC8E6753ABDE36B3B6A939CB59A53 Validity Not Before: Jul 4 05:15:06 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9504C67257F7D1E8BDCACE86676AE26ED01CE8D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a3:c2:38:5d:ef:6d:62:88:61:35:41:9f:07: 3c:dd:f7:29:98:e8:22:b1:85:65:c7:87:ef:98:d6: 59:a4:a2:d1:21:11:87:29:f4:f8:94:fe:f5:63:c9: ba:43:50:68:2d:ea:38:3d:15:9d:a2:52:09:7d:50: a2:d4:89:9a:f5:42:a9:d0:6d:7a:3d:eb:89:cb:b9: 27:4e:c8:3e:2b:31:d3:e0:d8:94:68:29:ec:45:e9: e3:26:33:6b:4b:14:c2:4e:81:27:e4:60:ea:24:23: bb:40:cc:6d:b5:fa:cd:db:53:06:64:ae:92:40:04: 6f:68:c3:58:f5:be:50:a4:af:63:e7:97:ea:60:34: 10:e3:36:45:10:98:a2:d0:08:6c:d5:e7:1c:2d:b3: 77:d0:40:6e:e8:91:2a:c4:f8:71:ae:21:f4:39:25: 2a:91:f2:18:31:7c:04:cf:5a:19:09:50:6d:50:22: 9b:9d:d5:93:01:74:a3:51:c8:90:00:2d:87:9f:0c: 66:34:c8:33:bf:6c:1f:a6:fd:4e:fb:29:9c:7c:26: 9b:80:71:75:05:a8:ea:90:ce:fb:32:37:f2:16:34: b0:aa:db:2a:a7:a9:ab:f5:6c:a4:10:4f:80:45:1b: 64:e3:8b:78:18:0d:03:ba:58:e2:cc:be:b7:c6:42: e1:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:04:C6:72:57:F7:D1:E8:BD:CA:CE:86:67:6A:E2:6E:D0:1C:E8:D0 X509v3 Authority Key Identifier: keyid:E8:22:87:BB:56:FA:C8:E6:75:3A:BD:E3:6B:3B:6A:93:9C:B5:9A:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:ef:ad:9e:78:71:f3:b8:65:c8:d1:06:6a:a3:d7:8d:fe:cb: fb:85:58:b2:08:e4:5a:53:56:36:e1:cd:43:7f:74:9a:2d:2d: ad:cc:0f:59:74:60:43:85:d0:80:e4:d7:63:45:46:96:17:41: 0d:e5:96:fb:70:66:21:d3:a5:cf:0a:64:82:e1:01:5a:0d:b2: 77:27:f2:71:c7:96:a1:b5:c0:31:2b:44:77:94:2e:0c:e9:75: d3:ca:0c:77:9d:9e:d7:4b:ca:c8:5b:e5:ec:f8:29:8e:0b:df: 33:9d:af:cd:ed:ee:ff:0e:6a:1c:2c:04:6d:db:70:bf:87:56: 0c:d5:0c:22:fe:b3:99:50:3d:ed:e6:69:c3:fb:e3:1e:b4:7c: 3c:aa:37:5f:d6:f7:36:bd:df:5b:0f:17:13:3f:73:12:dd:90: 21:51:73:cd:91:95:6b:c2:4e:ab:64:5d:32:7e:40:78:d6:4e: 47:7a:13:24:13:a6:c9:e8:f6:db:45:82:54:b4:90:0d:6d:1a: ca:95:a7:cc:a6:3c:e7:18:d0:09:a2:49:c7:8a:c6:d6:2d:80: d6:7d:db:f3:07:52:4e:63:7d:43:ba:37:a5:aa:71:60:4c:4c: 1b:a2:e9:1a:bb:ac:a7:7d:e4:db:d6:91:78:9a:65:0a:35:1e: 21:99:a6:68 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICILEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTgy Mjg3QkI1NkZBQzhFNjc1M0FCREUzNkIzQjZBOTM5Q0I1OUE1MzAeFw0yNTA3MDQw NTE1MDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk1MDRDNjcyNTdGN0Qx RThCRENBQ0U4NjY3NkFFMjZFRDAxQ0U4RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWo8I4Xe9tYohhNUGfBzzd9ymY6CKxhWXHh++Y1lmkotEhEYcp 9PiU/vVjybpDUGgt6jg9FZ2iUgl9UKLUiZr1QqnQbXo964nLuSdOyD4rMdPg2JRo KexF6eMmM2tLFMJOgSfkYOokI7tAzG21+s3bUwZkrpJABG9ow1j1vlCkr2Pnl+pg NBDjNkUQmKLQCGzV5xwts3fQQG7okSrE+HGuIfQ5JSqR8hgxfATPWhkJUG1QIpud 1ZMBdKNRyJAALYefDGY0yDO/bB+m/U77KZx8JpuAcXUFqOqQzvsyN/IWNLCq2yqn qav1bKQQT4BFG2Tji3gYDQO6WOLMvrfGQuF1AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUlQTGclf30ei9ys6GZ2ribtAc6NAwHwYDVR0jBBgwFoAU6CKHu1b6yOZ1Or3j aztqk5y1mlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjI5 MS82Q0tIdTFiNnlPWjFPcjNqYXp0cWs1eTFtbE0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzZDS0h1MWI2eU9aMU9yM2phenRxazV5MW1sTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIyOTEvNkNLSHUxYjZ5T1ox T3IzamF6dHFrNXkxbWxNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBALvvrZ54cfO4ZcjRBmqj143+y/uFWLII5FpTVjbhzUN/dJotLa3MD1l0YEOF 0IDk12NFRpYXQQ3llvtwZiHTpc8KZILhAVoNsncn8nHHlqG1wDErRHeULgzpddPK DHedntdLyshb5ez4KY4L3zOdr83t7v8OahwsBG3bcL+HVgzVDCL+s5lQPe3macP7 4x60fDyqN1/W9za931sPFxM/cxLdkCFRc82RlWvCTqtkXTJ+QHjWTkd6EyQTpsno 9ttFglS0kA1tGsqVp8ymPOcY0AmiSceKxtYtgNZ92/MHUk5jfUO6N6WqcWBMTBui 6Rq7rKd95NvWkXiaZQo1HiGZpmg= -----END CERTIFICATE-----Generated at Fri Jul 4 10:48:37 2025 by rpki-client